Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
This project is now read‑only. Starting Monday, February 2, please use https://ibm-ceph.atlassian.net/ for all bug tracking management.

Bug 1223992

Summary: update OSD/MDS firewall port list
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Ken Dreyer (Red Hat) <kdreyer>
Component: DocumentationAssignee: John Wilkins <jowilkin>
Status: CLOSED CURRENTRELEASE QA Contact: ceph-qe-bugs <ceph-qe-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.2.3CC: flucifre, hyelloji, kdreyer, kurs, ngoswami, smanjara
Target Milestone: rc   
Target Release: 1.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-10-05 22:55:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ken Dreyer (Red Hat) 2015-05-21 22:50:34 UTC 
The documentation recommendeds opening a number of ports that is unique to the number of daemons that we ran.

This doesn't really cover all use cases. Users can easily restart daemons in ways that cause the daemons to bind to higher ports. This leads to OSDs or MDSs binding to ports that are firewalled. See bz 1219818 and bz 1219493 for examples.

The recommendation for firewall ports on OSDs should simply be "open all of TCP 6800-7300".

The change that I'm proposing upstream for this is https://github.com/ceph/ceph/pull/4740 , and there should be an equivalent change in the downstream docs.
Comment 2 Ken Dreyer (Red Hat) 2015-05-22 14:16:52 UTC 
*** Bug 1219818 has been marked as a duplicate of this bug. ***
Comment 3 Ken Dreyer (Red Hat) 2015-05-22 14:17:21 UTC 
*** Bug 1219493 has been marked as a duplicate of this bug. ***
Comment 5 kiran raje urs J 2015-05-28 10:31:48 UTC 
Hi Ken,

Can you move the status to ON_QA, if this is going to be part of 1.3.0 documentaiton, so that QE can verify it.

Regards,
Kiran raje urs J
Comment 7 Hemanth Kumar 2015-06-02 07:21:41 UTC 
Verified..

The changes have been documented..