[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Ovirt-devel] [PATCH]: Open up port 49152 on the managed node



    Make sure to open up the 49152 port on the managed nodes.  This is to support
    live migration through libvirt.  The basic situation is that libvirtd is
    currently single-threaded, and the migrate command we are using is
    synchronous, so it is never the case that we can have more than 1 live
    migration happening at a time.  In the future, it might be possible that
    libvirtd will become multi-threaded, at which time we will have to address
    this differently.  However, also in the future, for secure live migration, we
    are going to want to proxy the migration stuff via the libvirt channel.  Either
    way we are going to need to change in the future; this is good enough for now.
    
    Signed-off-by: Chris Lalancette <clalance redhat com>

diff --git a/ovirt-host-creator/common-post.ks b/ovirt-host-creator/common-post.ks
index 4daf264..37e2f43 100644
--- a/ovirt-host-creator/common-post.ks
+++ b/ovirt-host-creator/common-post.ks
@@ -29,6 +29,7 @@ cat > /etc/sysconfig/iptables << \EOF
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p tcp --dport 16509 -j ACCEPT
 -A INPUT -p tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp --dport 49152 -j ACCEPT
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
 -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 COMMIT


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]