Adding firewall rules on RHEL 7 for InfluxDB

in Software Engineering, DevOps

I was recently stumped by trying to change firewall settings on a new RHEl 7 VM. I'd installed InfluxDB , which I had running on port 8090.

I pushed some sample data in to test it.

$ curl -XPOST 'http://localhost:8090/write?db=mydb' -d 'cpu,host=server01,region=uswest load=42 1434055562000000000'

Next I queried it to check if it had gone in ok.

$ curl -G http://localhost:8090/query?pretty=true --data-urlencode "db=mydb" --data-urlencode "q=SELECT * FROM cpu WHERE host='server01'"
{
    "results": [
        {
            "series": [
                {
                    "name": "cpu",
                    "columns": [
                        "time",
                        "host",
                        "load",
                        "region"
                    ],
                    "values": [
                        [
                            "2015-06-11T20:46:02Z",
                            "server01",
                            42,
                            "uswest"
                        ]
                    ]
                }
            ]
        }
    ]
}

Everything looked ok until I tried the same query from my local machine where the request timed out.

My first thought was that this was because of the firewall running on the VM, so I logged back on and disabled the iptables service.

$ sudo systemctl stop iptables

Tried again, and no change. It turns out that RHEl 7 uses the firewalld service to control the fire wall not the iptables service itself.

I checked which zones were in use

$ sudo firewall-cmd --get-active-zones
public
  interfaces: ens32

and added my port to the public zone

$ sudo firewall-cmd --zone=public --add-port=8090/tcp

Now running my query from my local machine works

$ curl -G http://myserver:8090/query?pretty=true --data-urlencode "db=mydb" --data-urlencode "q=SELECT * FROM cpu WHERE host='server01'"
{
    "results": [
        {
            "series": [
                {
                    "name": "cpu",
                    "columns": [
                        "time",
                        "host",
                        "load",
                        "region"
                    ],
                    "values": [
                        [
                            "2015-06-11T20:46:02Z",
                            "server01",
                            42,
                            "uswest"
                        ]
                    ]
                }
            ]
        }
    ]
}

I'll be writing up a few examples of what we are using InfluxDB for and why we chose it in some upcoming posts so keep an eye out.