Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-2019

firewall module does not support iptables CLUSTERIP rules

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: firewall
    • Labels:
      None
    • Template:
    • Story Points:
      2
    • Sprint:
      MODS 2015-06-24

      Description

      The firewall module does not support the iptables 'CLUSTERIP' rules.
      I am using the puppetlabs firewall module on a Ubuntu Server that also
      uses Clusterip to increase availability of a service.
      Example rules look like this:

      -A INPUT -d x.x.x.x/32 -i eth0 -j CLUSTERIP --new --hashmode sourceip-sourceport \
        --clustermac 00:11:22:AA:BB:CC --total-nodes 2 --local-node 2 --hash-init 0
      

      When the firewall module tries to install new rules it fails with:
      Error: Could not prefetch firewall provider 'iptables': Invalid address from IPAddr.new: 2

      Documentation: http://linux.die.net/man/8/iptables

        Attachments

          Activity

            People

            • Assignee:
              jonathan.tripathy Jonny (JT) Tripathy
              Reporter:
              mxr0 Maximilian Ronniger
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support