Cockpit port open by default after adding host
Hey, we use cockpit on Node Next, and we configure firewalld to open the port by default. However, after adding the host to Engine, the port is getting closed again because iptables is the used. How do you recommend to get the cockpit port opened by default? - fabian
Fabian, When ovirtnode is installed firewall should not be configured. Please see InstallVdsInternalCommand#installHost(): case oVirtNode: log.warn( "Installation of Host {} will ignore Firewall Override option, since it is not supported for Host type {}", getVds().getName(), getVds().getVdsType().name() ); It looks like it could be a bug that we attempt to reconfigure firewall when we should not. Thanks, Piotr On Mon, Feb 29, 2016 at 2:05 PM, Fabian Deutsch <fdeutsch@redhat.com> wrote:
Hey,
we use cockpit on Node Next, and we configure firewalld to open the port by default.
However, after adding the host to Engine, the port is getting closed again because iptables is the used. How do you recommend to get the cockpit port opened by default?
- fabian _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Mon, Feb 29, 2016 at 2:19 PM, Piotr Kliczewski <piotr.kliczewski@gmail.com> wrote:
Fabian,
When ovirtnode is installed firewall should not be configured. Please see InstallVdsInternalCommand#installHost():
case oVirtNode: log.warn( "Installation of Host {} will ignore Firewall Override option, since it is not supported for Host type {}", getVds().getName(), getVds().getVdsType().name() );
It looks like it could be a bug that we attempt to reconfigure firewall when we should not.
Please note that the Node Next images do not identify themselfs as Node, they look like regular CentOS to Engine/host-deploy - and it should configure the host as it would configure a normal CentOS. But still - how can we ask host-deploy/engine to open a specific port during deployment? - fabian
Thanks, Piotr
On Mon, Feb 29, 2016 at 2:05 PM, Fabian Deutsch <fdeutsch@redhat.com> wrote:
Hey,
we use cockpit on Node Next, and we configure firewalld to open the port by default.
However, after adding the host to Engine, the port is getting closed again because iptables is the used. How do you recommend to get the cockpit port opened by default?
- fabian _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
-- Fabian Deutsch <fdeutsch@redhat.com> RHEV Hypervisor Red Hat
On Mon, Feb 29, 2016 at 2:43 PM, Fabian Deutsch <fdeutsch@redhat.com> wrote:
On Mon, Feb 29, 2016 at 2:19 PM, Piotr Kliczewski <piotr.kliczewski@gmail.com> wrote:
Fabian,
When ovirtnode is installed firewall should not be configured. Please see InstallVdsInternalCommand#installHost():
case oVirtNode: log.warn( "Installation of Host {} will ignore Firewall Override option, since it is not supported for Host type {}", getVds().getName(), getVds().getVdsType().name() );
It looks like it could be a bug that we attempt to reconfigure firewall when we should not.
Please note that the Node Next images do not identify themselfs as Node, they look like regular CentOS to Engine/host-deploy - and it should configure the host as it would configure a normal CentOS.
But still - how can we ask host-deploy/engine to open a specific port during deployment?
I think this [1] BZ will give you info how to customize it. [1] https://bugzilla.redhat.com/1111513
- fabian
Thanks, Piotr
On Mon, Feb 29, 2016 at 2:05 PM, Fabian Deutsch <fdeutsch@redhat.com> wrote:
Hey,
we use cockpit on Node Next, and we configure firewalld to open the port by default.
However, after adding the host to Engine, the port is getting closed again because iptables is the used. How do you recommend to get the cockpit port opened by default?
- fabian _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
-- Fabian Deutsch <fdeutsch@redhat.com> RHEV Hypervisor Red Hat
On Mon, Feb 29, 2016 at 2:56 PM, Piotr Kliczewski <piotr.kliczewski@gmail.com> wrote:
On Mon, Feb 29, 2016 at 2:43 PM, Fabian Deutsch <fdeutsch@redhat.com> wrote:
On Mon, Feb 29, 2016 at 2:19 PM, Piotr Kliczewski <piotr.kliczewski@gmail.com> wrote:
Fabian,
When ovirtnode is installed firewall should not be configured. Please see InstallVdsInternalCommand#installHost():
case oVirtNode: log.warn( "Installation of Host {} will ignore Firewall Override option, since it is not supported for Host type {}", getVds().getName(), getVds().getVdsType().name() );
It looks like it could be a bug that we attempt to reconfigure firewall when we should not.
Please note that the Node Next images do not identify themselfs as Node, they look like regular CentOS to Engine/host-deploy - and it should configure the host as it would configure a normal CentOS.
But still - how can we ask host-deploy/engine to open a specific port during deployment?
I think this [1] BZ will give you info how to customize it.
Thanks Piotr. I don't see a way with this feature how we can declarative open the cockpit port by default on Node. The idea is that we run some command during build or drop a file during image bbuild to open the cockpit port by default. We do this right now and it works for firewalld. But as host-deploy is disabling firewalld this is not effective anymore. So we need a way to get host-deploy to open this port when it starts to manage a host. - fabian
participants (2)
-
Fabian Deutsch -
Piotr Kliczewski