[ovirt-users] Ovirt Hosted-Engine VM iptables
Yedidyah Bar David
didi at redhat.com
Mon May 29 11:26:23 UTC 2017
On Mon, May 29, 2017 at 1:14 PM, Andrew Dent <adent at ctcroydon.com.au> wrote:
> Hi
>
> I would like to add rules into the iptables of the Hosted Engine VM in
> Ovirt.
> I am wanting to monitor the Ovirt Engine using Nagios -> NRPE and I would
> like to open port 5666
>
> the version is oVirt Engine Version: 4.1.1.8-1.el7.centos
> I have tried using the normal process for iptables (iptables-save etc), but
> it seems that the file
> /etc/sysconfig/iptables
> is ignored when the Ovirt Engine VM starts.
What do you mean in "ignored"?
What's the output of 'iptables-save'?
Did you ask to configure the firewall during engine-setup?
>
> How can I add permanent iptables rules into the Engine VM?
On the engine vm (unlike hosts), the only thing that touches iptables
is engine-setup. Before doing that it asks you if you want to configure
the firewall. There aren't currently means to add your custom rules -
either you manage it all by yourself or you let engine-setup do that.
Alternatively, it's recommended to use firewalld. engine-setup can
add to firewalld the stuff it wants, and you still can add your own
stuff.
If I got you wrong and you refer to the hosts (not engine), see also:
https://www.ovirt.org/blog/2016/12/extension-iptables-rules-oVirt-hosts/
Best,
>
> Kind regards
>
>
> Andrew
>
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
--
Didi
More information about the Users
mailing list