Bug 1064056 - Foreman Heat ports not opened in a foreman based Nova network install
Summary: Foreman Heat ports not opened in a foreman based Nova network install
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-foreman-installer
Version: 4.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: z4
: 4.0
Assignee: Jiri Stransky
QA Contact: Amit Ugol
URL:
Whiteboard:
Depends On:
Blocks: 1040649
TreeView+ depends on / blocked
 
Reported: 2014-02-11 22:07 UTC by Steve Reichard
Modified: 2022-07-09 06:41 UTC (History)
10 users (show)

Fixed In Version: openstack-foreman-installer-1.0.6-1.el6ost
Doc Type: Bug Fix
Doc Text:
Cause: Heat API ports were not opened on the controller by default. Consequence: Heat APIs were only accessible locally from the controller, not from other nodes. Fix: Opened Heat ports on the controller. Result: Heat APIs are accessible from other nodes.
Clone Of:
Environment:
Last Closed: 2014-05-29 20:31:05 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker OSP-16444 0 None None None 2022-07-09 06:41:32 UTC
Red Hat Product Errata RHSA-2014:0517 0 normal SHIPPED_LIVE Moderate: openstack-foreman-installer security, bug fix, and enhancement update 2014-05-30 00:26:29 UTC

Description Steve Reichard 2014-02-11 22:07:32 UTC 
Description of problem:


When David Kranz ran some testing again my Foreman deployed nova networking configuration, he noticed that he could not access HEAT.  He identified that 
the iptables did not open the proper heat ports.


Version-Release number of selected component (if applicable):

[root@rhos-foreman ~]#  yum list installed | grep -e foreman -e puppet
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
foreman.noarch                    1.3.0.2-1.el6sat   @rhel-x86_64-server-6-ost-4
foreman-installer.noarch          1:1.3.0-1.el6sat   @rhel-x86_64-server-6-ost-4
foreman-mysql.noarch              1.3.0.2-1.el6sat   @rhel-x86_64-server-6-ost-4
foreman-mysql2.noarch             1.3.0.2-1.el6sat   @rhel-x86_64-server-6-ost-4
foreman-proxy.noarch              1.3.0-3.el6sat     @rhel-x86_64-server-6-ost-4
foreman-selinux.noarch            1.3.0-1.el6sat     @rhel-x86_64-server-6-ost-4
openstack-foreman-installer.noarch
packstack-modules-puppet.noarch   2013.2.1-0.22.dev956.el6ost
puppet.noarch                     3.2.4-3.el6_5      @rhel-x86_64-server-6-ost-4
puppet-server.noarch              3.2.4-3.el6_5      @rhel-x86_64-server-6-ost-4
ruby193-rubygem-foreman_openstack_simplify.noarch
rubygem-foreman_api.noarch        0.1.6-1.el6sat     @rhel-x86_64-server-6-ost-4
[root@rhos-foreman ~]# 




How reproducible:

When the prots were adjusted, then puppet reset, it again did not include.  Assume vary repeatable


Steps to Reproduce:
1. Foreman install a nove-networking config
2. heat stack-list
3. open port 8004 - may want to open the other heat protocol ports
4  heat stack-list (should work)

Actual results:


Expected results:


Additional info:
Comment 2 Alvaro Lopez Ortega 2014-02-25 17:31:35 UTC 
Unless I'm missing something, this is actually a Foreman bug.
Comment 3 Jiri Stransky 2014-03-27 15:45:45 UTC 
Pull request:

https://github.com/redhat-openstack/astapor/pull/147

Opens ports on the controller node for Heat:

8000 for opehstack-heat-api-cfn
8003 for opehstack-heat-api-cloudwatch
8004 for openstack-heat-api
Comment 8 Amit Ugol 2014-04-24 07:48:11 UTC 
Verified, port 8004 is open for business OOB
Comment 11 errata-xmlrpc 2014-05-29 20:31:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0517.html
Note You need to log in before you can comment on or make changes to this bug.