[Users] web admin portal not reachable after reboot
Hello, tried to simulate some maintenance operations and restart the f18 server where I installed the engine, version 3.2.0-1.20130113.gitc954518 I'm unable to connect to it after shutdown -r now The engine seems started correctly Even after systemctl restart ovirt-engine.service I'm not able to connect via web I can see this in httpd logs: [Tue Jan 15 13:38:08.512923 2013] [mpm_prefork:notice] [pid 1132] AH00170: caught SIGWINCH, shutting down gracefully [Tue Jan 15 13:38:50.950219 2013] [core:notice] [pid 1097] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Tue Jan 15 13:38:51.014967 2013] [suexec:notice] [pid 1097] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Jan 15 13:38:52.000997 2013] [ssl:notice] [pid 1097] AH01886: SSL FIPS mode disabled [Tue Jan 15 13:38:52.146753 2013] [auth_digest:notice] [pid 1097] AH01757: generating secret for digest authentication ... [Tue Jan 15 13:38:53.000950 2013] [lbmethod_heartbeat:notice] [pid 1097] AH02282: No slotmem from mod_heartmonitor [Tue Jan 15 13:38:53.001039 2013] [ssl:notice] [pid 1097] AH01886: SSL FIPS mode disabled [Tue Jan 15 13:38:53.012520 2013] [mpm_prefork:notice] [pid 1097] AH00163: Apache/2.4.3 (Fedora) OpenSSL/1.0.1c-fips configured -- resuming normal operations [Tue Jan 15 13:38:53.012539 2013] [core:notice] [pid 1097] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' # getenforce Permissive # systemctl status httpd.service httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled) Active: active (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago Main PID: 1097 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: name=systemd:/system/httpd.service ├ 1097 /usr/sbin/httpd -DFOREGROUND ├ 1267 /usr/sbin/httpd -DFOREGROUND ├ 1268 /usr/sbin/httpd -DFOREGROUND ├ 1269 /usr/sbin/httpd -DFOREGROUND ├ 1270 /usr/sbin/httpd -DFOREGROUND └ 1271 /usr/sbin/httpd -DFOREGROUND Jan 15 13:38:53 f18engine.ceda.polimi.it systemd[1]: Started The Apache HTTP Server. # systemctl status ovirt-engine.service ovirt-engine.service - oVirt Engine Loaded: loaded (/usr/lib/systemd/system/ovirt-engine.service; enabled) Active: active (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago Process: 1233 ExecStart=/usr/bin/engine-service start (code=exited, status=0/SUCCESS) Main PID: 1274 (java) CGroup: name=systemd:/system/ovirt-engine.service └ 1274 engine-service -server -XX:+TieredCompilation -Xms1g -Xmx1g -XX:PermSize=256m -XX:MaxPermSize=256m -D... Jan 15 13:38:51 f18engine systemd[1]: Starting oVirt Engine... Jan 15 13:38:53 f18engine engine-service[1233]: Started engine process 1274. Jan 15 13:38:53 f18engine engine-service[1233]: Starting engine-service: [ OK ] Jan 15 13:38:53 f18engine systemd[1]: Started oVirt Engine. On browser I get after trying server is taking to much to answer... Before shutdown it was ok....
------=_Part_6325422_1330700309.1358256137411 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable ----- Original Message -----
Hello, tried to simulate some maintenance operations and restart the f18 server where I installed the engine, version 3.2.0-1.20130113.gitc954518
I'm unable to connect to it after shutdown -r now
The engine seems started correctly
Even after
systemctl restart ovirt-engine.service I'm not able to connect via web I can see this in httpd logs:
[Tue Jan 15 13:38:08.512923 2013] [mpm_prefork:notice] [pid 1132] AH00170: caught SIGWINCH, shutting down gracefully [Tue Jan 15 13:38:50.950219 2013] [core:notice] [pid 1097] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Tue Jan 15 13:38:51.014967 2013] [suexec:notice] [pid 1097] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Tue Jan 15 13:38:52.000997 2013] [ssl:notice] [pid 1097] AH01886: SSL FIPS mode disabled [Tue Jan 15 13:38:52.146753 2013] [auth_digest:notice] [pid 1097] AH01757: generating secret for digest authentication ... [Tue Jan 15 13:38:53.000950 2013] [lbmethod_heartbeat:notice] [pid 1097] AH02282: No slotmem from mod_heartmonitor [Tue Jan 15 13:38:53.001039 2013] [ssl:notice] [pid 1097] AH01886: SSL FIPS mode disabled [Tue Jan 15 13:38:53.012520 2013] [mpm_prefork:notice] [pid 1097] AH00163: Apache/2.4.3 (Fedora) OpenSSL/1.0.1c-fips configured -- resuming normal operations [Tue Jan 15 13:38:53.012539 2013] [core:notice] [pid 1097] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
# getenforce Permissive
# systemctl status httpd.service httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled) Active: active (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago Main PID: 1097 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: name=3Dsystemd:/system/httpd.service =E2=94=9C 1097 /usr/sbin/httpd -DFOREGROUND =E2=94=9C 1267 /usr/sbin/httpd -DFOREGROUND =E2=94=9C 1268 /usr/sbin/httpd -DFOREGROUND =E2=94=9C 1269 /usr/sbin/httpd -DFOREGROUND =E2=94=9C 1270 /usr/sbin/httpd -DFOREGROUND =E2=94=94 1271 /usr/sbin/httpd -DFOREGROUND
Jan 15 13:38:53 f18engine.ceda.polimi.it systemd[1]: Started The Apache HTTP Server.
# systemctl status ovirt-engine.service ovirt-engine.service - oVirt Engine Loaded: loaded (/usr/lib/systemd/system/ovirt-engine.service; enabled) Active: active (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago Process: 1233 ExecStart=3D/usr/bin/engine-service start (code=3Dexited, status=3D0/SUCCESS) Main PID: 1274 (java) CGroup: name=3Dsystemd:/system/ovirt-engine.service =E2=94=94 1274 engine-service -server -XX:+TieredCompilation -Xms1g -Xmx1= g -XX:PermSize=3D256m -XX:MaxPermSize=3D256m -D...
Jan 15 13:38:51 f18engine systemd[1]: Starting oVirt Engine... Jan 15 13:38:53 f18engine engine-service[1233]: Started engine process 1274. Jan 15 13:38:53 f18engine engine-service[1233]: Starting engine-service: [ OK ] Jan 15 13:38:53 f18engine systemd[1]: Started oVirt Engine.
On browser I get after trying server is taking to much to answer...
Before shutdown it was ok....
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
<div>httpd.service - The Apache HTTP Server</div><div><span class=3D"" sty= le=3D"white-space:pre">=09</span> Loaded: loaded (/usr/lib/systemd/sy= stem/httpd.service; enabled)</div> <div><span class=3D"" style=3D"white-space:pre">=09</span> Active: ac= tive (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago</div><div><span= class=3D"" style=3D"white-space:pre">=09</span>Main PID: 1097 (httpd)</div= <div><span class=3D"" style=3D"white-space:pre">=09</span> Status: "= Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec= "</div> <div><span class=3D"" style=3D"white-space:pre">=09</span> CGroup: na= me=3Dsystemd:/system/httpd.service</div><div><span class=3D"" style=3D"whit= e-space:pre">=09=09</span> =E2=94=9C 1097 /usr/sbin/httpd -DFOREGROUN= D</div><div><span class=3D"" style=3D"white-space:pre">=09=09</span> = =E2=94=9C 1267 /usr/sbin/httpd -DFOREGROUND</div> <div><span class=3D"" style=3D"white-space:pre">=09=09</span> =E2=94= =9C 1268 /usr/sbin/httpd -DFOREGROUND</div><div><span class=3D"" style=3D"w= hite-space:pre">=09=09</span> =E2=94=9C 1269 /usr/sbin/httpd -DFOREGR= OUND</div><div><span class=3D"" style=3D"white-space:pre">=09=09</span> &nb= sp;=E2=94=9C 1270 /usr/sbin/httpd -DFOREGROUND</div> <div><span class=3D"" style=3D"white-space:pre">=09=09</span> =E2=94= =94 1271 /usr/sbin/httpd -DFOREGROUND</div><div><br></div><div>Jan 15 13:38= :53 <a href=3D"http://f18engine.ceda.polimi.it" target=3D"_blank">f18engine= .ceda.polimi.it</a> systemd[1]: Started The Apache HTTP Server.</div> </div><div><br></div><div><div># systemctl status ovirt-engine.service</div= <div>ovirt-engine.service - oVirt Engine</div><div><span class=3D"" style= =3D"white-space:pre">=09</span> Loaded: loaded (/usr/lib/systemd/syst= em/ovirt-engine.service; enabled)</div> <div><span class=3D"" style=3D"white-space:pre">=09</span> Active: ac= tive (running) since Tue, 2013-01-15 13:38:53 CET; 9min ago</div><div><span= class=3D"" style=3D"white-space:pre">=09</span> Process: 1233 ExecStart=3D= /usr/bin/engine-service start (code=3Dexited, status=3D0/SUCCESS)</div> <div><span class=3D"" style=3D"white-space:pre">=09</span>Main PID: 1274 (j= ava)</div><div><span class=3D"" style=3D"white-space:pre">=09</span> = CGroup: name=3Dsystemd:/system/ovirt-engine.service</div><div><span class= =3D"" style=3D"white-space:pre">=09=09</span> =E2=94=94 1274 engine-s= ervice -server -XX:+TieredCompilation -Xms1g -Xmx1g -XX:PermSize=3D256m -XX= :MaxPermSize=3D256m -D...</div> <div><br></div><div>Jan 15 13:38:51 f18engine systemd[1]: Starting oVirt En= gine...</div><div>Jan 15 13:38:53 f18engine engine-service[1233]: Started e= ngine process 1274.</div><div>Jan 15 13:38:53 f18engine engine-service[1233= ]: Starting engine-service: [ OK ]</div> <div>Jan 15 13:38:53 f18engine systemd[1]: Started oVirt Engine.</div></div= <div><br></div><div style=3D"">On browser I get after trying </div><d= iv style=3D"">server is taking to much to answer...</div><div style=3D""><b= r></div><div style=3D""> Before shutdown it was ok....</div><div style=3D""><br></div><div><br></div= </div> <br>_______________________________________________<br>Users mailing list<b= r>Users@ovirt.org<br>http://lists.ovirt.org/mailman/listinfo/users<br></blo= ckquote><br><div>iptables?</div><div>Y.</div><div><br></div></div></body></=
iptables?=20 Y.=20 ------=_Part_6325422_1330700309.1358256137411 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head><style type=3D'text/css'>p { margin: 0; }</style></head><body><= div style=3D'font-family: times new roman,new york,times,serif; font-size: = 12pt; color: #000000'><hr id=3D"zwchr"><blockquote style=3D"border-left:2px= solid rgb(16, 16, 255);margin-left:5px;padding-left:5px;color:#000;font-we= ight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Ar= ial,sans-serif;font-size:12pt;"><div dir=3D"ltr"><div><br></div>Hello,<div>= tried to simulate some maintenance operations and restart the f18 server wh= ere I installed the engine, version</div><div>3.2.0-1.20130113.gitc954518</= div><div><br></div><div>I'm unable to connect to it after </div> <div>shutdown -r now</div><div><br></div><div style=3D"">The engine seems s= tarted correctly</div><div style=3D""><br></div><div style=3D"">Even after&= nbsp;</div><div style=3D""><br></div><div style=3D"">systemctl restart ovir= t-engine.service </div><div style=3D""> I'm not able to connect via web</div><div>I can see this in httpd logs:<br>= <div><br></div><div><div>[Tue Jan 15 13:38:08.512923 2013] [mpm_prefork:not= ice] [pid 1132] AH00170: caught SIGWINCH, shutting down gracefully</div> <div>[Tue Jan 15 13:38:50.950219 2013] [core:notice] [pid 1097] SELinux pol= icy enabled; httpd running as context system_u:system_r:httpd_t:s0</div><di= v>[Tue Jan 15 13:38:51.014967 2013] [suexec:notice] [pid 1097] AH01232: suE= XEC mechanism enabled (wrapper: /usr/sbin/suexec)</div> <div>[Tue Jan 15 13:38:52.000997 2013] [ssl:notice] [pid 1097] AH01886: SSL= FIPS mode disabled</div><div>[Tue Jan 15 13:38:52.146753 2013] [auth_diges= t:notice] [pid 1097] AH01757: generating secret for digest authentication .= ..</div> <div>[Tue Jan 15 13:38:53.000950 2013] [lbmethod_heartbeat:notice] [pid 109= 7] AH02282: No slotmem from mod_heartmonitor</div><div>[Tue Jan 15 13:38:53= .001039 2013] [ssl:notice] [pid 1097] AH01886: SSL FIPS mode disabled</div> <div>[Tue Jan 15 13:38:53.012520 2013] [mpm_prefork:notice] [pid 1097] AH00= 163: Apache/2.4.3 (Fedora) OpenSSL/1.0.1c-fips configured -- resuming norma= l operations</div><div>[Tue Jan 15 13:38:53.012539 2013] [core:notice] [pid= 1097] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'</div> </div><div><br></div></div><div><div># getenforce </div><div>Permissiv= e</div></div><div><br></div><div><div># systemctl status httpd.service</div= html> ------=_Part_6325422_1330700309.1358256137411--
On Tue, Jan 15, 2013 at 2:22 PM, Yaniv Kaul wrote:
iptables?
engine was configured asking to set up / override iptables, so I thought it had to be ok. ... oVirt Engine will be installed using the following configuration: ================================================================= override-httpd-config: yes http-port: 80 https-port: 443 host-fqdn: f18engine.Xxxxt auth-pass: ******** org-name: YYYYY default-dc-type: ISCSI db-remote-install: local db-local-pass: ******** nfs-mp: /ISO config-nfs: yes override-iptables: yes Proceed with the configuration listed above? (yes|no): yes ... Configuring Firewall (iptables)... [ DONE ] ... In engine setup log file: ... 2013-01-12 15:00:38::DEBUG::engine-setup::886::root:: configuring iptables 2013-01-12 15:00:38::DEBUG::engine-setup::917::root:: # Generated by ovirt-engine installer #filtering rules *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 892 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 892 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 875 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 875 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 662 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 662 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 32803 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32769 -j ACCEPT #drop all rule -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT 2013-01-12 15:00:38::DEBUG::common_utils::699::root:: successfully copied file /etc/ovirt-engine/iptables.example to target destination /etc/sysconfig/iptables 2013-01-12 15:00:38::DEBUG::common_utils::707::root:: setting file /etc/sysconfig/iptables uid/gid ownership 2013-01-12 15:00:38::DEBUG::common_utils::710::root:: setting file /etc/sysconfig/iptables mode to -1 2013-01-12 15:00:38::DEBUG::engine-setup::932::root:: Restarting the iptables service 2013-01-12 15:00:38::DEBUG::common_utils::1208::root:: stopping iptables 2013-01-12 15:00:38::DEBUG::common_utils::1245::root:: executing action iptables on service stop 2013-01-12 15:00:38::DEBUG::common_utils::427::root:: Executing command --> '/sbin/service iptables stop' 2013-01-12 15:00:38::DEBUG::common_utils::465::root:: output = 2013-01-12 15:00:38::DEBUG::common_utils::466::root:: stderr = Redirecting to /bin/systemctl stop iptables.service 2013-01-12 15:00:38::DEBUG::common_utils::467::root:: retcode = 0 2013-01-12 15:00:38::DEBUG::common_utils::1198::root:: starting iptables 2013-01-12 15:00:38::DEBUG::common_utils::1245::root:: executing action iptables on service start 2013-01-12 15:00:38::DEBUG::common_utils::427::root:: Executing command --> '/sbin/service iptables start' 2013-01-12 15:00:38::DEBUG::common_utils::465::root:: output = 2013-01-12 15:00:38::DEBUG::common_utils::466::root:: stderr = Redirecting to /bin/systemctl start iptables.service 2013-01-12 15:00:38::DEBUG::common_utils::467::root:: retcode = 0 2013-01-12 15:00:38::DEBUG::setup_sequences::59::root:: running _startEngine ... BTW: I have a similar problem with an all-in-one f18 + ovirt nightly setup running as a VM after engine-upgrade to 3.2.0-1.20130115.git2970f58 I'm not able to reach webadmin portal from the host but only if for example I run firefox from inside the engine itself exporting DISPAY env var. What would be the config expected for an f18 engine? In my case: 1) engine standalone as physical server It seems I have firewalld enabled iptables disabled ip6tables disabled ebtables ? but setup should have enabled it from the optionschosen.... but I don't see it in logfile, while I see 2013-01-12 15:00:38::DEBUG::engine-setup::1567::root:: using chkconfig to enable engine to load on system startup. 2013-01-12 15:00:38::DEBUG::common_utils::427::root:: Executing command --> '/sbin/chkconfig ovirt-engine on' 2013-01-12 15:00:38::DEBUG::common_utils::465::root:: output = 2013-01-12 15:00:38::DEBUG::common_utils::466::root:: stderr = Note: Forwarding request to 'systemctl enable ovirt-engine.service'. ln -s '/usr/lib/systemd/system/ovirt-engine.service' '/etc/systemd/system/multi-user.target.wants/ovirt-engine.service' So could it be a bug not enabling iptables during engine-setup??? At this moment my situation: # systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: active (running) since Tue, 2013-01-15 13:38:40 CET; 1h 17min ago Main PID: 469 (firewalld) CGroup: name=systemd:/system/firewalld.service └ 469 /usr/bin/python -Es /usr/sbin/firewalld --nofork Jan 15 13:38:40 f18engine systemd[1]: Started firewalld - dynamic firewall daemon. # systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/iptables.service # systemctl status ip6tables.service ip6tables.service - IPv6 firewall with ip6tables Loaded: loaded (/usr/lib/systemd/system/ip6tables.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/ip6tables.service # systemctl status ebtables.service ebtables.service - SYSV: Ethernet Bridge filtering tables Loaded: loaded (/etc/rc.d/init.d/ebtables) Active: inactive (dead) CGroup: name=systemd:/system/ebtables.service # systemctl show ebtables.service| grep onflict Conflicts=shutdown.target ConflictedBy=firewalld.service so there is a problem between ebtables and firewalld (but perhaps this service has to run only on hypervisor and not engine?) 2) engine configured as an all-in-one in a vm [g.cecchi@f18aio ~]$ sudo systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/firewalld.service [g.cecchi@f18aio ~]$ sudo systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled) Active: active (exited) since Tue, 2013-01-15 14:42:46 CET; 18min ago Process: 31480 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS) Process: 31523 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/iptables.service Jan 15 14:42:46 f18aio.localdomain.local systemd[1]: Starting IPv4 firewall with iptables... Jan 15 14:42:46 f18aio.localdomain.local iptables.init[31523]: iptables: Applying firewall rules: WARNING: The state match is ob...tead. Jan 15 14:42:46 f18aio.localdomain.local iptables.init[31523]: [ OK ] Jan 15 14:42:46 f18aio.localdomain.local systemd[1]: Started IPv4 firewall with iptables. [g.cecchi@f18aio ~]$ sudo systemctl status ip6tables.service ip6tables.service - IPv6 firewall with ip6tables Loaded: loaded (/usr/lib/systemd/system/ip6tables.service; disabled) Active: inactive (dead) CGroup: name=systemd:/system/ip6tables.service [g.cecchi@f18aio ~]$ sudo systemctl status ebtables.service ebtables.service - SYSV: Ethernet Bridge filtering tables Loaded: loaded (/etc/rc.d/init.d/ebtables) Active: inactive (dead) CGroup: name=systemd:/system/ebtables.service Gianluca
On Tue, Jan 15, 2013 at 3:10 PM, Gianluca Cecchi wrote:
BTW: I have a similar problem with an all-in-one f18 + ovirt nightly setup running as a VM
after engine-upgrade to 3.2.0-1.20130115.git2970f58
I found this interesting thing on my All-in-one server. engine-setup ran on 18/12 12:34. Its log /var/log/ovirt-engine/engine-setup_2012_12_18_12_12_34.log contains the lines I reported above. But if now I go in /etc/sysconfig # ll iptables* -rw-------. 1 root root 770 Dec 18 13:02 iptables -rw-------. 1 root root 1449 Dec 18 13:02 iptables.20121218130224 -rw-------. 1 root root 1740 Nov 8 13:11 iptables-config So it seems it was overridden by something else. iptables.20121218130224 contains the engine directives I find in engine-setup log file Could it be that the host deploy part of AIO incorrectly replaced the engine iptables setup instead of merging with it? How could I merge them all? See current iptables (not ok for engine): https://docs.google.com/file/d/0BwoPbcrMv8mvTmR6bThxTTJOdVU/edit iptables at engine-setup time (ok): https://docs.google.com/file/d/0BwoPbcrMv8mvaEprOFB1Z3JoMzg/edit Gianluca
On Tue, Jan 15, 2013 at 4:16 PM, Gianluca Cecchi wrote:
See current iptables (not ok for engine): https://docs.google.com/file/d/0BwoPbcrMv8mvTmR6bThxTTJOdVU/edit
iptables at engine-setup time (ok): https://docs.google.com/file/d/0BwoPbcrMv8mvaEprOFB1Z3JoMzg/edit
the not working file has this in its first line, I didn't notice before # oVirt default firewall configuration. Automatically generated by vdsm bootstrap script. my merged apparently working file here: https://docs.google.com/file/d/0BwoPbcrMv8mvYmJIU3oyeFlfZ3c/edit Gianluca
participants (2)
-
Gianluca Cecchi -
Yaniv Kaul