Required Host Firewall Rules?


(J. Zimmerman) #1

Running through the setup of ECE 1.0.0-beta2. Is there a list of required host firewall ports that need to be open? Running iptables on CentOS 7 and that seems to be one of the initial hurdles to running the install script. Currently working through debug mode to find connection failures so I can add rules individually.


(Nik Richers) #2

@John_Zimmerman,

The networking prerequisites with the required ports that must be open are available here: https://www.elastic.co/guide/en/cloud-enterprise/current/ece-prereqs.html#ece-prereqs-networking.

I think that is what you are asking about?

Nik


(J. Zimmerman) #3

That's it. Seems obvious now.

Thanks!


(J. Zimmerman) #4

Just an update. I'm still not getting a clean install on CentOS 7 with iptables enabled. My current workaround is to leave iptables running and allow all traffic. I'll do more troubleshooting and report back.


(Nik Richers) #6

John,

A belated follow-up. In our instructions, we are not clear that the first host that you install on initially needs to have the ports open for coordinators, allocators and proxies, as it needs to hold all of these roles initially. I wonder if that's what you ran into?

It's not until you have boostrapped your entire installation and removed the proxy and allocator role from the first host that you can scale back the ports to just those needed by a coordinator.

(We had a discussion about these ports today internally and I suddenly remembered this post.)

Nik