Fix some bugs
This commit is contained in:
parent
6858f17766
commit
b53b71f750
3 changed files with 15 additions and 6 deletions
|
@ -4,12 +4,16 @@
|
||||||
|
|
||||||
For each machine, **one by one** do:
|
For each machine, **one by one** do:
|
||||||
- Check that cluster is healthy
|
- Check that cluster is healthy
|
||||||
- `sudo gluster peer status`
|
- Check gluster
|
||||||
- `sudo gluster volume status all` (check Online Col, only `Y` must appear)
|
- `sudo gluster peer status`
|
||||||
|
- `sudo gluster volume status all` (check Online Col, only `Y` must appear)
|
||||||
- Check that Nomad is healthy
|
- Check that Nomad is healthy
|
||||||
|
- `nomad server members`
|
||||||
|
- `nomad node status`
|
||||||
- Check that Consul is healthy
|
- Check that Consul is healthy
|
||||||
|
- `consul members`
|
||||||
- Check that Postgres is healthy
|
- Check that Postgres is healthy
|
||||||
- Run `ansible-playbook -i production --limit <machine> site.yml`
|
- Run `ansible-playbook -i production.yml --limit <machine> site.yml`
|
||||||
- Reboot
|
- Reboot
|
||||||
- Check that cluster is healthy
|
- Check that cluster is healthy
|
||||||
|
|
||||||
|
|
|
@ -3,12 +3,15 @@
|
||||||
:FORWARD DROP [0:0]
|
:FORWARD DROP [0:0]
|
||||||
:OUTPUT ACCEPT [0:0]
|
:OUTPUT ACCEPT [0:0]
|
||||||
|
|
||||||
# Debug
|
# Internet Control Message Protocol
|
||||||
-A INPUT -p icmp -j ACCEPT
|
-A INPUT -p icmp -j ACCEPT
|
||||||
|
|
||||||
# Administration
|
# Administration
|
||||||
-A INPUT -p tcp --dport 22 -j ACCEPT
|
-A INPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
|
||||||
|
# Diplonat needs everything open to communicate with IGD with the router
|
||||||
|
-A INPUT -s 192.168.1.254 -j ACCEPT
|
||||||
|
|
||||||
# Cluster
|
# Cluster
|
||||||
{% for selected_host in groups['cluster_nodes'] %}
|
{% for selected_host in groups['cluster_nodes'] %}
|
||||||
-A INPUT -s {{ hostvars[selected_host]['ipv4'] }} -j ACCEPT
|
-A INPUT -s {{ hostvars[selected_host]['ipv4'] }} -j ACCEPT
|
||||||
|
|
|
@ -3,8 +3,10 @@
|
||||||
:FORWARD DROP [0:0]
|
:FORWARD DROP [0:0]
|
||||||
:OUTPUT ACCEPT [0:0]
|
:OUTPUT ACCEPT [0:0]
|
||||||
|
|
||||||
# Debug
|
# Internet Control Message Protocol
|
||||||
|
# (required)
|
||||||
-A INPUT -p icmp -j ACCEPT
|
-A INPUT -p icmp -j ACCEPT
|
||||||
|
-A INPUT -p ipv6-icmp -j ACCEPT
|
||||||
|
|
||||||
# Administration
|
# Administration
|
||||||
-A INPUT -p tcp --dport 22 -j ACCEPT
|
-A INPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
@ -17,7 +19,7 @@
|
||||||
# Local
|
# Local
|
||||||
-A INPUT -i docker0 -j ACCEPT
|
-A INPUT -i docker0 -j ACCEPT
|
||||||
-A INPUT -s ::1/128 -j ACCEPT
|
-A INPUT -s ::1/128 -j ACCEPT
|
||||||
-A INPUT -m conntrack --cstate ESTABLISHED,RELATED -j ACCEPT
|
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
|
||||||
COMMIT
|
COMMIT
|
||||||
|
|
||||||
|
|
Reference in a new issue