Bug 1223022
| Summary: | Ceilometer API port not allowed in firewall rules on undercloud | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Marius Cornea <mcornea> | ||||
| Component: | instack-undercloud | Assignee: | James Slagle <jslagle> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Marius Cornea <mcornea> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 7.0 (Kilo) | CC: | dmacpher, kmorey, mburns, rhel-osp-director-maint | ||||
| Target Milestone: | y1 | Keywords: | Triaged, ZStream | ||||
| Target Release: | 7.0 (Kilo) | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | instack-undercloud-2.1.2-24.el7ost | Doc Type: | Bug Fix | ||||
| Doc Text: |
A missing firewall rule restricted access to the Ceilometer API. This fix adds the firewall rule. Users now have access to the Ceilometer API.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2015-10-08 12:08:46 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
[stack@instack ~]$ rpm -qa | grep instack-undercloud instack-undercloud-2.1.2-25.el7ost.noarch [stack@instack ~]$ sudo iptables -nL | grep 8777 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8777 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2015:1862 |
Created attachment 1027287 [details] iptables output Description of problem: The Ceilometer API port (8777) is not allowed in firewall rules deployed on the undercloud node. Version-Release number of selected component (if applicable): RHEL 7.1 openstack-tripleo-puppet-elements-0.0.1-dev63.el7.centos.noarch tripleo-common-0.0.0-post4.el7.centos.noarch openstack-tripleo-image-elements-0.9.5-post1.el7.centos.noarch openstack-tripleo-0.0.6-dev1717.el7.centos.noarch openstack-tripleo-heat-templates-0.8.6-dev5.el7.centos.noarch How reproducible: 100% Steps to Reproduce: 1. Install according to the docs in virtual environment. 2. sudo iptables -nL 3. Actual results: None of the rules matche tcp port 8777 Expected results: Connection to tcp port 8777 are allowed. Additional info: Output of iptables -nL attached.