[Ovirt-devel] [PATCH]: Open up port 49152 on the managed node
Steve Linabery
slinabery at redhat.com
Mon Aug 11 14:29:52 UTC 2008
On Mon, Aug 11, 2008 at 03:15:54PM +0200, Chris Lalancette wrote:
> Make sure to open up the 49152 port on the managed nodes. This is to support
> live migration through libvirt. The basic situation is that libvirtd is
> currently single-threaded, and the migrate command we are using is
> synchronous, so it is never the case that we can have more than 1 live
> migration happening at a time. In the future, it might be possible that
> libvirtd will become multi-threaded, at which time we will have to address
> this differently. However, also in the future, for secure live migration, we
> are going to want to proxy the migration stuff via the libvirt channel. Either
> way we are going to need to change in the future; this is good enough for now.
>
> Signed-off-by: Chris Lalancette <clalance at redhat.com>
>
> diff --git a/ovirt-host-creator/common-post.ks b/ovirt-host-creator/common-post.ks
> index 4daf264..37e2f43 100644
> --- a/ovirt-host-creator/common-post.ks
> +++ b/ovirt-host-creator/common-post.ks
> @@ -29,6 +29,7 @@ cat > /etc/sysconfig/iptables << \EOF
> -A INPUT -i lo -j ACCEPT
> -A INPUT -p tcp --dport 16509 -j ACCEPT
> -A INPUT -p tcp --dport 22 -j ACCEPT
> +-A INPUT -p tcp --dport 49152 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
>
> _______________________________________________
> Ovirt-devel mailing list
> Ovirt-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/ovirt-devel
Although this change is trivial and probably does not require an ACK, I say ACK.
More information about the ovirt-devel
mailing list