Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Edit /etc/firewalld/zones/public.xml or (swarm-site.xml whichever has the other port rules) and add a rule to allow port 8090 requests. The remainder of the instructions assume port 8090 is used. The result resembles:

    Code Block
    <?xml version="1.0" encoding="utf-8"?>
    <zone>
      <short>Public</short>
      <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
      <service name="ssh"/>
      <service name="dhcpv6-client"/>
      <port protocol="tcp" port="8009"/>
      <port protocol="tcp" port="8080"/>
      <port protocol="tcp" port="8081"/>
      <port protocol="udp" port="123"/>
      <port protocol="udp" port="514"/>
      <port protocol="tcp" port="514"/>
      <port protocol="tcp" port="8090"/>
      <masquerade/>
    </zone>
  2. Reload the firewall rules:

    Code Block
    firewall-cmd --reload
  3. Create a directory for configure port90 files

    Code Block
    mkdir -p /opt/datacore/swarm-port90-console/
  4. Create a configure to disable HTTP/1.0 - /opt/datacore/swarm-port90/console/disable_http1.0.conf

    Code Block
    <IfModule mod_rewrite.c>
        RewriteEngine On
        # Block HTTP/1.0 requests
        RewriteCond %{SERVER_PROTOCOL} ^HTTP/1\.0$
        RewriteRule .* - [F,L]
    </IfModule>
    
    # Restrict proxy connections to HTTP/1.1
    <Proxy *>
        # This block is only necessary if you are configuring proxy settings.
        # Since 'ProxyRequests' should not be in <Proxy> block, configure it elsewhere.
    </Proxy>
    
    # Set proxy settings in the main configuration or a VirtualHost
    # For instance, you can place this in your main httpd.conf or a VirtualHost config:
    ProxyRequests Off
    ProxyVia Off
  5. OPTIONAL: if your SCS has internet access, you can skip this step and proceed to step 4. Download the container scs-container-port90-console.tar.gz here and transfer it to the SCS server. Load the container:

    Code Block
    podman load < scs-container-port90-console.tar.gz
  6. Collect the IP address of any Swarm node and replace it in the following command. Install the container:

    Code Block
    podman run -d --name swarm-port90-console --security-opt=seccomp=unconfined -p 8090:8090 -e SCSP_HOST=[Swarm node IP] -v /opt/datacore/swarm-port90-console/block_http1.0.conf:/etc/httpd/conf.d/block_http1.0.conf:Z docker-repo.tx.caringo.com/quay.io/perifery/caringo-syslog:stable9
  7. Now port 8090 on the SCS server can be used to access Swarm’s port90 console: http://[SCS-IP]:8090

  8. No further actions are required. However, the container does not run when the SCS server is restarted. Continue with the instructions below to configure the container to auto-start.

...

To eliminate the port90 container, execute the following commands to remove it from Podman:

Code Block
podman stop $(podman ps -a | grep swarm-port90-console | awk '{ print $1 }')
podman rm $(podman ps -a | grep swarm-port90-console | awk '{ print $1 }')
systemctl stop swarm-port90-console.service
systemctl disable swarm-port90-console.service

...