Bug 1424782
Summary: | Supply firewalld service configuration file | ||
---|---|---|---|
Product: | [oVirt] ovirt-provider-ovn | Reporter: | Mor <mkalfon> |
Component: | provider | Assignee: | Marcin Mirecki <mmirecki> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Mor <mkalfon> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | bugs, danken, myakove, stirabos, ylavi |
Target Milestone: | ovirt-4.1.3 | Flags: | rule-engine:
ovirt-4.1+
ykaul: exception- |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-07-06 13:21:58 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Network | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 995362, 1446130 |
Description
Mor
2017-02-19 12:19:42 UTC
Fixed with patches: https://gerrit.ovirt.org/#/c/71585/ https://gerrit.ovirt.org/#/c/72690/ Fix available in: ovirt-provider-ovn-1.0-6.el7ev -rw-r--r--. 1 root root 216 Jan 23 12:47 ovirt-fence-kdump-listener.xml -rw-r--r--. 1 root root 185 Jan 23 12:47 ovirt-https.xml -rw-r--r--. 1 root root 182 Jan 23 12:47 ovirt-http.xml -rw-r--r--. 1 root root 192 Jan 23 12:47 ovirt-imageio-proxy.xml -rw-r--r--. 1 root root 572 Jan 23 12:47 ovirt-nfs.xml -rw-r--r--. 1 root root 192 Jan 23 12:47 ovirt-postgres.xml -rwxr-xr-x. 1 root root 344 Feb 27 15:20 ovirt-provider-ovn-central.xml -rwxr-xr-x. 1 root root 181 Feb 27 15:20 ovirt-provider-ovn.xml -rw-r--r--. 1 root root 207 Jan 23 12:47 ovirt-vmconsole-proxy.xml -rw-r--r--. 1 root root 206 Jan 23 12:47 ovirt-websocket-proxy.xml File permissions for ovirt-provider-ovn-*.xml files are not set with mode 644. Included in 1.0-7 build. https://errata.devel.redhat.com/advisory/28277 Marcin, we have 6442 TCP port in ovirt-provider-ovn-central.xml. It's supposed to be port 6642. Please fix. Verified on: ovirt-provider-ovn-1.1-2.20170531131557.git61bec06.el7.centos.noarch ovirt-provider-ovn-driver-1.1-2.20170531131557.git61bec06.el7.centos.noarch On host: 1. Mo firewalld service file is supplied by ovirt-provider-ovn-driver. 2. openvswitch-ovn-host suppiles service file with port UDP 6081. On central: 1. ovirt-provider-ovn supplies port TCP 9696. 2. openvswitch-ovn-central supplies ports TCP: 6641 & 6642. 3. File permissions on /usr/lib/firewalld/services/ovirt-provider-ovn.xml are 644. NOTE: No OVN functionality tests were done, only checks that the relevant ports are open on the servers. Due to the fact that vdsm is currently do not support firewalld. |