[Engine-devel] Gluster IPTable configuration
Alon Bar-Lev
alonbl at redhat.com
Mon Sep 3 21:09:34 UTC 2012
----- Original Message -----
> From: "Andrew Cathrow" <acathrow at redhat.com>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: engine-devel at ovirt.org, "Shireesh Anjal" <sanjal at redhat.com>, "Mike Burns" <mburns at redhat.com>
> Sent: Monday, September 3, 2012 11:57:57 PM
> Subject: Re: [Engine-devel] Gluster IPTable configuration
<snip>
> Right now we just overwrite the existing iptables configuration with
> our own, so if a user already added a rule to their host - eg. for a
> monitoring agent the we stomp over it.
> Adding our rules as a custom chain means that we don't need to
Here I lost you... :)
I thought ovirt-engine is the master and ovirt-hypervisor is a slave.
This derives that all management activities of slave is done by master...
There should be no setting at slave that master is not aware of.
This also enables you to duplicate hipervisor, recover configuration or push mass configuration change.
In your above case, this rule for monitoring agent may be added at master repository and pushed to slaves belongs to specific group, just like the gluster case.
The template mechanism is what enable you to create a custom configuration per environment.
Using push and not re-integrate derives much simpler and deterministic implementation.
But maybe I did not understand some of the fundamental concepts of the architecture.
Regards,
Alon.
More information about the Devel
mailing list