----- Original Message ----- > Hi, Hi Sven,
> > no, this is _no_ all in one installation, as was clearly stated in my > first messsage. > I do not try to run VMs on the management node. > > Maybe I should rearrange my question: > > What is the recommended way of adding additional iptables rules on the > management node? We need to make sure our additional rules do not get > overwritten by ovirt. You stated initially that: "The issue we are running into is, that some ovirt component keeps resetting the iptables firewall configuration" How do you know it's oVirt's fault? >From what I know, the only this in oVirt that touches the firewall rules on the management node is the installation script which you run initially. > > Can you just append rules to /etc/sysconfig/iptables > or does this file get overwritten under any circumstances from this > "vdsm bootstrap script" or any other ovirt related component? The bootstrap is happening on a host that you add to the system, it doesn't touch the firewall on the management node at all. Regards, Mike > > Thanks > > Sven > > > > > On 02/10/13 09:14, Yedidyah Bar David wrote: > > Hi, > > > > ----- Original Message ----- > >> From: "Sven Kieske" <[email protected]> > >> To: "oVirt Users ML" <[email protected]> > >> Sent: Wednesday, October 2, 2013 9:58:43 AM > >> Subject: Re: [Users] iptables settings/scripts ovirt 3.3 > >> > >> Hi, > >> > >> thanks for your answer on list, Russ. > >> But I still don't know which mechanism(s?) do(es) > >> change firewall settings on the oVirt Management Node? > > > > Do you have on the management node also VDSM? The allinone plugin? > > Is that intended? You need it if you want to run VMs on it. VDSM > > manages networking on nodes (hypervisors), which includes the management > > node if you have chosen so during setup. > > > > Regards, > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
