Last modified: 2014-09-02 04:46:18 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T42526, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 40526 - new security rule not applied
new security rule not applied
Status: NEW
Product: Wikimedia Labs
Classification: Unclassified
Infrastructure (Other open bugs)
unspecified
All All
: High normal
: ---
Assigned To: Ryan Lane
:
Depends on:
Blocks: 41083
  Show dependency treegraph
 
Reported: 2012-09-26 11:32 UTC by Antoine "hashar" Musso (WMF)
Modified: 2014-09-02 04:46 UTC (History)
7 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Antoine "hashar" Musso (WMF) 2012-09-26 11:32:02 UTC 
In the integration project, I have added a new rule to the default security group. The aim is to enable port 29418 on all integration instances.


$ curl --connect-timeout 2 -v http://integration-jenkins:29418/ 
* About to connect() to integration-jenkins port 29418 (#0)
*   Trying 10.4.0.227... Timeout
* connect() timed out!
* Closing connection #0
curl: (28) connect() timed out!
$

On integration-jenkins, a `tcpdump -n tcp port 29418` show no packet incoming.
Comment 1 Antoine "hashar" Musso (WMF) 2012-10-16 11:47:05 UTC 
Same issue still on the integration project. Added a rule to allow port 443 


$ curl --connect-timeout 2 -v https://integration.wmflabs.org/
* About to connect() to integration.wmflabs.org port 443 (#0)
*   Trying 208.80.153.222... Timeout
* connect() timed out!
* Closing connection #0
curl: (28) connect() timed out!
$

Apache is indeed listening on port 443 and tcpdump shows no packet incoming.


Raising priority since that is really troublesome.
Comment 2 Antoine "hashar" Musso (WMF) 2012-10-17 09:41:04 UTC 
I raised this issue on the labs mailing list so everyone is aware of it. Ryan Lane answer:

This is a bug in openstack nova upstream. It's fixed upstream, but we're waiting for ubuntu to package and release the fix (as well as a bunch of others).
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links