Bug 1314781 - Add Cockpit port to the default ports to be opened when Engine manages the firewall
Add Cockpit port to the default ports to be opened when Engine manages the fi...
Product: ovirt-engine
Classification: oVirt
Component: BLL.Infra (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified (vote)
: ovirt-3.6.6
: 3.6.6
Assigned To: Martin Perina
Pavol Brilla
: ZStream
Depends On:
Blocks: ovirt-node-ng
  Show dependency treegraph
Reported: 2016-03-04 08:31 EST by Fabian Deutsch
Modified: 2016-05-30 06:53 EDT (History)
5 users (show)

See Also:
Fixed In Version: ovirt 4.0.0 alpha1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-05-30 06:53:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
rule-engine: ovirt‑3.6.z+
rule-engine: planning_ack+
oourfali: devel_ack+
pstehlik: testing_ack+

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 54586 master MERGED core: open Cockpit port in firewall 2016-03-15 06:37 EDT
oVirt gerrit 56323 ovirt-engine-3.6 MERGED core: open Cockpit port in firewall 2016-04-19 09:00 EDT

  None (edit)
Description Fabian Deutsch 2016-03-04 08:31:01 EST
Description of problem:
Cockpit will be the default administration interface in Node 4.0.

The cockpit port (9090/tcp) should be added to the list of default ports to be opened, when the user decides to let engine manage the firewall fo the host.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:
Comment 1 Fabian Deutsch 2016-04-18 09:53:00 EDT
We'll need this fix in 3.6.6.
Otherwise access to Cockpit will be blocked upon adding a host.
Comment 2 Oved Ourfali 2016-04-19 05:34:53 EDT
Martin - can you handle the backport?
Comment 3 Pavol Brilla 2016-05-09 04:30:59 EDT
New installed host on internal 3.6.6 build :

# iptables -nL | grep 9090
ACCEPT     tcp  --              tcp dpt:9090

Note You need to log in before you can comment on or make changes to this bug.