Red Hat Bugzilla – Bug 1303037
Last modified: 2016-11-03 20:01:10 EDT
Tested resource agent from upstream and verified that it's working on RHEL7.
The easiest example would be to simply block one of the ports for a service:
# pcs resource create VIP IPaddr2 ip=192.168.122.122
# pcs resource create pb ocf:heartbeat:portblock protocol=tcp portno=3306 action=block ip=192.168.122.122
# pcs resource create NFS nfsserver
# pcs resource group add NFS-group VIP pb NFS
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere HOSTNAME multiport dports mysql
I'm using a MySQL port in this example to avoid NFS failing.
Tested and working patch: https://github.com/ClusterLabs/resource-agents/pull/845
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.