HA deployments with ManageFirewall: True broken
Bug #1594470 reported by
Ben Nemec
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Unassigned | ||
Liberty |
Fix Released
|
High
|
Ben Nemec | ||
Mitaka |
Fix Released
|
High
|
Ben Nemec |
Bug Description
Due to some missing pacemaker port openings, it is currently impossible to deploy with HA and ManageFirewall: True. The deploy hangs on the first overcloud services deployment step. Patches are already submitted to address this: https:/
That series (probably minus turning the firewall on by default, which would not be eligible for backport IMO) will also need backports to Mitaka and Liberty.
no longer affects: | tripleo/newton |
Changed in tripleo: | |
milestone: | none → newton-2 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/330249 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=a4c9e1b9f64 544e5be971481e2 df205dc6f7634b
Committed: https:/
Submitter: Jenkins
Branch: master
commit a4c9e1b9f64544e 5be971481e2df20 5dc6f7634b
Author: Ben Nemec <email address hidden>
Date: Wed Jun 15 17:25:18 2016 -0500
Allow pacemaker ports in firewall
This is required to allow ha deployments with ManageFirewall: True
These are the ports documented in [1].
1: https:/ /access. redhat. com/documentati on/en-US/ Red_Hat_ Enterprise_ Linux/6/ html-single/ Configuring_ the_Red_ Hat_High_ Availability_ Add-On_ with_Pacemaker/ index.html# s1-firewalls- HAAR
Change-Id: I446cc0ed863df1 5e28fa8ec1f5e2a 06c5c03af8c
Closes-Bug: 1594470