Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
cloudappliance/mastermasterdb [2020_04_13 20:31] – [Disclaimer] steven | cloudappliance/mastermasterdb [2021_04_08 15:56] – Update to edit iptables file directly to apply changes. eric | ||
---|---|---|---|
Line 110: | Line 110: | ||
On both smesql01 and smesql02, you must update iptables to allow incoming connections to mariadb, do the following. | On both smesql01 and smesql02, you must update iptables to allow incoming connections to mariadb, do the following. | ||
- | As root: | + | As root we will edit the iptables file to add the following lines: |
+ | / | ||
< | < | ||
- | iptables-save > / | + | ... |
- | ipt_line=`iptables | + | -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT |
- | insert_line=`expr $ipt_line | + | -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 11211 -j ACCEPT |
- | iptables | + | ... |
+ | COMMIT | ||
+ | </ | ||
+ | Then issue a restart: | ||
- | iptables | + | < |
- | + | systemctl restart | |
- | iptables-save > / | + | systemctl restart docker |
</ | </ | ||
Line 350: | Line 354: | ||
We will also need to allow multicast traffic (244.0.0.0) through our iptables firewall, as well as adjust selinux to allow keepalived to operate. Finally, we will add a user (keepalived_script) which keepalived will use. | We will also need to allow multicast traffic (244.0.0.0) through our iptables firewall, as well as adjust selinux to allow keepalived to operate. Finally, we will add a user (keepalived_script) which keepalived will use. | ||
+ | / | ||
< | < | ||
- | iptables -I INPUT -i eth0 -d 224.0.0.0/8 -p vrrp -j ACCEPT | + | ... |
- | iptables-save | + | -A RH-Firewall-1-INPUT |
- | semanage permissive -a keepalived_t | + | ... |
- | groupadd keepalived_script | + | COMMIT |
- | useradd -s / | + | </code> |
+ | Then issue a restart: | ||
+ | |||
+ | < | ||
+ | systemctl restart iptables | ||
+ | systemctl restart docker | ||
</ | </ | ||