Bug 1393487
Summary: | Manila port is not open in firewall when deploying the Manila API service on a different role than controller | ||
---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Marius Cornea <mcornea> |
Component: | openstack-tripleo-heat-templates | Assignee: | Tom Barron <tbarron> |
Status: | CLOSED ERRATA | QA Contact: | Dustin Schoenbrun <dschoenb> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 10.0 (Newton) | CC: | dbecker, dmacpher, jschluet, mburns, morazi, pgrist, rhel-osp-director-maint, scohen, tbarron |
Target Milestone: | rc | Keywords: | Triaged |
Target Release: | 10.0 (Newton) | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | openstack-tripleo-heat-templates-5.0.0-1.7.el7ost | Doc Type: | Bug Fix |
Doc Text: |
OpenStack Platform director did not update firewall when deploying OpenStack File Share API (manila-api). If you moved the manila-api service off controllers to its own role, the default firewall rules blocked the endpoints. This fix updates the manila-api firewall rules in the overcloud Heat template collection. You can now reach the endpoints even when manila-api is on a role separate from the controller nodes.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-12-14 16:31:17 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marius Cornea
2016-11-09 16:28:23 UTC
I tested this against the 2016-11-19.4 puddle and was able to modify the /usr/share/openstack-tripleo-heat-templates/roles_data.yaml file to move the Manila API service from the default location of the controller nodes to the compute nodes and then deploy my overcloud as such. At the end of the deployment I was able to call the Manila API successfully, verify that the correct iptables rules were set on the compute node, and that the service was started successfully on the compute node. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2948.html |