StarlingX

  1. Bug #1851533
  2. Comment #14

Comment 14 for bug 1851533

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to stx-puppet (master)

Reviewed: https://review.opendev.org/694355
Committed: https://git.openstack.org/cgit/starlingx/stx-puppet/commit/?id=a713f9567d212142ec1d7f69c1f4d126a8d5475c
Submitter: Zuul
Branch: master

commit a713f9567d212142ec1d7f69c1f4d126a8d5475c
Author: Robert Church <email address hidden>
Date: Thu Nov 14 09:04:42 2019 -0500

    Reserve ports in the ephemeral port range

    Set ip_local_reserved_ports for keystone and tiller

    Per https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt,
    this variable will:
    - Specify the ports which are reserved for known third-party
      applications.
    - Note that ip_local_port_range and ip_local_reserved_ports settings are
      independent and both are considered by the kernel when determining
      which ports are available for automatic port assignments.

    This results in the following on controllers:

    $ cat /proc/sys/net/ipv4/ip_local_port_range
    32768 60999

    $ cat /proc/sys/net/ipv4/ip_local_reserved_ports
    35357,44134-44136

    Change-Id: I59219dc1e6b834e105be55e1e863b8f82fe50816
    Closes-Bug: #1851533
    Signed-off-by: Robert Church <email address hidden>