I am running docker on an up-to-date fedora-22 VM.
From /etc/sysconfig/docker
OPTIONS='–selinux-enabled -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock'
Compute resource url is http://192.168.121.120:2375
With firewalld.service stopped, test connection works, docker works locally, and containers can be started fine from katello.
I am unsure how to configure firewalld. (Note selinux is off.)
firewall-cmd --zone=public --add-port=2375/tcp --permanent
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --zone=public --add-service=https --permanent
firewall-cmd --reload
I've tried a lot of variations (changing zones, etc.) without success. Does anyone have any pointers?
···
--
@thomasmckay
–
“The leader must aim high, see big, judge widely, thus setting himself apart form the ordinary people who debate in narrow confines.” ~ Charles De Gaulle
“Leadership is about making others better as a result of your presence and making sure that impact lasts in your absence.” ~ Harvard Business School
% firewall-cmd --list-all
FedoraServer (default, active)
interfaces: ens3
sources:
services: cockpit dhcpv6-client http https ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
Note that FedoraServer is the only zone listed and is labeled default and active.
% firewall-cmd --zone FedoraServer --change-interface=docker0
success
% firewall-cmd --permanent --zone FedoraServer --add-port 2375/tcp
success
Note 2375 is the port I set in the OPTIONS for docker.
% firewall-cmd --reload
% firewall-cmd --list-all
FedoraServer (default, active)
interfaces: docker0 ens3
sources:
services: cockpit dhcpv6-client http https ssh
ports: 2375/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
Now "test connection" from katello works.
···
----- Original Message -----
> Maybe
>
> > firewall-cmd --permanent --zone=trusted --change-interface=docker0
> > firewall-cmd --permanent --zone=trusted --add-port=2375/tcp
> > firewall-cmd --reload
> >
> >
> On Tuesday, September 1, 2015 at 2:27:31 PM UTC+3, Tom McKay wrote:
> >
> >
> > I am running docker on an up-to-date fedora-22 VM.
> >
> > From /etc/sysconfig/docker
> > OPTIONS='--selinux-enabled -H tcp://0.0.0.0:2375 -H
> > unix:///var/run/docker.sock'
> >
> > Compute resource url is http://192.168.121.120:2375
> >
> > With firewalld.service stopped, test connection works, docker works
> > locally, and containers can be started fine from katello.
> >
> > I am unsure how to configure firewalld. (Note selinux is off.)
> >
> >
> > firewall-cmd --zone=public --add-port=2375/tcp --permanent
> > firewall-cmd --zone=public --add-service=http --permanent
> > firewall-cmd --zone=public --add-service=https --permanent
> > firewall-cmd --reload
> >
> > I've tried a lot of variations (changing zones, etc.) without success.
> > Does anyone have any pointers?
> >
> >
> > --
> > @thomasmckay
> >
> > --
> > "The leader must aim high, see big, judge widely, thus setting himself
> > apart form the ordinary people who debate in narrow confines." ~ Charles De
> > Gaulle
> >
> > "Leadership is about making others better as a result of your presence and
> > making sure that impact lasts in your absence." ~ Harvard Business School
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to foreman-users+unsubscribe@googlegroups.com.
> To post to this group, send email to foreman-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/d/optout.
>