9.10.7. Configuring the Port Proxy
All OpenShift Enterprise applications are contained within gears. These applications listen for connections on the loopback interface. The node host uses
iptables to listen on external-facing ports and forwards incoming requests to the appropriate application.
Procedure 9.9. To Configure the OpenShift Port Proxy:
- Verify that
iptablesis running and will start on boot.#
service iptables restart#chkconfig iptables on - Verify that the port proxy starts on boot:
# chkconfig openshift-iptables-port-proxy on - Modify the
iptablesrules:# sed -i '/:OUTPUT ACCEPT \[.*\]/a :rhc-app-comm - [0:0]' /etc/sysconfig/iptables# sed -i '/-A INPUT -i lo -j ACCEPT/a -A INPUT -j rhc-app-comm' /etc/sysconfig/iptablesWarning
After you run these commands, do not run any furtherlokkitcommands on the node host. Runninglokkitcommands after this point overwrites the requirediptablesrules and causes theopenshift-iptables-port-proxyservice to fail during startup.Restart theiptablesservice for the changes to take effect:#
service iptables restart - Start the service immediately:
# service openshift-iptables-port-proxy start - Run the following command so that the
openshift-gearsservice script starts on boot. Theopenshift-gearsservice script starts gears when a node host is rebooted:# chkconfig openshift-gears on
Note
If you use the kickstart or bash script, the
configure_port_proxy function performs these steps.
