© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
Hi all,
The root cause of why we need to enable 6080 in OAM firewall is novncproxy using hostNetwork.
in deployment-
In iptables, we can see oam:30680 go to 192.168.204.3:6080 without forward. then it will be filtered if we do not enable 6080 port in oam firewall.
So, there are 2 solutions.
1) No need to expose 30680 node port, just need enable 6080 in oam firewall and connect to oam:6080 directly.
2) Submit a patch for openstack-helm to set hostNetwork to false. Then it will forward to cluster network instead of host network, then it can work as we expected before.
I already verified both solutions
Any comment?
Thanks!
Zhipeng