Bug 1362570 - If firewalld section is available in the conf file, then gdeploy should check for firewalld service
Summary: If firewalld section is available in the conf file, then gdeploy should check...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Gluster Storage
Classification: Red Hat Storage
Component: gdeploy
Version: rhgs-3.1
Hardware: x86_64
OS: Linux
unspecified
low
Target Milestone: ---
: RHGS 3.1.3 Async
Assignee: Sachidananda Urs
QA Contact: RamaKasturi
URL:
Whiteboard:
: 1379543 (view as bug list)
Depends On:
Blocks: 1351522
TreeView+ depends on / blocked
 
Reported: 2016-08-02 14:21 UTC by SATHEESARAN
Modified: 2017-03-07 17:42 UTC (History)
5 users (show)

Fixed In Version: gdeploy-2.0.1-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-07 11:34:21 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0260 0 normal SHIPPED_LIVE Important: ansible and gdeploy security and bug fix update 2017-02-07 16:32:47 UTC

Description SATHEESARAN 2016-08-02 14:21:10 UTC 
Description of problem:
-----------------------
FirewallD daemon is not turned on, even when the config file contains firewalld rules

Version-Release number of selected component (if applicable):
-------------------------------------------------------------
gdeploy-2.0-16

How reproducible:
-----------------
Always

Steps to Reproduce:
-------------------
0. Stop firewalld 
1. create a gdeploy conf file to add firewall services and ports

Actual results:
---------------
There are errors even when firewalld rules are mentioned

Expected results:
-----------------
When firewall section is available, I expect gdeploy to start firewalld if not running

Additional info:
-----------------
TASK: [Add/Delete services to firewalld rules] ******************************** 
failed: [dell-r430-7.gsslab.pnq.redhat.com] => (item=glusterfs) => {"failed": true, "item": "glusterfs", "parsed": false}
failed=True msg='failed to connect to the firewalld daemon'
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to dell-r430-7.gsslab.pnq.redhat.com closed.
Comment 3 Sachidananda Urs 2016-08-11 07:14:00 UTC 
gdeploy now checks if firewalld is already running. If not starts the firewall service.
Comment 4 RamaKasturi 2016-09-27 06:04:38 UTC 
*** Bug 1379543 has been marked as a duplicate of this bug. ***
Comment 5 RamaKasturi 2016-09-30 09:06:25 UTC 
Verified and works fine with build gdeploy-2.0.1-2.el7rhgs.noarch.

When firewalld is not started, gdeploy starts firewalld and opens the ports.

TASK [Start firewalld if not already started] **********************************
changed: [10.70.36.82]

If already started, it does not start it again.
Comment 7 errata-xmlrpc 2017-02-07 11:34:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0260.html
Note You need to log in before you can comment on or make changes to this bug.