7.5 Firewall Issues

If due to firewall restrictions, the other Primary Servers in your zone are unable to access the Vertica, Kafka, or ZooKeeper services, then you need to run the following Configure action on the server in which these components are enabled, to open the ports. However, if the server in the DMZ is unable to access the ZooKeeper services within the corporate network, then you need to manually open the port 6789 in the corporate firewall.

Example:

If you are unable to access the ZooKeeper services, to open the ZooKeeper ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=add -Dservice=zookeeper

If you are unable to access the Kafka services, to open the Kafka ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=add -Dservice=kafka

If you are unable to access the Vertica services, to open the Vertica ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=add -Dservice=vertica

To close the ports, you need to run the following Configure action:

Example:

To close the ZooKeeper ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=remove -Dservice=zookeeper

To close the Kafka ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=remove -Dservice=kafka

To close the Vertica ports, run the following configure action:

novell-zenworks-configure -c ClusterFirewallConfigureAction -Doperation=remove -Dservice=vertica

For more information on the default ports that need to be open to access the ZooKeeper, Kafka and Vertica services, see ZENworks 2020 TCP and UDP Ports.