octavia/fix-selinux-tcp-hm-on-udp-pools-89c3b8db89e359ba.yaml at 75c1bdd104f3ac02cf05defc0655597b9d4e5e0b - octavia - OpenDev: Free Software Needs Free Tools

openstack/octavia

Gregory Thiemonge 294bd406f3 Fix TCP HMs on UDP pools with SELinux

SELinux denied some specific TCP ports when using TCP-based HMs in UDP
pools (keepalived).
Enable a SELinux boolean keepalived_connect_any which allows keepalived
to connect to any port.

Closes-Bug: #2023751
Change-Id: Ie611ba9fde7b399989d847dd0c61dd3a158652bc

2023-06-14 04:32:08 -04:00

8 lines

271 B

YAML

Raw Blame History

 ---
 fixes:
   - |
     Fixed an SELinux issues with TCP-based health-monitor on UDP pools, some
     specific monitoring ports were denied by SELinux. The Amphora image now
     enables the ``keepalived_connect_any`` SELinux boolean that allows
     connections to any ports.