Bug 885257 - Need port 2224 opened up for cluster suite and port tcp port 11111 removed [NEEDINFO]
Summary: Need port 2224 opened up for cluster suite and port tcp port 11111 removed
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: firewalld
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Thomas Woerner
QA Contact: Tomas Dolezal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-12-07 23:10 UTC by Chris Feist
Modified: 2017-01-20 17:33 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-13 09:34:26 UTC
Target Upstream Version:
jscotka: needinfo? (twoerner)


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1415197 0 high CLOSED pcsd ports shall be configurable to solve pacemaker/pcs inside of containers (+ occupying IANA-assigned port by default) 2021-02-22 00:41:40 UTC

Internal Links: 1415197

Description Chris Feist 2012-12-07 23:10:08 UTC
Description of problem:
Port 2224 is used for the pcsd (pacemaker/corosync configuration system daemon)

Version-Release number of selected component (if applicable):
firewalld-0.2.10-1.el7.noarch

We need this line:
  <port protocol="tcp" port="2224"/>

Added to the cluster-suite.xml to allow access on port 2224 to configure the cluster.

Let me know if you have any questions or issues.

Comment 1 Chris Feist 2012-12-13 00:50:56 UTC
We also don't need tcp port 11111 opened anymore for cluster suite.

Comment 3 Jiri Popelka 2013-02-27 13:32:12 UTC
What about the description of cluster-suite service ?
It currently says "... Ports are opened for openais, ricci and dlm. ..."
Is it OK or should it be amended too ?

Comment 4 Chris Feist 2013-02-27 20:04:44 UTC
That should definitely be amended.  It should be changed to this:
<description>This option allows you to use the Red Hat Cluster Suite. Ports are opened for corosync, pcsd and dlm. You need the Red Hat Cluster Suite installed for this option to be useful.</description>

Comment 6 David Vossel 2013-04-02 22:25:17 UTC
We need port 3121 opened as well for pacemaker_remote functionality.

<description>This option allows you to use the Red Hat Cluster Suite. Ports are opened for corosync, pcsd, pacemaker_remote, and dlm. You need the Red Hat Cluster Suite installed for this option to be useful.</description>

Comment 8 Jiri Popelka 2013-05-23 11:18:40 UTC
Looking at bug #801894, shouldn't the service be actually called high-availability (or similar) instead of cluster-suite ?

Comment 9 Jiri Popelka 2013-10-01 12:20:23 UTC
CCing reporter of bug #801894 and asking once more:

According to bug #801894 it seems the service should actually be named high-availability (Red Hat High Availability) instead of cluster-suite (Red Hat Cluster Suite). What do you think ?

Comment 12 Fabio Massimo Di Nitto 2013-10-01 16:22:32 UTC
(In reply to Jiri Popelka from comment #9)
> CCing reporter of bug #801894 and asking once more:
> 
> According to bug #801894 it seems the service should actually be named
> high-availability (Red Hat High Availability) instead of cluster-suite (Red
> Hat Cluster Suite). What do you think ?

This is correct the term RHCS or cluster suite is dead and gone. Should have gone a long time ago but old terms are hard to die ;)

Yes the new name should be RHEL-HA to follow the channel distribution name. I don't know if firewalld allows aliases or dependency tree, but my suggestion would be:

alias cluster or alias RHEL-HA -> open everything cluster related.
either cluster or RHEL-HA Requires: pcsd && corosync && dlm
pcsd -> port?
corosync -> ports same as RHEL6
dlm -> port same as RHEL6.

Hopefully I didn't miss anything :)

Otherwise a RHEL-HA single target to open them all is also fine.

Comment 16 Tomas Dolezal 2014-01-28 16:23:40 UTC
VERIFIED firewalld-0.3.9-3.el7.noarch

Comment 18 Ludek Smid 2014-06-13 09:34:26 UTC
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.


Note You need to log in before you can comment on or make changes to this bug.