Bug 1264768

Summary: Need to explain the way to add glusterfs service using firewall-cmd, when the network interface is not managed by network manager
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: SATHEESARAN <sasundar>
Component: glusterdAssignee: Bug Updates Notification Mailing List <rhs-bugs>
Status: CLOSED WONTFIX QA Contact: storage-qa-internal <storage-qa-internal>
Severity: high Docs Contact:
Priority: unspecified    
Version: rhgs-3.1CC: amukherj, nlevinki, sasundar, vbellur
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-01-30 02:03:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description SATHEESARAN 2015-09-21 07:29:37 UTC 
Description of problem:
-----------------------
When the network manager is not managing the interface (NM_CONTROLLED=no), then --get-active-zone doesn't gets any zone.

Adding the glusterfs service is explained with getting the active zone first and then adding glusterfs service to that zone.

If the interface is not managed by network manager, then the outcome should be explained - how to add glusterfs service in that case

Version-Release number of selected component (if applicable):
-------------------------------------------------------------
glusterfs-3.7.1-15.el7rhgs

How reproducible:
-----------------
Always

Steps to Reproduce:
-------------------
1. Update interface config file so that the interface shouldn't be managed by Network Manager. ( NM_CONTROLLED=no , in /etc/sysconfig/network-scripts/ifcfg-ens3 & restart network.service )

2. Try to follow the steps to add glusterfs firewalld service to the active-zone

Actual results:
---------------
Unable to proceed to add glusterfs firewalld service, as there is no active zone returned by firewall-cmd command as network manager is not managing that network interface

Expected results:
-----------------
1. There should be a way to add glusterfs firewall service to the interface, when that interface is no longer managed by Network Manager

2. If its not possible and there is no workaround, then the same should be documented as a note
Comment 1 SATHEESARAN 2015-09-21 07:32:59 UTC 
Thanks Surabhi for finding this issue with Samba AD setup, where the interface is not managed by Network Manager

The same case applies with network bridge configured in the setup. Recommended way to configure Network bridge is that it should not be managed by network manager. In that case, again the same problem is seen.

For example, when RHGS node is managed with RHEVM or RHSC.

[root@ ~]# firewall-cmd --state
running
[root@ ~]# firewall-cmd --get-zones
block dmz drop external home internal public trusted work
[root@ ~]# firewall-cmd --get-active-zones