Description of problem: Currently glusterfs firewall service is created if firewalld installed. It creates glusterfs firewall service during installation. glusterfs service : It contains all default ports which needs to be opened. During installation glusterfs.xml is copied into firewall service directory(/usr/lib/firewalld/services/). This is what currently happens: 1.For bricks: It opens the 512 ports, if brick is running out side this range(>49664) then admin need to open the port for that brick. 2.By default this service is not enabled in any of zone. To enable this service(glusterfs) in firewall: 1. Get active zone(s) in node firewall-cmd --get-active-zones 2. Attached this service(glusterfs) to zone(s) firewall-cmd --zone=<zone_name> --add-service=glusterfs --To apply runtime firewall-cmd --permanent --zone=<zone_name> --add-service=glusterfs --To apply permanent This mechanism for opening ports for firewall is no more needed with the new port map architecture, hence we need to mop this off. Version-Release number of selected component (if applicable): mainline
(In reply to Prasanna Kumar Kalever from comment #0) ... > This mechanism for opening ports for firewall is no more needed with the new > port map architecture, hence we need to mop this off. Pointer to the updated documentation about the new port map architecture? How is GlusterD going to open ports dynamically?
Is it required even now? Why was no one bothered about in years?
I don't think we're going to work on this any longer in GD1. Appreciate if this can be closed as won't fix. I'll wait for couple of days for Prasanna to come over, otherwise would close this.
I'm closing this for now. If there's any valid justification please reopen.