Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1693769 - iptables port 9100 needs to be opened to allow prometheus to monitor OCS/gluster
Summary: iptables port 9100 needs to be opened to allow prometheus to monitor OCS/gluster
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Monitoring
Version: 3.11.0
Hardware: All
OS: All
unspecified
medium
Target Milestone: ---
: 3.11.z
Assignee: Frederic Branczyk
QA Contact: Junqi Zhao
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-28 15:22 UTC by Dan Yocum
Modified: 2019-04-15 08:02 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-04-15 08:02:59 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Dan Yocum 2019-03-28 15:22:34 UTC
Description of problem:

After upgrading OCP with OCS from 3.9->3.10->3.11 port 9100 needed to be opened in iptables in order for prometheus to monitor the gluster storage nodes.

Version-Release number of the following components:
rpm -q openshift-ansible

openshift-ansible-3.11.69-1.git.0.2ff281f.el7.noarch

rpm -q ansible

ansible-2.6.12-1.el7ae.noarch

ansible --version

ansible 2.6.12
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/eigwc/jharkins_dev/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

How reproducible:

Every

Steps to Reproduce:
1. upgrade from 3.10.x to 3.10.z

Actual results:

Please include the entire output from the last TASK line through the end of output if an error is generated

No error produced - port isn't opened.  'git grep 9100' in openshift-ansible origin/release-3.11 gives no results.

Expected results:

port 9100 is added to iptables for prometheus to monitor gluster

Additional info:
Please attach logs from ansible-playbook with the -vvv flag

Check if ocs is deployed, open port 9100.

Comment 1 Simon Pasquier 2019-03-29 14:06:34 UTC
The problem looks similar to https://bugzilla.redhat.com/show_bug.cgi?id=1659441 which is fixed by https://access.redhat.com/errata/RHBA-2019:0326 (OCP 3.11.82). Can you try to upgrade to the latest 3.11.z?

Comment 2 Dan Yocum 2019-04-11 18:15:30 UTC
Customer upgraded their prod cluster using 3.11.69 knowing that they had to open the right ports...

If you're confident that this has been addressed in the RHBA you reference, then let's close this BZ.

Thanks!


Note You need to log in before you can comment on or make changes to this bug.