22 Nov
2025
22 Nov
'25
midnight
Hi All, Continuing to run through my expoy testing depoly I enabled firewalld management (I think) with: disable_firewall: "false" enable_external_api_firewalld: "true" After predeplying firewalld on the control nodes and adding the public IP interface and an ssh allow rule (and a few other internal allows for $REASONS). This seemed to work for the services I had deployed, but when installing a new service (magnum for example) the API port 9511 is listening on the controllers but blocked externally. There doesn't seem to be a firewall or firewalld tag, is there something else I need to poke? Thanks, -Jon -- Jonathan Proulx (he/him) Sr. Technical Architect The Infrastructure Group MIT CSAIL