Bug 1032431 - Installation of OpenShift Origin on Fedora 19 removed firewalld
Summary: Installation of OpenShift Origin on Fedora 19 removed firewalld
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: OKD
Classification: Red Hat
Component: Pod
Version: 2.x
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Abhishek Gupta
QA Contact: libra bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-11-20 07:53 UTC by Jan Pazdziora
Modified: 2017-05-31 18:22 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-05-31 18:22:11 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Jan Pazdziora 2013-11-20 07:53:36 UTC 
Description of problem:

When OpenShift Origin installation is attempted using instructions at

   http://openshift.github.io/documentation/oo_deployment_guide_puppet.html#configuring-an-all-in-one-host

it removes firewalld. It is unfortunate as OpenShift should be able to install with the default firewalling solution (and as of three months ago, it was possible).

Version-Release number of selected component (if applicable):

OpenShift Origin nightly as of today.

How reproducible:

Deterministic.

Steps to Reproduce:
1. Run rpm -qf /usr/bin/firewall-cmd, check that firewalld is installed.
2. Run puppet apply --verbose configure_origin.pp.
3. Run rpm -qf /usr/bin/firewall-cmd again.

Actual results:

# rpm -qf /usr/bin/firewall-cmd
error: file /usr/bin/firewall-cmd: No such file or directory

Expected results:

error: file /usr/bin/firewall-cmd: No such file or directory

Additional info:

The following piece in /etc/puppet/modules/openshift_origin/manifests/firewall.pp seems to be the culprit:

  ensure_resource('package', 'iptables', {})
  ensure_resource('package', 'firewalld', {
      ensure => 'absent',
    }
  )
Comment 1 Zamir SUN 2014-01-28 16:40:01 UTC 
As I see from the oo-install user's guide, openshift do not support firewalld yet.
http://openshift.github.io/documentation/oo_install_users_guide.html

(In reply to Jan Pazdziora from comment #0)
> Description of problem:
> 
> When OpenShift Origin installation is attempted using instructions at
> 
>   
> http://openshift.github.io/documentation/oo_deployment_guide_puppet.
> html#configuring-an-all-in-one-host
> 
> it removes firewalld. It is unfortunate as OpenShift should be able to
> install with the default firewalling solution (and as of three months ago,
> it was possible).
> 
> Version-Release number of selected component (if applicable):
> 
> OpenShift Origin nightly as of today.
> 
> How reproducible:
> 
> Deterministic.
> 
> Steps to Reproduce:
> 1. Run rpm -qf /usr/bin/firewall-cmd, check that firewalld is installed.
> 2. Run puppet apply --verbose configure_origin.pp.
> 3. Run rpm -qf /usr/bin/firewall-cmd again.
> 
> Actual results:
> 
> # rpm -qf /usr/bin/firewall-cmd
> error: file /usr/bin/firewall-cmd: No such file or directory
> 
> Expected results:
> 
> error: file /usr/bin/firewall-cmd: No such file or directory
> 
> Additional info:
> 
> The following piece in
> /etc/puppet/modules/openshift_origin/manifests/firewall.pp seems to be the
> culprit:
> 
>   ensure_resource('package', 'iptables', {})
>   ensure_resource('package', 'firewalld', {
>       ensure => 'absent',
>     }
>   )
Comment 2 Eric Paris 2017-05-31 18:22:11 UTC 
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.
Note You need to log in before you can comment on or make changes to this bug.