Re: What ports will be needed to support hm and loggregator
|
MaggieMeng
Hi, Lev
Would you please let me know what exactly I should add to my security group? Following are the current configuration. - name: public_networks rules: - protocol: all destination: 0.0.0.0-9.255.255.255 - protocol: all destination: 11.0.0.0-169.253.255.255 - protocol: all destination: 169.255.0.0-172.15.255.255 - protocol: all destination: 172.32.0.0-192.167.255.255 - protocol: all destination: 192.169.0.0-255.255.255.255 - name: dns rules: - protocol: tcp destination: 0.0.0.0/0 ports: '53' - protocol: udp destination: 0.0.0.0/0 ports: '53' default_running_security_groups: - public_networks - dns default_staging_security_groups: - public_networks - dns Thanks, Maggie From: cf-dev-bounces(a)lists.cloudfoundry.org [mailto:cf-dev-bounces(a)lists.cloudfoundry.org] On Behalf Of Lev Berman Sent: 2015年6月2日 18:16 To: Discussions about Cloud Foundry projects and the system overall. Subject: Re: [cf-dev] What ports will be needed to support hm and loggregator Hi, At least for loggregator to successflly talk to metron agents, you need to add a rule to a security group for your private subnet allowing the ingress UDP traffic through ports 3456 and 3457 from all hosts (0.0.0.0/0<http://0.0.0.0/0>). See more about security group rules needed for CF here - http://docs.cloudfoundry.org/deploying/common/security_groups.html. On Tue, Jun 2, 2015 at 1:04 PM, Meng, Xiangyi <xiangyi.meng(a)emc.com<mailto:xiangyi.meng(a)emc.com>> wrote: Hi, I am updating my cf env from 172 to 197. But I found some issues after upgrade is done. I couldn’t get the correct running application instance number: CF_TRACE=true cf apps … "running_instances": -1, … application started ?/3 Another issue is I can’t get log information from loggregator. “cf logs” showed nothing after I restarted my application. I think this may be related to our firewall configuration. Because in another environment where no firewall is configured, hm and loggregator work perfectly well. We have firewalls for deas, routers and all other components separately(three firewalls). So would anyone please tell me what ports we should open for deas, routers or other components? Thanks, Maggie -- Lev Berman Altoros - Cloud Foundry deployment, training and integration Github: https://github.com/ldmberman |
|
|