Fix some bugs

This commit is contained in:
Quentin 2020-10-22 18:29:37 +02:00
parent 6858f17766
commit b53b71f750
3 changed files with 15 additions and 6 deletions

View file

@ -4,12 +4,16 @@
For each machine, **one by one** do: For each machine, **one by one** do:
- Check that cluster is healthy - Check that cluster is healthy
- Check gluster
- `sudo gluster peer status` - `sudo gluster peer status`
- `sudo gluster volume status all` (check Online Col, only `Y` must appear) - `sudo gluster volume status all` (check Online Col, only `Y` must appear)
- Check that Nomad is healthy - Check that Nomad is healthy
- `nomad server members`
- `nomad node status`
- Check that Consul is healthy - Check that Consul is healthy
- `consul members`
- Check that Postgres is healthy - Check that Postgres is healthy
- Run `ansible-playbook -i production --limit <machine> site.yml` - Run `ansible-playbook -i production.yml --limit <machine> site.yml`
- Reboot - Reboot
- Check that cluster is healthy - Check that cluster is healthy

View file

@ -3,12 +3,15 @@
:FORWARD DROP [0:0] :FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0]
# Debug # Internet Control Message Protocol
-A INPUT -p icmp -j ACCEPT -A INPUT -p icmp -j ACCEPT
# Administration # Administration
-A INPUT -p tcp --dport 22 -j ACCEPT -A INPUT -p tcp --dport 22 -j ACCEPT
# Diplonat needs everything open to communicate with IGD with the router
-A INPUT -s 192.168.1.254 -j ACCEPT
# Cluster # Cluster
{% for selected_host in groups['cluster_nodes'] %} {% for selected_host in groups['cluster_nodes'] %}
-A INPUT -s {{ hostvars[selected_host]['ipv4'] }} -j ACCEPT -A INPUT -s {{ hostvars[selected_host]['ipv4'] }} -j ACCEPT

View file

@ -3,8 +3,10 @@
:FORWARD DROP [0:0] :FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0]
# Debug # Internet Control Message Protocol
# (required)
-A INPUT -p icmp -j ACCEPT -A INPUT -p icmp -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
# Administration # Administration
-A INPUT -p tcp --dport 22 -j ACCEPT -A INPUT -p tcp --dport 22 -j ACCEPT
@ -17,7 +19,7 @@
# Local # Local
-A INPUT -i docker0 -j ACCEPT -A INPUT -i docker0 -j ACCEPT
-A INPUT -s ::1/128 -j ACCEPT -A INPUT -s ::1/128 -j ACCEPT
-A INPUT -m conntrack --cstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
COMMIT COMMIT