Firewall rule set regiond <-> rackd

Flo florian.engelmann at gmail.com
Tue Aug 22 13:40:38 UTC 2017 

Hi,

we tried to build a distributed MAAS setup but we are failing with connectivity.

Region Controller (10.1.0.61) including one rackd:
ii  maas
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          "Metal as a
Service" is a physical cloud and IPAM
ii  maas-cli
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS client
and command-line interface
ii  maas-common
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS server
common files
ii  maas-dhcp
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS DHCP
server
ii  maas-dns
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS DNS
server
ii  maas-proxy
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS Caching
Proxy
ii  maas-rack-controller
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          Rack
Controller for MAAS
ii  maas-region-api
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          Region
controller API service for MAAS
ii  maas-region-controller
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          Region
Controller for MAAS
ii  python3-django-maas
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS server
Django web framework (Python 3)
ii  python3-maas-client
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS python
API client (Python 3)
ii  python3-maas-provisioningserver
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS server
provisioning libraries (Python 3)

Rackd (10.0.252.95) to control another fabric:
ii  maas-cli
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS client
and command-line interface
ii  maas-common
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS server
common files
ii  maas-dhcp
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS DHCP
server
ii  maas-rack-controller
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          Rack
Controller for MAAS
ii  python3-maas-client
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS python
API client (Python 3)
ii  python3-maas-provisioningserver
2.2.2-6099-g8751f91-0ubuntu1~16.04.1       all          MAAS server
provisioning libraries (Python 3)


The firewall rules I requested are:
allow from 10.0.252.0/24 to 10.1.0.61/32 tcp+udp/53, tcp/80, tcp/5240,
tcp/5250-5259, tcp/8000, tcp/8888, udp/123

The rackd is able to connect to the regiond but the communication is
not 100% functional. To me it looks like something is missing.
The UI gets horribly slow after starting the remote rackd and getting
the status of the remote rackd fails (UNKNOWN).

Tcpdump didn't help to find the missing ports.

Did I miss something?

All the best,
Flo

More information about the Maas-devel mailing list