Assert firewall rules mysql to rejoin cluster

Adding iptables rules to permit access to TCP ports 4444 and 4567, 4568 which are presumably added by the o-r-c scripts, but are required for controllers to receive state transfers and restart. Change-Id: If3c74d6d52975d8f352a85c728317804407e914c
2014-12-16 13:36:22 -05:00 · 2014-12-16 13:36:22 -05:00 · df6ae40cbe
parent b0ee862931
commit df6ae40cbe
1 changed files with 9 additions and 0 deletions
--- a/playbooks/update_cloud.yml
+++ b/playbooks/update_cloud.yml
@ -347,6 +347,15 @@
  sudo: yes
  tasks:
    - include: activate_cinder_volumes.yml
+    - name: "Inject Firewall rules for for MySQL to start - tcp/4444"
+      sudo: yes
+      command: /sbin/iptables -I INPUT -p tcp --dport 4444 -j ACCEPT
+    - name: "Inject Firewall rules for for MySQL to start - tcp/4567"
+      sudo: yes
+      command: /sbin/iptables -I INPUT -p tcp --dport 4567 -j ACCEPT
+    - name: "Inject Firewall rules for for MySQL to start - tcp/4568"
+      sudo: yes
+      command: /sbin/iptables -I INPUT -p tcp --dport 4568 -j ACCEPT
    # This action of stopping prior to starting is to ensure that should
    # MySQL started upon boot, then it would hopefully pickup new config
    # that os-collect-config and os-apply-config would have put in place.