[ovirt-users] How to notify cluster nodes after "engine-config --set IPTablesConfigSiteCustom..." ?

Yedidyah Bar David didi at redhat.com
Wed Nov 23 11:23:43 UTC 2016


On Wed, Nov 23, 2016 at 12:51 PM,  <aleksey.maksimov at it-kb.ru> wrote:
> Hi Didi!
>
> https://www.mail-archive.com/users@ovirt.org/msg37193.html
>
> "Move to maintenance and reinstall" to add the iptables rules ?
>
> Are you serious?
>
> There is no other way (without reinstalling the hosts) ?

AFAIK, using ovirt-host-deploy, no.

I am not aware of an engine API or vdsm verb to do this, but these are
not my main area of expertise.

As I wrote there, you can also do this manually.

The oVirt engine is not a replacement for configuration management
systems. If you have complex needs, might as well uncheck this
checkbox and use other means.

Best,

>
> 23.11.2016, 13:07, "Yedidyah Bar David" <didi at redhat.com>:
>> On Wed, Nov 23, 2016 at 12:02 PM, <aleksey.maksimov at it-kb.ru> wrote:
>>>  Hmm. I just rebooted the host, but the iptables rules have not been updated :(
>>>
>>>  On Engine server my custom iptables rules are visible:
>>>
>>>  # engine-config --get IPTablesConfigSiteCustom
>>>
>>>  IPTablesConfigSiteCustom:
>>>  -A INPUT -p tcp --dport 2301 -j ACCEPT -m comment --comment 'HPE System Management Homepage'
>>>  -A INPUT -p tcp --dport 2381 -j ACCEPT -m comment --comment 'HPE System Management Homepage (Secure port)'
>>>   version: general
>>>
>>>  How to update the configuration on the hosts ?
>>>
>>>  23.11.2016, 11:30, "aleksey.maksimov at it-kb.ru" <aleksey.maksimov at it-kb.ru>:
>>>>  Hello oVirt guru`s !
>>>>
>>>>  oVirt Engine Version: 4.0.5.5-1.el7.centos
>>>>
>>>>  I updated the configuration of the firewall on the Engine server with "engine-config --set IPTablesConfigSiteCustom...".
>>>>  How to notify cluster nodes (all virtualization hosts) about the changes without reboot?
>>
>> Please check the other thread here "[ovirt-users] Hook to add firewall
>> rules". Thanks.
>>
>>>  _______________________________________________
>>>  Users mailing list
>>>  Users at ovirt.org
>>>  http://lists.ovirt.org/mailman/listinfo/users
>>
>> --
>> Didi



-- 
Didi



More information about the Users mailing list