Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-LAB-HELP
-
Labels:None
-
Sender Email:
-
HD-Node:Trento
Description
My tenant-ID is
jhoechtl cloud
The questioned instance id is
51194d46-0ccf-40e8-b4c4-ea2f63833474 (named fiware-postgres)
It seems that I cannot connect to port 2376 from outside although it is
configured in the assigned security group. However, the rule for port 22
(ssh) is respected, as I can ssh into the host.
Are there elevated rules is place which do not allow to connect to port
2376 on Fiware Hosts / a restriction on node Trentino?
Thank you for your support, Johann
Since January 1st, old domains won't be supported and messages sent to any domain different to @lists.fiware.org will be lost.
Please, send your messages using the new domain (Fiware-tech-help@lists.fiware.org) instead of the old one.
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fiware.org
https://lists.fiware.org/listinfo/fiware-tech-help
[Created via e-mail received from: =?UTF-8?Q?Johann_H=c3=b6chtl?= <johann.hoechtl@gmail.com>]
Issue Links
- relates to
-
HELP-5626
FIWARE.Request.Lab.Trento.Effectivity of assignment of security group to instance
-
- Closed
-
Activity
Hi all,
By default for the VMs we grant an initial set of ports opened as following:
TCP UDP Protocol
ICMP Ping
22 SSH
53 53 dns
80 HTTP
443 HTTPS
861
1026-1028
4823
8080 HTTP / Openstack API
5000-5005 5000-5005 Keystone - General Purp.
6000-6005 6000-6005 General Purposes
16622 SSH - secondary port
As you can see there are some available segment ports where you can try to activate services.
If you would try to move your services in any of 6000-6005 it could be an option immediately available.
Otherwise if you must use any ports outside these segments let us know the floatingIP you are using in order to modify FW rules.
BR
Genci
TrentoNodeTeam
Hi all,
By default for the VMs we grant an initial set of ports opened as following:
TCP UDP Protocol
ICMP Ping
22 SSH
53 53 dns
80 HTTP
443 HTTPS
861
1026-1028
4823
8080 HTTP / Openstack API
5000-5005 5000-5005 Keystone - General Purp.
6000-6005 6000-6005 General Purposes
16622 SSH - secondary port
As you can see there are some available segment ports where you can try to activate services.
If you would try to move your services in any of 6000-6005 it could be an option immediately available.
Otherwise if you must use any ports outside these segments let us know the floatingIP you are using in order to modify FW rules.
BR
Genci
TrentoNodeTeam
Hi all,
User confirmed the preference on using the "default" ports instead of the available ones "6000-6005" - General Purposes.
We will proceed with the changing of the FW rules.
BR
Trento Node Team
Hi Johann,
I inform You that the security team performed the FW changes,
so the ports, 2376 & 3376 are now open for the 193.205.211.110.
Obiously, you have to create a sec-group rule for using these ports.
If, there is nothing elese we can do for you, We are going to close the ticket.
BR
Genci
Trento Node Team
Hi Johann,
I inform You that the security team performed the FW changes,
so the ports, 2376 & 3376 are now open for the 193.205.211.110.
Obiously, you have to create a sec-group rule for using these ports.
If, there is nothing else we can do for you, We are going to close the ticket.
BR
Genci
Trento Node Team
Tried and is working, thank you for the quick response and action taking.
Please close the ticket.
Johann
Dear Johann,
I've forwarded your request to the Trento node support team.
Best regards
Marco