[Rdo-list] http server problem with openstack
Vedsar Kushwaha
vedsarkushwaha at gmail.com
Sat Mar 28 15:13:53 UTC 2015
Thanks a lot.
After iptables -F, it started working. :)
On Sat, Mar 28, 2015 at 8:25 PM, Marius Cornea <marius at remote-lab.net>
wrote:
> Try adding the rule manually for your webserver
>
> iptables -I INPUT -p tcp --dport 30001 -j ACCEPT
>
> Depending on what you want to use you can add it to the settings:
> /etc/sysconfig/iptables for the iptables service or /etc/firewalld/
> for firewalld. For sake of debugging you could also use 'iptables -F'
> to delete all rules.
>
> On Sat, Mar 28, 2015 at 3:46 PM, Vedsar Kushwaha
> <vedsarkushwaha at gmail.com> wrote:
> > New iptables -nL (for computer B)
> >
> > Chain INPUT (policy ACCEPT)
> > target prot opt source destination
> > ACCEPT tcp -- 192.168.0.20 0.0.0.0/0 multiport
> > dports 5671,5672 /* 001 amqp incoming amqp_192.168.0.20 */
> > ACCEPT tcp -- 192.168.0.19 0.0.0.0/0 multiport
> > dports 5666 /* 001 nagios-nrpe incoming nagios_nrpe */
> > ACCEPT udp -- 192.168.0.19 0.0.0.0/0 multiport
> > dports 4789 /* 001 neutron tunnel port incoming
> > neutron_tunnel_192.168.0.20_192.168.0.19 */
> > ACCEPT tcp -- 192.168.0.19 0.0.0.0/0 multiport
> > dports 5900:5999 /* 001 nova compute incoming nova_compute */
> > ACCEPT tcp -- 192.168.0.20 0.0.0.0/0 multiport
> > dports 16509,49152:49215 /* 001 nova qemu migration incoming
> > nova_qemu_migration_192.168.0.20_192.168.0.20 */
> > ACCEPT tcp -- 192.168.0.21 0.0.0.0/0 multiport
> > dports 16509,49152:49215 /* 001 nova qemu migration incoming
> > nova_qemu_migration_192.168.0.20_192.168.0.21 */
> > ACCEPT tcp -- 192.168.0.22 0.0.0.0/0 multiport
> > dports 16509,49152:49215 /* 001 nova qemu migration incoming
> > nova_qemu_migration_192.168.0.20_192.168.0.22 */
> > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
> > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
> > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
> > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
> > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> > RELATED,ESTABLISHED
> > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
> > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp
> > dpt:22
> > REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> > icmp-host-prohibited
> >
> > Chain FORWARD (policy ACCEPT)
> > target prot opt source destination
> > ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate
> > RELATED,ESTABLISHED
> > ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
> > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> > REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> > icmp-port-unreachable
> > REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> > icmp-port-unreachable
> > REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> > icmp-host-prohibited
> >
> > Chain OUTPUT (policy ACCEPT)
> > target prot opt source destination
> >
> >
> > One more question, I'm on Centos7 using openstack juno:
> >
> > When starting firewalld, (service firewalld start) iptable stopped.
> > Similarly, when iptables starts (service iptables start), firewalld gets
> > stopped.
> >
> >
> >
> > On Sat, Mar 28, 2015 at 7:49 PM, Vedsar Kushwaha <
> vedsarkushwaha at gmail.com>
> > wrote:
> >>
> >> I'm using curl to access to the HTTPSEEVER.
> >>
> >> python -m SimpleHTTPServer 30001
> >>
> >>
> >> iptables -nL
> >>
> >> target prot opt source destination
> >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate
> >> RELATED,ESTABLISHED
> >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> >> INPUT_direct all -- 0.0.0.0/0 0.0.0.0/0
> >> INPUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0
> >> INPUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0
> >> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
> >> REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> >> icmp-host-prohibited
> >>
> >> Chain FORWARD (policy ACCEPT)
> >> target prot opt source destination
> >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate
> >> RELATED,ESTABLISHED
> >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> >> FORWARD_direct all -- 0.0.0.0/0 0.0.0.0/0
> >> FORWARD_IN_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0
> >> FORWARD_IN_ZONES all -- 0.0.0.0/0 0.0.0.0/0
> >> FORWARD_OUT_ZONES_SOURCE all -- 0.0.0.0/0 0.0.0.0/0
> >> FORWARD_OUT_ZONES all -- 0.0.0.0/0 0.0.0.0/0
> >> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
> >> REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with
> >> icmp-host-prohibited
> >>
> >> Chain OUTPUT (policy ACCEPT)
> >> target prot opt source destination
> >> OUTPUT_direct all -- 0.0.0.0/0 0.0.0.0/0
> >>
> >> Chain FORWARD_IN_ZONES (1 references)
> >> target prot opt source destination
> >> FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >> FWDI_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >>
> >> Chain FORWARD_IN_ZONES_SOURCE (1 references)
> >> target prot opt source destination
> >>
> >> Chain FORWARD_OUT_ZONES (1 references)
> >> target prot opt source destination
> >> FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >> FWDO_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >>
> >> Chain FORWARD_OUT_ZONES_SOURCE (1 references)
> >> target prot opt source destination
> >>
> >> Chain FORWARD_direct (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDI_public (2 references)
> >> target prot opt source destination
> >> FWDI_public_log all -- 0.0.0.0/0 0.0.0.0/0
> >> FWDI_public_deny all -- 0.0.0.0/0 0.0.0.0/0
> >> FWDI_public_allow all -- 0.0.0.0/0 0.0.0.0/0
> >>
> >> Chain FWDI_public_allow (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDI_public_deny (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDI_public_log (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDO_public (2 references)
> >> target prot opt source destination
> >> FWDO_public_log all -- 0.0.0.0/0 0.0.0.0/0
> >> FWDO_public_deny all -- 0.0.0.0/0 0.0.0.0/0
> >> FWDO_public_allow all -- 0.0.0.0/0 0.0.0.0/0
> >>
> >> Chain FWDO_public_allow (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDO_public_deny (1 references)
> >> target prot opt source destination
> >>
> >> Chain FWDO_public_log (1 references)
> >> target prot opt source destination
> >>
> >> Chain INPUT_ZONES (1 references)
> >> target prot opt source destination
> >> IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >> IN_public all -- 0.0.0.0/0 0.0.0.0/0 [goto]
> >>
> >> Chain INPUT_ZONES_SOURCE (1 references)
> >> target prot opt source destination
> >>
> >> Chain INPUT_direct (1 references)
> >> target prot opt source destination
> >>
> >> Chain IN_public (2 references)
> >> target prot opt source destination
> >> IN_public_log all -- 0.0.0.0/0 0.0.0.0/0
> >> IN_public_deny all -- 0.0.0.0/0 0.0.0.0/0
> >> IN_public_allow all -- 0.0.0.0/0 0.0.0.0/0
> >>
> >> Chain IN_public_allow (1 references)
> >> target prot opt source destination
> >> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> dpt:22
> >> ctstate NEW
> >>
> >> Chain IN_public_deny (1 references)
> >> target prot opt source destination
> >>
> >> Chain IN_public_log (1 references)
> >> target prot opt source destination
> >>
> >> Chain OUTPUT_direct (1 references)
> >> target prot opt source destination
> >>
> >> On Sat, Mar 28, 2015 at 6:57 PM, Marius Cornea <marius at remote-lab.net>
> >> wrote:
> >>>
> >>> iptables -nL ?
> >>>
> >>> Also it's not clear to me when you get the 'No route to host' message.
> >>> How are you trying to access it?
> >>>
> >>> On Sat, Mar 28, 2015 at 2:23 PM, Vedsar Kushwaha
> >>> <vedsarkushwaha at gmail.com> wrote:
> >>> > firewall is disable on all computers :)
> >>> >
> >>> > Redirecting to /bin/systemctl status firewalld.service
> >>> > firewalld.service - firewalld - dynamic firewall daemon
> >>> > Loaded: loaded (/usr/lib/systemd/system/firewalld.service;
> disabled)
> >>> > Active: inactive (dead)
> >>> >
> >>> >
> >>> > On Sat, Mar 28, 2015 at 6:35 PM, Marius Cornea <
> marius at remote-lab.net>
> >>> > wrote:
> >>> >>
> >>> >> Hi,
> >>> >>
> >>> >> It sounds to me like a firewall issue. Please check the firewall
> rules
> >>> >> on computer B and make sure you allow HTTP access from the clients.
> >>> >>
> >>> >> Tnx,
> >>> >> Marius
> >>> >>
> >>> >> On Sat, Mar 28, 2015 at 1:43 PM, Vedsar Kushwaha
> >>> >> <vedsarkushwaha at gmail.com> wrote:
> >>> >> > I installed openstack --allinone on one computer (Say A).
> >>> >> >
> >>> >> > Then, I added two more compute nodes(Say B and C) on this.
> >>> >> >
> >>> >> > Everything is working fine.
> >>> >> >
> >>> >> > But now, for some other reason I want to start HTTPServer on
> >>> >> > computer B
> >>> >> > and
> >>> >> > access it from computer X and Y which are different from A,B & C.
> >>> >> >
> >>> >> > Now after running HTTPServer on computer B, I'm not able to access
> >>> >> > it
> >>> >> > from
> >>> >> > computer X and Y.
> >>> >> > Giving Error 'No route to host'
> >>> >> >
> >>> >> > Although from computer B, I can access HTTPServer of computer B.
> >>> >> >
> >>> >> >
> >>> >> > Please help.
> >>> >> >
> >>> >> > --
> >>> >> > Vedsar Kushwaha
> >>> >> > M.Tech-Computational Science
> >>> >> > Indian Institute of Science
> >>> >> >
> >>> >> > _______________________________________________
> >>> >> > Rdo-list mailing list
> >>> >> > Rdo-list at redhat.com
> >>> >> > https://www.redhat.com/mailman/listinfo/rdo-list
> >>> >> >
> >>> >> > To unsubscribe: rdo-list-unsubscribe at redhat.com
> >>> >
> >>> >
> >>> >
> >>> >
> >>> > --
> >>> > Vedsar Kushwaha
> >>> > M.Tech-Computational Science
> >>> > Indian Institute of Science
> >>
> >>
> >>
> >>
> >> --
> >> Vedsar Kushwaha
> >> M.Tech-Computational Science
> >> Indian Institute of Science
> >
> >
> >
> >
> > --
> > Vedsar Kushwaha
> > M.Tech-Computational Science
> > Indian Institute of Science
>
--
Vedsar Kushwaha
M.Tech-Computational Science
Indian Institute of Science
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rdoproject.org/pipermail/dev/attachments/20150328/6701a7b2/attachment.html>
More information about the dev
mailing list