Description of problem: Disable firewalld for RHGS 3.1 through post-script of redhat-storage-server pacakge. Version-Release number of selected component (if applicable): RHGSS-3.1-RHEL-7-20150714.n.1-RHGSS-x86_64-dvd1.iso redhat-storage-server-3.1.0.1-2.el7rhgs.noarch How reproducible: Steps to Reproduce: 1. Install using ISO RHGSS-3.1-RHEL-7-20150714.n.1-RHGSS-x86_64-dvd1.iso or 2. do a layered install of RHGS-3.1 on RHEL-7 Actual results: firewalld service is enabled by default in a RHGS-3.1 el7 based ISO installation or on a layered installation. However, all the required ports are not opened by default and as a result 'gluster peer probe' and other operations fails unless and until all the required ports are opened manually. See https://bugzilla.redhat.com/show_bug.cgi?id=1243277 for more details #### -bash-4.2# systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: active (running) since Wed 2015-07-15 02:36:04 EDT; 24h ago Main PID: 620 (firewalld) CGroup: /system.slice/firewalld.service └─620 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid #### Expected results: So as decided in the meeting, we need to disable the firewalld service for now until we have BZ 1243277 fixed. Additional info:
Decision at RHGS 3.1 Blocker BZ Status Check meeting on 18 July 2015 : should not change the security characteristics of the RHEL platform, so cannot have firewalld disabled at RHGS-3.1-RHEL7 install admin needs to manually configure the firewall based on list of RHGS 3.1 required ports documented Closing this BZ.