Bug 978699 - [Docs] [RFE] Networking diagram explaining required ports for RHEV
Summary: [Docs] [RFE] Networking diagram explaining required ports for RHEV
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation
Version: 3.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
: 3.3.0
Assignee: Jodi Biddle
QA Contact: ecs-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-06-27 05:10 UTC by Cheryn Tan
Modified: 2014-11-09 22:29 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-04-11 05:01:36 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
rhev 3 ports pic (110.60 KB, image/png)
2013-07-29 03:30 UTC, Tim Hildred 		no flags Details
View All

Description Cheryn Tan 2013-06-27 05:10:10 UTC 
The Installation Guide currently contains a list of required ports [1] for the Manager, hosts, database etc. It would be helpful to have a diagram like the one here [2] illustrating how the components communicate with each other, and through which ports. 

The diagram can be placed in either in the Install Guide or in the Tech Ref Guide (or both)

[1] https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html-single/Installation_Guide/index.html#sect-Firewall_Configuration
[2] https://access.redhat.com/site/solutions/17634
Comment 1 Tim Hildred 2013-07-29 03:30:48 UTC 
Created attachment 779584 [details]
rhev 3 ports pic
Comment 2 Tim Hildred 2013-07-29 03:40:13 UTC 
Raising RT3 ticket(RT#241787) to have that image brought on brand in line with other diagrams in our documentation. 

Hey Bryan, will you work with me to update this image for RHEV 3.3?
Comment 3 Tim Hildred 2013-08-01 03:28:43 UTC 
https://svn.devel.redhat.com/repos/ecs/artwork/images/241787/241787-RHEVM-network-ports.png

Dan cleverly left numbered callouts rather than specific ports on the diagram, which makes it easier to update if required.
Comment 4 Bryan Yount 2013-08-09 23:26:24 UTC 
(In reply to Tim Hildred from comment #2)
> Hey Bryan, will you work with me to update this image for RHEV 3.3?

I will do my best. We may want to involve someone who's a bit more familiar with the underlying code because some components have changed over time. But, the best thing to start with is the default firewall on the hosts which I have included below:


[root@rhev1 ~]# cat /etc/sysconfig/iptables

# oVirt default firewall configuration. Automatically generated by vdsm bootstrap script.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -i lo -j ACCEPT
# vdsm
-A INPUT -p tcp --dport 54321 -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
# snmp
-A INPUT -p udp --dport 161 -j ACCEPT

# libvirt tls
-A INPUT -p tcp --dport 16514 -j ACCEPT

# guest consoles
-A INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT

# migration
-A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT

# Reject any other input traffic
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited
COMMIT
Comment 5 Tim Hildred 2013-10-28 00:05:50 UTC 
Reassigning to Jodi Biddle (jbiddle) as I am no longer working on Red Hat Enterprise Virtualization documentation.
Comment 6 Zac Dover 2013-12-09 05:28:21 UTC 
Pushing to 3.4.
Note You need to log in before you can comment on or make changes to this bug.