I followed these step but taks is failed with error appache service not running, while its was running, screen shot given.
Steps:
sudo yum install iptables-services
sudo systemctl start iptables
sudo systemctl enable iptables
No,
So what I have missed?
No, issue. KKE team will look into it. I cannot check validation issues.
You have to tag inderpreet and rahul456. They check validation and technical issues.
@bilalshakir41396 This is the original error you got for your task
Apache service on App Server 1 is not reachable from LB host
Which means you didn’t add the correct rules in Iptable to open Apache access for LB host (as asked in the question) even though Apache service was up but if correct rules weren’t added then it won’t be reachable from LB host.
Thanks for the response,
Can you check the below commands I used to add the rules are correct?
sudo iptables -A INPUT -p tcp --destination-port 6100 -s 172.16.238.14 -j ACCEPT
sudo iptables -A INPUT -p tcp --destination-port 6100 -j DROP
Hello @Inderpreet and @player001
Please kindly check my instance and see where I went wrong.
I run sudo iptables-save to save rules with persistence after reboot on all app servers but has this error
Hoping to hear from you soon.
In general, AFAIK, iptables save will save the existing rules in a text file, that you must manually load during boot or on every service restart. In Red Hat based distros however, you can edit /etc/sysconfig/iptables file and reload(or restart) the respective systemd service with systemctl reload iptables.
Dropping the traffic is redundant since you specified the source IP in the ACCEPT statement. It would be necessary if the ACCEPT statement was broader and needed to limit it, eg: ACCEPT an entire subnet and DROP a couple of hosts.
theoretically, if you are allowing ONLY a host, you should not allow the entire network.
try allowing " established, related " also…