[Rdo-list] [RDO] Fedora, firewallD and openstack

Lars Kellogg-Stedman lars at redhat.com
Wed Nov 13 14:48:13 UTC 2013

On Wed, Nov 13, 2013 at 08:38:08AM +0000, RDO Forum wrote:
> http://openstack.redhat.com/forum/discussion/883/fedora-firewalld-and-openstack

This is someone asking whether the use of firewall conflicts with the
use of OpenStack.  It looks like the answer is "it totally does".
That is, packstack sets up a bunch of firewall rules, but doesn't
actually install them via firewall-cmd...so when someone goes to
reboot their system, they will lose all connectivity.

It seems as if the puppet modules should either (a) disable firewalld
and install iptables-services, or (b) install firewall rules using the
proper framework so that they are persistent.

I've opened https://bugzilla.redhat.com/show_bug.cgi?id=1029929 on
this issue.

Lars Kellogg-Stedman <lars at redhat.com> | larsks @ irc
Cloud Engineering / OpenStack          | "   "  @ twitter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.rdoproject.org/pipermail/dev/attachments/20131113/8b88ca6b/attachment.sig>

More information about the dev mailing list