Description of problem: ----------------------- When the network manager is not managing the interface (NM_CONTROLLED=no), then --get-active-zone doesn't gets any zone. Adding the glusterfs service is explained with getting the active zone first and then adding glusterfs service to that zone. If the interface is not managed by network manager, then the outcome should be explained - how to add glusterfs service in that case Version-Release number of selected component (if applicable): ------------------------------------------------------------- glusterfs-3.7.1-15.el7rhgs How reproducible: ----------------- Always Steps to Reproduce: ------------------- 1. Update interface config file so that the interface shouldn't be managed by Network Manager. ( NM_CONTROLLED=no , in /etc/sysconfig/network-scripts/ifcfg-ens3 & restart network.service ) 2. Try to follow the steps to add glusterfs firewalld service to the active-zone Actual results: --------------- Unable to proceed to add glusterfs firewalld service, as there is no active zone returned by firewall-cmd command as network manager is not managing that network interface Expected results: ----------------- 1. There should be a way to add glusterfs firewall service to the interface, when that interface is no longer managed by Network Manager 2. If its not possible and there is no workaround, then the same should be documented as a note
Thanks Surabhi for finding this issue with Samba AD setup, where the interface is not managed by Network Manager The same case applies with network bridge configured in the setup. Recommended way to configure Network bridge is that it should not be managed by network manager. In that case, again the same problem is seen. For example, when RHGS node is managed with RHEVM or RHSC. [root@ ~]# firewall-cmd --state running [root@ ~]# firewall-cmd --get-zones block dmz drop external home internal public trusted work [root@ ~]# firewall-cmd --get-active-zones