subject:"\[ovirt\-devel\] firewalld on vdsm host"

Re: [ovirt-devel] firewalld on vdsm host

2015-11-13 Thread Max Kovgan

Can you point me to the table?
Sounds good exercise in b/w compatibility and slow data/schema migration to
me.
Is there an RFE for it too?
On Nov 12, 2015 5:27 PM, "Sandro Bonazzola"  wrote:

>
>
> On Thu, Nov 12, 2015 at 3:06 PM, Fabian Deutsch 
> wrote:
>
>> On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg 
>> wrote:
>> > On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
>> >> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg 
>> wrote:
>> >> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
>> >> >> Hey,
>> >> >>
>> >> >> what is the expectation/assumption about firewalld on a CentOS 7
>> host
>> >> >> where you want to install vdsm onto?
>> >> >>
>> >> >> Is vdsm taking care of it?
>> >> >>
>> >> >> I'm asking this, because firewalld seems to be in the default
>> package
>> >> >> (please correct me if I am wrong) set of CentOS 7 and thus installed
>> >> >> by default.
>> >> >
>> >> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
>> >> > el7.1 (there used to be problems in early 7.0 versions).
>> >> >
>> >> > If this is not the case, please file a bug with precise versions!
>> >>
>> >> Bug 1281417 - vdsm host can not be added with firewalld enabled
>> >
>> > Would everything work all right if Vdsm's port (54321) is opened in
>> > firewalld?
>>
>> I did not try this yet - but I strongly assume yes.
>>
>> > It seems that the host CAN be added, but remains in non-responsive mode
>> > due to the firewall being shut. right?
>>
>> Correct, vdsm is up and all. It just seems to be the firewall.
>>
>> Looking at the two bugs:
>> Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld
>> Bug 1281417 - vdsm host can not be added with firewalld enabled
>>
>> I wonder where the firewalld service configuration should happen,
>> currently in host-deploy, but I don#t really see why theer and not in
>> vdsm.
>>
>
> firewalld can't be configured right now by host-deploy being the firewall
> config sotred in the engine database for iptables only.
> We need to add firewalld support in ovirt-engine and in ovirt-host-deploy
> to properly support it.
>
>
>
>
>>
>> - fabian
>> ___
>> Devel mailing list
>> Devel@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/devel
>>
>
>
>
> --
> Sandro Bonazzola
> Better technology. Faster innovation. Powered by community collaboration.
> See how it works at redhat.com
>
> ___
> Devel mailing list
> Devel@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
>
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-13 Thread Sandro Bonazzola

On Fri, Nov 13, 2015 at 2:57 PM, Max Kovgan  wrote:

> Can you point me to the table?
>
You can inspect the code
in ovirt-engine/packaging/dbscripts/upgrade/pre_upgrade/_config.sql


> Sounds good exercise in b/w compatibility and slow data/schema migration
> to me.
> Is there an RFE for it too?
>

*Bug 995362*  - (
ovirt_firewalld_support) [RFE] Support firewalld
*Bug 1075687*  - (
ovirt_setup_firewalld_support) [RFE] Add FirewallD support to hosted-engine
setup



> On Nov 12, 2015 5:27 PM, "Sandro Bonazzola"  wrote:
>
>>
>>
>> On Thu, Nov 12, 2015 at 3:06 PM, Fabian Deutsch 
>> wrote:
>>
>>> On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg 
>>> wrote:
>>> > On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
>>> >> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg 
>>> wrote:
>>> >> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
>>> >> >> Hey,
>>> >> >>
>>> >> >> what is the expectation/assumption about firewalld on a CentOS 7
>>> host
>>> >> >> where you want to install vdsm onto?
>>> >> >>
>>> >> >> Is vdsm taking care of it?
>>> >> >>
>>> >> >> I'm asking this, because firewalld seems to be in the default
>>> package
>>> >> >> (please correct me if I am wrong) set of CentOS 7 and thus
>>> installed
>>> >> >> by default.
>>> >> >
>>> >> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
>>> >> > el7.1 (there used to be problems in early 7.0 versions).
>>> >> >
>>> >> > If this is not the case, please file a bug with precise versions!
>>> >>
>>> >> Bug 1281417 - vdsm host can not be added with firewalld enabled
>>> >
>>> > Would everything work all right if Vdsm's port (54321) is opened in
>>> > firewalld?
>>>
>>> I did not try this yet - but I strongly assume yes.
>>>
>>> > It seems that the host CAN be added, but remains in non-responsive mode
>>> > due to the firewall being shut. right?
>>>
>>> Correct, vdsm is up and all. It just seems to be the firewall.
>>>
>>> Looking at the two bugs:
>>> Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld
>>> Bug 1281417 - vdsm host can not be added with firewalld enabled
>>>
>>> I wonder where the firewalld service configuration should happen,
>>> currently in host-deploy, but I don#t really see why theer and not in
>>> vdsm.
>>>
>>
>> firewalld can't be configured right now by host-deploy being the firewall
>> config sotred in the engine database for iptables only.
>> We need to add firewalld support in ovirt-engine and in ovirt-host-deploy
>> to properly support it.
>>
>>
>>
>>
>>>
>>> - fabian
>>> ___
>>> Devel mailing list
>>> Devel@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/devel
>>>
>>
>>
>>
>> --
>> Sandro Bonazzola
>> Better technology. Faster innovation. Powered by community collaboration.
>> See how it works at redhat.com
>>
>> ___
>> Devel mailing list
>> Devel@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/devel
>>
>


-- 
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

[ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Fabian Deutsch

Hey,

what is the expectation/assumption about firewalld on a CentOS 7 host
where you want to install vdsm onto?

Is vdsm taking care of it?

I'm asking this, because firewalld seems to be in the default package
(please correct me if I am wrong) set of CentOS 7 and thus installed
by default.

- fabian
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Fabian Deutsch

On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg  wrote:
> On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
>> Hey,
>>
>> what is the expectation/assumption about firewalld on a CentOS 7 host
>> where you want to install vdsm onto?
>>
>> Is vdsm taking care of it?
>>
>> I'm asking this, because firewalld seems to be in the default package
>> (please correct me if I am wrong) set of CentOS 7 and thus installed
>> by default.
>
> As far as I know, Vdsm runs fine in parallel to firewalld on recent
> el7.1 (there used to be problems in early 7.0 versions).
>
> If this is not the case, please file a bug with precise versions!

Bug 1281417 - vdsm host can not be added with firewalld enabled


Done. Thanks.

fabian
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Dan Kenigsberg

On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
> Hey,
> 
> what is the expectation/assumption about firewalld on a CentOS 7 host
> where you want to install vdsm onto?
> 
> Is vdsm taking care of it?
> 
> I'm asking this, because firewalld seems to be in the default package
> (please correct me if I am wrong) set of CentOS 7 and thus installed
> by default.

As far as I know, Vdsm runs fine in parallel to firewalld on recent
el7.1 (there used to be problems in early 7.0 versions).

If this is not the case, please file a bug with precise versions!
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Dan Kenigsberg

On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg  wrote:
> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
> >> Hey,
> >>
> >> what is the expectation/assumption about firewalld on a CentOS 7 host
> >> where you want to install vdsm onto?
> >>
> >> Is vdsm taking care of it?
> >>
> >> I'm asking this, because firewalld seems to be in the default package
> >> (please correct me if I am wrong) set of CentOS 7 and thus installed
> >> by default.
> >
> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
> > el7.1 (there used to be problems in early 7.0 versions).
> >
> > If this is not the case, please file a bug with precise versions!
> 
> Bug 1281417 - vdsm host can not be added with firewalld enabled

Would everything work all right if Vdsm's port (54321) is opened in
firewalld?

It seems that the host CAN be added, but remains in non-responsive mode
due to the firewall being shut. right?

Regards,
Dan.
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Fabian Deutsch

On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg  wrote:
> On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
>> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg  wrote:
>> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
>> >> Hey,
>> >>
>> >> what is the expectation/assumption about firewalld on a CentOS 7 host
>> >> where you want to install vdsm onto?
>> >>
>> >> Is vdsm taking care of it?
>> >>
>> >> I'm asking this, because firewalld seems to be in the default package
>> >> (please correct me if I am wrong) set of CentOS 7 and thus installed
>> >> by default.
>> >
>> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
>> > el7.1 (there used to be problems in early 7.0 versions).
>> >
>> > If this is not the case, please file a bug with precise versions!
>>
>> Bug 1281417 - vdsm host can not be added with firewalld enabled
>
> Would everything work all right if Vdsm's port (54321) is opened in
> firewalld?

I did not try this yet - but I strongly assume yes.

> It seems that the host CAN be added, but remains in non-responsive mode
> due to the firewall being shut. right?

Correct, vdsm is up and all. It just seems to be the firewall.

Looking at the two bugs:
Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld
Bug 1281417 - vdsm host can not be added with firewalld enabled

I wonder where the firewalld service configuration should happen,
currently in host-deploy, but I don#t really see why theer and not in
vdsm.

- fabian
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Sandro Bonazzola

On Thu, Nov 12, 2015 at 3:06 PM, Fabian Deutsch  wrote:

> On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg  wrote:
> > On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
> >> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg 
> wrote:
> >> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
> >> >> Hey,
> >> >>
> >> >> what is the expectation/assumption about firewalld on a CentOS 7 host
> >> >> where you want to install vdsm onto?
> >> >>
> >> >> Is vdsm taking care of it?
> >> >>
> >> >> I'm asking this, because firewalld seems to be in the default package
> >> >> (please correct me if I am wrong) set of CentOS 7 and thus installed
> >> >> by default.
> >> >
> >> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
> >> > el7.1 (there used to be problems in early 7.0 versions).
> >> >
> >> > If this is not the case, please file a bug with precise versions!
> >>
> >> Bug 1281417 - vdsm host can not be added with firewalld enabled
> >
> > Would everything work all right if Vdsm's port (54321) is opened in
> > firewalld?
>
> I did not try this yet - but I strongly assume yes.
>
> > It seems that the host CAN be added, but remains in non-responsive mode
> > due to the firewall being shut. right?
>
> Correct, vdsm is up and all. It just seems to be the firewall.
>
> Looking at the two bugs:
> Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld
> Bug 1281417 - vdsm host can not be added with firewalld enabled
>
> I wonder where the firewalld service configuration should happen,
> currently in host-deploy, but I don#t really see why theer and not in
> vdsm.
>

firewalld can't be configured right now by host-deploy being the firewall
config sotred in the engine database for iptables only.
We need to add firewalld support in ovirt-engine and in ovirt-host-deploy
to properly support it.




>
> - fabian
> ___
> Devel mailing list
> Devel@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
>



-- 
Sandro Bonazzola
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

2015-11-12 Thread Fabian Deutsch

On Thu, Nov 12, 2015 at 4:27 PM, Sandro Bonazzola  wrote:
>
>
> On Thu, Nov 12, 2015 at 3:06 PM, Fabian Deutsch  wrote:
>>
>> On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg  wrote:
>> > On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:
>> >> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg 
>> >> wrote:
>> >> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:
>> >> >> Hey,
>> >> >>
>> >> >> what is the expectation/assumption about firewalld on a CentOS 7
>> >> >> host
>> >> >> where you want to install vdsm onto?
>> >> >>
>> >> >> Is vdsm taking care of it?
>> >> >>
>> >> >> I'm asking this, because firewalld seems to be in the default
>> >> >> package
>> >> >> (please correct me if I am wrong) set of CentOS 7 and thus installed
>> >> >> by default.
>> >> >
>> >> > As far as I know, Vdsm runs fine in parallel to firewalld on recent
>> >> > el7.1 (there used to be problems in early 7.0 versions).
>> >> >
>> >> > If this is not the case, please file a bug with precise versions!
>> >>
>> >> Bug 1281417 - vdsm host can not be added with firewalld enabled
>> >
>> > Would everything work all right if Vdsm's port (54321) is opened in
>> > firewalld?
>>
>> I did not try this yet - but I strongly assume yes.
>>
>> > It seems that the host CAN be added, but remains in non-responsive mode
>> > due to the firewall being shut. right?
>>
>> Correct, vdsm is up and all. It just seems to be the firewall.
>>
>> Looking at the two bugs:
>> Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld
>> Bug 1281417 - vdsm host can not be added with firewalld enabled
>>
>> I wonder where the firewalld service configuration should happen,
>> currently in host-deploy, but I don#t really see why theer and not in
>> vdsm.
>
>
> firewalld can't be configured right now by host-deploy being the firewall
> config sotred in the engine database for iptables only.
> We need to add firewalld support in ovirt-engine and in ovirt-host-deploy to
> properly support it.

Thanks, that gives me the bigger picture.

- fabian
___
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

[ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

Re: [ovirt-devel] firewalld on vdsm host

9 matches

Site Navigation

Mail list logo

Footer information