Bug 1223992 - update OSD/MDS firewall port list
Summary: update OSD/MDS firewall port list
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Documentation
Version: 1.2.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 1.3.0
Assignee: John Wilkins
QA Contact: ceph-qe-bugs
URL:
Whiteboard:
: 1219493 1219818 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-05-21 22:50 UTC by Ken Dreyer (Red Hat)
Modified: 2015-10-05 22:55 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-10-05 22:55:20 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Ceph Project Bug Tracker 11688 0 None None None Never

Description Ken Dreyer (Red Hat) 2015-05-21 22:50:34 UTC 
The documentation recommendeds opening a number of ports that is unique to the number of daemons that we ran.

This doesn't really cover all use cases. Users can easily restart daemons in ways that cause the daemons to bind to higher ports. This leads to OSDs or MDSs binding to ports that are firewalled. See bz 1219818 and bz 1219493 for examples.

The recommendation for firewall ports on OSDs should simply be "open all of TCP 6800-7300".

The change that I'm proposing upstream for this is https://github.com/ceph/ceph/pull/4740 , and there should be an equivalent change in the downstream docs.
Comment 2 Ken Dreyer (Red Hat) 2015-05-22 14:16:52 UTC 
*** Bug 1219818 has been marked as a duplicate of this bug. ***
Comment 3 Ken Dreyer (Red Hat) 2015-05-22 14:17:21 UTC 
*** Bug 1219493 has been marked as a duplicate of this bug. ***
Comment 5 kiran raje urs J 2015-05-28 10:31:48 UTC 
Hi Ken,

Can you move the status to ON_QA, if this is going to be part of 1.3.0 documentaiton, so that QE can verify it.

Regards,
Kiran raje urs J
Comment 7 Hemanth Kumar 2015-06-02 07:21:41 UTC 
Verified..

The changes have been documented..
Note You need to log in before you can comment on or make changes to this bug.