Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 669035

Summary: MRG/M Installation/User Guide does not provide information how to set-up the RHEL firewall
Product: Red Hat Enterprise MRG Reporter: Frantisek Reznicek <freznice>
Component: Messaging_Installation_and_Configuration_GuideAssignee: Alison Young <alyoung>
Status: CLOSED CURRENTRELEASE QA Contact: Frantisek Reznicek <freznice>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.3CC: esammons, iboverma
Target Milestone: 1.3.3   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 723803 (view as bug list) Environment:
Last Closed: 2011-08-12 05:16:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 723803    

Description Frantisek Reznicek 2011-01-12 14:25:54 UTC 
Description of problem:

Neither current version of the Messaging Installation Guide nor Messaging User Guide provides basic information how to set-up RHEL firewall (iptables) to:
a] allow remote access to broker from another machine
b] openais iptables config to allow start of clustered broker

Both points have to be at least shortly discussed and may be of course linked to other RH documents.


The most important is point b], because user might not be aware that running qpidd & openais requires firewall rules modification.

Those information should go to Messaging Installation Guide doc.



Version-Release number of selected component (if applicable):
rhm-docs-0.7.946106-8

How reproducible:
100%

Steps to Reproduce:
1. grep -Ei '(firewa|iptab)' $(rpm -ql rhm-docs)

  
Actual results:
No information about firewall settings in our docs.

Expected results:
At least basic information about firewall settings in Msg IG.

Additional info:
http://www.open-sharedroot.org/faq/administrators-handbook/cluster-system-administration/ports-being-in-use-by-the-red-hat-cluster-software
http://people.redhat.com/ccaulfie/docs/CSNetworking.pdf
Comment 1 Frantisek Reznicek 2011-01-14 11:21:30 UTC 
Description of above two points (a], b]) is necessary for correct MRG/M deployment.
Not just clustering (configuration of openais/corosync), but also in case of broker federation it is necessary to allow inter-broker links (point a]) which is not working by default with default RHEL firewall (iptables) configuration.
Another example is asynchronous queue replication.
Comment 5 Frantisek Reznicek 2011-07-29 12:13:51 UTC 
I'm just fine with the content. Thank you Alison.

-> VERIFIED