Re: [ovirt-users] iptables management
----- Original Message -----
From: "Chris Adams" <cma(a)cmadams.net>
To: users(a)ovirt.org
Sent: Monday, November 17, 2014 11:22:42 PM
Subject: Re: [ovirt-users] iptables management
Once upon a time, Alon Bar-Lev <alonbl(a)redhat.com> said:
> I guess you mean engine setup, right?
Yes, that and hosted-engine --deploy.
hosted-engine --deploy does not touch iptables of the engine VM.
engine-setup inside that VM does that.
hosted-engine --deploy does two other things:
1. It changes iptables to let you access the engine VM console (spice/vnc)
2. Later, when it adds itself as a host to the engine, it tells the engine
to configure iptables for itself as a host (just as is the default when adding
hosts through the gui). We have an open bug [1] to make that configurable.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1080823
> Each time you run engine-setup you will be prompt if you want to override
> iptables settings.
> If you choose to override, the current settings will be backed up and you
> can diff and re-apply your own.
> If you choose to keep your settings, setup will write the iptables rules
> into own location and you can diff and apply the changes manually.
Okay, so that's the only time iptables are changed? That makes sense,
and I can work with that. Thanks.
--
Chris Adams <cma(a)cmadams.net>
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
Didi