Bug 1018948
Summary: | Cannot access Host with sshd alternative port after deployment. | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Amador Pahim <asegundo> | ||||
Component: | ovirt-engine | Assignee: | Alon Bar-Lev <alonbl> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Tareq Alayan <talayan> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 3.3.0 | CC: | acathrow, alonbl, bazulay, dougsland, eedri, iheim, lpeer, pstehlik, Rhev-m-bugs, srevivo, yeylon | ||||
Target Milestone: | --- | Keywords: | Triaged | ||||
Target Release: | 3.3.0 | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | infra | ||||||
Fixed In Version: | is21 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | Type: | Bug | |||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1020228, 1032811 | ||||||
Attachments: |
|
Description
Amador Pahim
2013-10-14 18:53:00 UTC
Up until now I thought that people that change the default ssh port know what they are doing, and address dynamic firewall configuration when supporting firewalld. But you are right it should be addressed. Shai Revivo 2013-10-25 15:58:49 EDT Severity: medium → high Why high? this is not common scenario at all. Because if a customer would like to use it he can't ... even if not common. other than that i would like this fix to be verified instead of closed upstream, this is the main reason for pushing it to high. (In reply to Alon Bar-Lev from comment #3) > Shai Revivo 2013-10-25 15:58:49 EDT > Severity: medium → high > > Why high? this is not common scenario at all. Tareq Alayan 2013-10-30 08:20:46 EDT Status: ON_QA → ASSIGNED Verified: FailedQA Without logs or analysis, it is not failing. tested on rhevm-3.3.0-0.28.beta1.el6ev.noarch - Changed default port to 22222 - Allow port on iptables - ssh host -p 22222 -lroot -- works - added host to engine via port 22222 -- works - try to ssh host via port 22222 didn't work note that is20.1 contains : ovirt-host-deploy-1.1.1-1.el6ev.noarch engine logs, host-deploy logs, content of /etc/sysconfig/iptables, events from /var/log/messages, /var/log/secure. "didn't work" accepted only from end-users. Created attachment 817461 [details]
logs
i think that the fix is not in is20.1 is20.1 contains : ovirt-host-deploy-1.1.1-1.el6ev.noarch Looking at: talayan-vdc02.scl.lab.tlv.redhat.com PGPASSWORD=2923jdpY psql -U engine -d engine -h localhost -c "select * from vdc_options where option_name='IPTablesConfig'" Produces output that does not match[1]. The database script[2] does not match[1]. So the robot is wrong: --- rhev-integ 2013-10-24 14:21:29 EDT Status: MODIFIED → ON_QA Fixed In Version: is20 --- This will be included in is21 I guess. [1] http://gerrit.ovirt.org/20309 [2] /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql Verified. tested on rhevm-3.3.0-0.30.beta1.el6ev.noarch - Changed default port to 22222 - Allow port on iptables - ssh host -p 22222 -lroot -- works - added host to engine via port 22222 -- works - try to ssh host via port 22222 -- works Closing - RHEV 3.3 Released Closing - RHEV 3.3 Released Closing - RHEV 3.3 Released |