Hi there, I have a Fedora 10 system with two KVM virtual machines, both running RHEL 5.2 and RHCS. The intent is to prototype a cluster configuration for a customer. The problem is, everything is fine unless I start iptables on the VMs. But it's unacceptable to run the cluster without am OS-level firewall. The ports list on rhcs manuals, on the cluster project wiki, and what I observe using netstat do not agree. None of them talks about port 5149 which I observe being opened by aisexec (cman). And I don't see any use of ports 41966 through 41968 which are supposed to be opened my rgmanager or 5404 by cman. But even after I changed my iptables config to open all ports, I still canot relocate or failover services between nodes. I configured apache as a script service to play with cluster administration. My vms are on the default KVM network, 192.168.122./24. It's very strange system-config-cluster on node 1 shows both nodes (cs1 and cs2) joined the cluster and starts my teste-httpd service, but node 2 doesn't show the status of any cluster service (on system-config-cluster). If I try to use clusvnadm to relocate the service from cs1 to cs2, it hangs. And I can't stop rgmanager with iptables enabled. Flushing iptables doesn't help when cman and rgmanager were started with iptables on. Attached are my cluster.conf, /etc/sysconfig/iptables and netstat -anp []s, Fernando Lozano
Attachment:
iptables
Description: Binary data
Attachment:
cluster.conf
Description: Binary data
Conexões Internet Ativas (servidores e estabelecidas) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:2208 0.0.0.0:* OU�A 4624/hpiod tcp 0 0 0.0.0.0:738 0.0.0.0:* OU�A 4372/rpc.statd tcp 0 0 192.168.122.101:21064 0.0.0.0:* OU�A - tcp 0 0 0.0.0.0:111 0.0.0.0:* OU�A 4328/portmap tcp 0 0 192.168.122.100:80 0.0.0.0:* OU�A 6544/httpd tcp 0 0 127.0.0.1:631 0.0.0.0:* OU�A 4667/cupsd tcp 0 0 0.0.0.0:50008 0.0.0.0:* OU�A 5028/ccsd tcp 0 0 127.0.0.1:6010 0.0.0.0:* OU�A 4951/0 tcp 0 0 127.0.0.1:2207 0.0.0.0:* OU�A 4629/python tcp 0 0 127.0.0.1:6010 127.0.0.1:33082 ESTABELECIDA4951/0 tcp 0 0 127.0.0.1:60925 127.0.0.1:6010 ESTABELECIDA6121/python2 tcp 0 0 127.0.0.1:6010 127.0.0.1:60925 ESTABELECIDA4951/0 tcp 0 0 127.0.0.1:33082 127.0.0.1:6010 ESTABELECIDA4979/gedit tcp 0 0 ::1:50006 :::* OU�A 5028/ccsd tcp 0 0 :::22 :::* OU�A 4649/sshd tcp 0 0 ::1:6010 :::* OU�A 4951/0 tcp 0 0 :::443 :::* OU�A 6544/httpd tcp 0 0 ::ffff:192.168.122.101:22 ::ffff:192.168.122.1:40891 ESTABELECIDA4951/0 udp 0 0 0.0.0.0:32768 0.0.0.0:* 4802/avahi-daemon: udp 0 0 192.168.122.101:5405 0.0.0.0:* 5034/aisexec udp 0 0 192.168.122.101:5149 0.0.0.0:* 5034/aisexec udp 0 0 239.192.13.142:5405 0.0.0.0:* 5034/aisexec udp 0 0 0.0.0.0:732 0.0.0.0:* 4372/rpc.statd udp 0 0 0.0.0.0:735 0.0.0.0:* 4372/rpc.statd udp 0 0 0.0.0.0:5353 0.0.0.0:* 4802/avahi-daemon: udp 0 0 0.0.0.0:111 0.0.0.0:* 4328/portmap udp 0 0 0.0.0.0:631 0.0.0.0:* 4667/cupsd udp 0 0 :::32769 :::* 4802/avahi-daemon: udp 0 0 :::50007 :::* 5028/ccsd udp 0 0 :::5353 :::* 4802/avahi-daemon: raw 0 0 0.0.0.0:1 0.0.0.0:* 7 6424/rdisc
-- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
