Bug 2120709
Summary: | Use firewall role to configure firewall for SQL Server | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Sergei Petrosian <spetrosi> | |
Component: | ansible-collection-microsoft-sql | Assignee: | Sergei Petrosian <spetrosi> | |
Status: | CLOSED ERRATA | QA Contact: | Daniel Yeisley <dyeisley> | |
Severity: | unspecified | Docs Contact: | Alexandra Nikandrova <anikandr> | |
Priority: | unspecified | |||
Version: | 9.1 | CC: | gfialova, lmanasko | |
Target Milestone: | rc | Keywords: | Triaged | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | ansible-collection-microsoft-sql-1.2.3-1.el9 | Doc Type: | Enhancement | |
Doc Text: |
The RN description for this BZ is covered as part of BZ#2066337.
link: https://bugzilla.redhat.com/show_bug.cgi?id=2066337
|
Story Points: | --- | |
Clone Of: | ||||
: | 2120714 (view as bug list) | Environment: | ||
Last Closed: | 2022-11-15 10:29:27 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 2120714, 2129334 | |||
Deadline: | 2022-08-29 |
Description
Sergei Petrosian
2022-08-23 15:06:58 UTC
I installed two systems with RHEL-9.1.0-20220830.1 and started the firewall service. I added port 6776 required by the restraint harness. [root@isvqe-01 ~]# firewall-cmd --list-ports 6776/tcp The following ansible-collection rpm is installed. [root@isvqe-01 Certification]# rpm -qa | grep ansible-collection ansible-collection-microsoft-sql-1.2.3-1.el9.noarch The is the yml I used. [root@isvqe-01 Certification]# cat site-ha.yml --- - hosts: all vars: ha_cluster_enable_repos: no mssql_version: 2019 mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true mssql_accept_microsoft_sql_server_standard_eula: true mssql_password: redhat123! mssql_edition: Developer mssql_enable_sql_agent: true mssql_install_fts: true mssql_ha_configure: true mssql_manage_firewall: true mssql_ha_listener_port: 5022 mssql_ha_cert_name: mssql_cert mssql_ha_master_key_password: "redhat123!" mssql_ha_private_key_password: "redhat123!" mssql_ha_reset_cert: false mssql_ha_endpoint_name: hadr_endpoint mssql_ha_ag_name: ag1 mssql_ha_db_names: - ds2 mssql_ha_login: hacluster mssql_ha_login_password: "redhat123!" mssql_ha_hacluster_password: "redhat123!" mssql_ha_cluster_run_role: true mssql_ha_virtual_ip: 192.168.100.201 ha_cluster_cluster_name: isvqe-cluster ha_cluster_hacluster_password: "redhat123!" ha_cluster_cluster_properties: - attrs: - name: cluster-recheck-interval value: 2min - name: start-failure-is-fatal value: true - name: stonith-enabled value: false ha_cluster_resource_primitives: - id: mydummy agent: ocf:pacemaker:Dummy - id: ag_cluster agent: ocf:mssql:ag instance_attrs: - attrs: - name: ag_name value: "ag1" meta_attrs: - attrs: - name: failure-timeout value: 80s - id: virtualip agent: ocf:heartbeat:IPaddr2 instance_attrs: - attrs: - name: ip value: 192.168.100.201 operations: - action: monitor attrs: - name: interval value: 30s ha_cluster_resource_clones: - resource_id: ag_cluster promotable: yes meta_attrs: - attrs: - name: notify value: true ha_cluster_constraints_colocation: - resource_leader: id: ag_cluster-clone role: Promoted resource_follower: id: virtualip options: - name: score value: INFINITY ha_cluster_constraints_order: - resource_first: id: ag_cluster-clone action: promote resource_then: id: virtualip action: start roles: - role: microsoft.sql.server I executed my script which created a 2-node cluster using the ansible roles and then executed my test harness against it. I saw no issues and the sql server port was added to the firewall. [root@isvqe-01 Certification]# firewall-cmd --list-ports 1229/tcp 1433/tcp 5022/tcp 6776/tcp FEDORA-2022-c8843968db has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ansible-collection-microsoft-sql bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:8154 |