[ovirt-users] How to notify cluster nodes after "engine-config --set IPTablesConfigSiteCustom..." ?

aleksey.maksimov at it-kb.ru aleksey.maksimov at it-kb.ru
Wed Nov 23 11:54:55 UTC 2016


"As I wrote there, you can also do this manually"

How?

23.11.2016, 14:23, "Yedidyah Bar David" <didi at redhat.com>:
> On Wed, Nov 23, 2016 at 12:51 PM, <aleksey.maksimov at it-kb.ru> wrote:
>>  Hi Didi!
>>
>>  https://www.mail-archive.com/users@ovirt.org/msg37193.html
>>
>>  "Move to maintenance and reinstall" to add the iptables rules ?
>>
>>  Are you serious?
>>
>>  There is no other way (without reinstalling the hosts) ?
>
> AFAIK, using ovirt-host-deploy, no.
>
> I am not aware of an engine API or vdsm verb to do this, but these are
> not my main area of expertise.
>
> As I wrote there, you can also do this manually.
>
> The oVirt engine is not a replacement for configuration management
> systems. If you have complex needs, might as well uncheck this
> checkbox and use other means.
>
> Best,
>
>>  23.11.2016, 13:07, "Yedidyah Bar David" <didi at redhat.com>:
>>>  On Wed, Nov 23, 2016 at 12:02 PM, <aleksey.maksimov at it-kb.ru> wrote:
>>>>   Hmm. I just rebooted the host, but the iptables rules have not been updated :(
>>>>
>>>>   On Engine server my custom iptables rules are visible:
>>>>
>>>>   # engine-config --get IPTablesConfigSiteCustom
>>>>
>>>>   IPTablesConfigSiteCustom:
>>>>   -A INPUT -p tcp --dport 2301 -j ACCEPT -m comment --comment 'HPE System Management Homepage'
>>>>   -A INPUT -p tcp --dport 2381 -j ACCEPT -m comment --comment 'HPE System Management Homepage (Secure port)'
>>>>    version: general
>>>>
>>>>   How to update the configuration on the hosts ?
>>>>
>>>>   23.11.2016, 11:30, "aleksey.maksimov at it-kb.ru" <aleksey.maksimov at it-kb.ru>:
>>>>>   Hello oVirt guru`s !
>>>>>
>>>>>   oVirt Engine Version: 4.0.5.5-1.el7.centos
>>>>>
>>>>>   I updated the configuration of the firewall on the Engine server with "engine-config --set IPTablesConfigSiteCustom...".
>>>>>   How to notify cluster nodes (all virtualization hosts) about the changes without reboot?
>>>
>>>  Please check the other thread here "[ovirt-users] Hook to add firewall
>>>  rules". Thanks.
>>>
>>>>   _______________________________________________
>>>>   Users mailing list
>>>>   Users at ovirt.org
>>>>   http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>  --
>>>  Didi
>
> --
> Didi



More information about the Users mailing list