Description of problem: ovirt-provider-ovn supplies firewalld configuration that should be supplied by openvswitch-ovn-central. Version-Release number of selected component (if applicable): oVirt Engine Version: 4.2.0-0.0.master.20170522205719.git160e419.el7.centos How reproducible: 100% Actual results: ovirt-provider-ovn creates /usr/lib/firewalld/services/ovirt-provider-ovn-central.xml, with content: <?xml version="1.0" encoding="utf-8"?> <service> <short>ovirt-provider-ovn-central</short> <description>Firewall service for ovn central. This is a stopgap until OVN will take care of handling the opening of the firewall ports itself.</description> <port protocol="tcp" port="6641"/> <port protocol="tcp" port="6642"/> </service> When we already have /usr/lib/firewalld/services/ovn-central-firewall-service.xml created by openvswitch-ovn-central, with content: <?xml version="1.0" encoding="utf-8"?> <service> <short>ovn-central-firewall-service</short> <description>Firewall service for ovn central</description> <port protocol="tcp" port="6641"/> <port protocol="tcp" port="6442"/> </service> ** ignore the second port: 6442, i will open a second bug for OVS team. ** Expected results: firewalld configuration for OVS related components should be supplied by the openvswitch-ovn-central package.
Verified on: 4.2.0-0.0.master.20170605153216.gita063574.el7.centos
This bugzilla is included in oVirt 4.2.0 release, published on Dec 20th 2017. Since the problem described in this bug report should be resolved in oVirt 4.2.0 release, published on Dec 20th 2017, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.