openstack
/
bifrost
Code Issues Proposed changes

Document a potential issue with firewalld and SSH 

Change-Id: Ic7c6870d4bd547e6e1d8b6db80f5c6d6bf0bba78
Story: #40898
Task: #40898
This commit is contained in:
Dmitry Tantsur 2020-09-25 16:27:25 +02:00
parent a454be2e92
commit ac9eab4da6
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/source/install/index.rst
View File

@ -68,6 +68,16 @@ For the machine that hosts Bifrost you'll need to figure out:
DHCP, PXE and API services will only be added to this zone. If you need any
of them available in other zones, you need to configure firewall yourself.
.. warning::
If you use the same NIC for bare metal nodes and external access,
installing bifrost may lock you out of SSH to the node. You have two
options:
#. Pre-create the ``bifrost`` firewalld zone before installation and add
the SSH service to it.
#. Use the ``public`` zone by providing ``firewalld_internal_zone=public``
when installing.
* Pool of IP addresses for DHCP (must be within the network configured on the
chosen network interface).