Add reserved ports for some services

Exclude ports from the ephemeral pool ranges that can be shared by the following services: * Keystone - 35357 * Qpidd/matahari - 49000 * Clustercheck - 49000-49001 (xinetd) * Swift Proxy and Ironic PXE that rely on xinetd - 49001 Closes-Bug: #1820576 Change-Id: I71308a65bea5f59d755b766165dabf5d3e646ee1 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com> (cherry picked from commit ffd31df7d3)
2019-03-19 12:16:31 +01:00 · 2019-03-19 12:16:31 +01:00 · 3d16a7009d
parent e6542a1b26
commit 3d16a7009d
1 changed files with 2 additions and 0 deletions
--- a/deployment/kernel/kernel-baremetal-ansible.yaml
+++ b/deployment/kernel/kernel-baremetal-ansible.yaml
@ -145,6 +145,8 @@ outputs:
          map_merge:
            - net.ipv6.conf.default.disable_ipv6:
                value: {get_param: KernelDisableIPv6}
+              net.ipv4.ip_local_reserved_ports:
+                value: "35357,49000-49001"
              net.ipv6.conf.all.disable_ipv6:
                value: {get_param: KernelDisableIPv6}
              net.ipv4.ip_forward: