Description of problem: When installing version 9 with packstack with one compute and one controller on 2 different machines, we get timeout error on compute node for RabbitMQ. Changing IPTABLES rules on controller (iptables -P INPUT ACCEPT) makes it work Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Use packstack for installation (controller on one phy machine and computer on another one) 2. Run iptables -S on controller 3. Check for error messages on compute node Actual results: Checking on computer node you get ERROR oslo.messaging._drivers.impl_rabbit [req-e1beb31c-9d6a-4dc2-9be4-4022f2c0e6d6 - - - - -] AMQP server on 10.35.160.29:5672 is unreachable: timed out. Expected results: The comunication between controller and compute should work Additional info: On controller the following IPTables caused the problem iptables -S -P INPUT DROP -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -p tcp -m tcp --dport 22 -m comment --comment "001 QA incoming SSH" -j ACCEPT -A INPUT -p icmp -m comment --comment "002 QA incoming ICMP" -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "003 QA incoming related session exist the host" -j ACCEPT -A INPUT -i lo -m comment --comment "004 QA incoming loopback" -j ACCEPT -A INPUT -p udp -m udp --sport 53 -m comment --comment "005 QA incoming DNS" -j ACCEPT -A INPUT -p udp -m udp --sport 123 -m comment --comment "006 QA incoming NTP" -j ACCEPT The problem was solved only when we run: iptables -P INPUT ACCEPT
Those firewall rules do not look like Packstack generated, but amqp ports are added in the packstack manifest: https://github.com/openstack/packstack/blob/stable/mitaka/packstack/plugins/amqp_002.py#L199-L212 You could provide packstack answer file for further inspection, for now I'm closing it as not reproducible.