openstack
/
bifrost
Code Issues Proposed changes

Document a potential issue with firewalld and SSH 

Change-Id: Ic7c6870d4bd547e6e1d8b6db80f5c6d6bf0bba78
Story: #40898
Task: #40898
This commit is contained in:
Dmitry Tantsur 2020-09-25 16:27:25 +02:00
parent a454be2e92
commit ac9eab4da6
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/source/install/index.rst
View File

@ -68,6 +68,16 @@ For the machine that hosts Bifrost you'll need to figure out:
DHCP, PXE and API services will only be added to this zone. If you need any DHCP, PXE and API services will only be added to this zone. If you need any
of them available in other zones, you need to configure firewall yourself. of them available in other zones, you need to configure firewall yourself.
.. warning::
If you use the same NIC for bare metal nodes and external access,
installing bifrost may lock you out of SSH to the node. You have two
options:
#. Pre-create the ``bifrost`` firewalld zone before installation and add
the SSH service to it.
#. Use the ``public`` zone by providing ``firewalld_internal_zone=public``
when installing.
* Pool of IP addresses for DHCP (must be within the network configured on the * Pool of IP addresses for DHCP (must be within the network configured on the
chosen network interface). chosen network interface).