[ceph-users] Ceph manager documentation missing from network config reference

John Spray jspray at redhat.com
Thu Oct 5 13:51:21 PDT 2017


On Thu, Oct 5, 2017 at 9:30 PM, Stefan Kooman <stefan at bit.nl> wrote:
> Hi,
>
> While implementing (stricter) firewall rules I noticed weird behaviour.
> For the monitors only port 6789 was allowed. We currently co-locate the
> manager daemon with our monitors. Apparently (at least) port 6800 is
> also essential. In the Network Configuration Reference [1] there is no
> mention of the iptables rules needed for the manager.
> The figure depicting request / response within / between the client /
> nodes in the network does not yet describe interaction with manager.

This was an oversight in the docs (oops), I've just merged the PR that
updated the firewall page on the master branch here
(https://github.com/ceph/ceph/pull/17974).

> Do you need to open up port 6800(:7300?) completely, or is it enough to
> only allow traffic between manager(s) <-> monitor(s)?

The former: you need to open it up in general, because the OSDs and
other daemons will also need to report to the manager.

>
> Gr. Stefan
>
> P.s. How can one contribute to the documentation?

The docs are in the ceph git repo under doc/ -- you can clone the git
repository and work on them the same way as code, or for very simple
changes you can also use the github web UI to edit a file.  The
downside to the github UI is that once you've opened PR you can't then
update it, so I would only use it for tiny changes.

There is some more information here:
https://github.com/ceph/ceph/blob/master/doc/start/documenting-ceph.rst

Cheers,
John

>
> [1]: http://docs.ceph.com/docs/luminous/rados/configuration/network-config-ref/
>
>
> --
> | BIT BV  http://www.bit.nl/        Kamer van Koophandel 09090351
> | GPG: 0xD14839C6                   +31 318 648 688 / info at bit.nl
> _______________________________________________
> ceph-users mailing list
> ceph-users at lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com


More information about the ceph-users mailing list