<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Nov 13, 2015 at 2:57 PM, Max Kovgan <span dir="ltr"><<a href="mailto:mkovgan@redhat.com" target="_blank">mkovgan@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><p dir="ltr">Can you point me to the table?<br></p></blockquote><div>You can inspect the code in ovirt-engine/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql</div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><p dir="ltr">
Sounds good exercise in b/w compatibility and slow data/schema migration to me.<br>
Is there an RFE for it too?<br></p></blockquote><div><br></div><div><a href="https://bugzilla.redhat.com/show_bug.cgi?id=995362"><b>Bug 995362</b></a> -<span id="summary_alias_container">
(<span id="alias_nonedit_display">ovirt_firewalld_support</span>)
<span id="short_desc_nonedit_display">[RFE] Support firewalld</span></span></div><div><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1075687"><b>Bug 1075687</b></a> -<span id="summary_alias_container">
(<span id="alias_nonedit_display">ovirt_setup_firewalld_support</span>)
<span id="short_desc_nonedit_display">[RFE] Add FirewallD support to hosted-engine setup</span></span><br></div><div><span><span><br></span></span></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><p dir="ltr">
</p><div class=""><div class="h5">
<div class="gmail_quote">On Nov 12, 2015 5:27 PM, "Sandro Bonazzola" <<a href="mailto:sbonazzo@redhat.com" target="_blank">sbonazzo@redhat.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Nov 12, 2015 at 3:06 PM, Fabian Deutsch <span dir="ltr"><<a href="mailto:fdeutsch@redhat.com" target="_blank">fdeutsch@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span>On Thu, Nov 12, 2015 at 2:57 PM, Dan Kenigsberg <<a href="mailto:danken@redhat.com" target="_blank">danken@redhat.com</a>> wrote:<br>
> On Thu, Nov 12, 2015 at 02:42:32PM +0100, Fabian Deutsch wrote:<br>
>> On Thu, Nov 12, 2015 at 2:36 PM, Dan Kenigsberg <<a href="mailto:danken@redhat.com" target="_blank">danken@redhat.com</a>> wrote:<br>
>> > On Thu, Nov 12, 2015 at 12:08:07PM +0100, Fabian Deutsch wrote:<br>
>> >> Hey,<br>
>> >><br>
>> >> what is the expectation/assumption about firewalld on a CentOS 7 host<br>
>> >> where you want to install vdsm onto?<br>
>> >><br>
>> >> Is vdsm taking care of it?<br>
>> >><br>
>> >> I'm asking this, because firewalld seems to be in the default package<br>
>> >> (please correct me if I am wrong) set of CentOS 7 and thus installed<br>
>> >> by default.<br>
>> ><br>
>> > As far as I know, Vdsm runs fine in parallel to firewalld on recent<br>
>> > el7.1 (there used to be problems in early 7.0 versions).<br>
>> ><br>
>> > If this is not the case, please file a bug with precise versions!<br>
>><br>
>> Bug 1281417 - vdsm host can not be added with firewalld enabled<br>
><br>
> Would everything work all right if Vdsm's port (54321) is opened in<br>
> firewalld?<br>
<br>
</span>I did not try this yet - but I strongly assume yes.<br>
<span><br>
> It seems that the host CAN be added, but remains in non-responsive mode<br>
> due to the firewall being shut. right?<br>
<br>
</span>Correct, vdsm is up and all. It just seems to be the firewall.<br>
<br>
Looking at the two bugs:<br>
<span>Bug 995362 - (ovirt_firewalld_support) [RFE] Support firewalld<br>
</span><span>Bug 1281417 - vdsm host can not be added with firewalld enabled<br>
<br>
</span>I wonder where the firewalld service configuration should happen,<br>
currently in host-deploy, but I don#t really see why theer and not in<br>
vdsm.<br></blockquote><div><br></div><div>firewalld can't be configured right now by host-deploy being the firewall config sotred in the engine database for iptables only.</div><div>We need to add firewalld support in ovirt-engine and in ovirt-host-deploy to properly support it.</div><div><br></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<span><font color="#888888"><br>
- fabian<br>
</font></span><div><div>_______________________________________________<br>
Devel mailing list<br>
<a href="mailto:Devel@ovirt.org" target="_blank">Devel@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/devel" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/devel</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr"><div><div dir="ltr">Sandro Bonazzola<br>Better technology. Faster innovation. Powered by community collaboration.<br>See how it works at <a href="http://redhat.com" target="_blank">redhat.com</a><br></div></div></div></div>
</div></div>
<br>_______________________________________________<br>
Devel mailing list<br>
<a href="mailto:Devel@ovirt.org" target="_blank">Devel@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/devel" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/devel</a><br></blockquote></div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Sandro Bonazzola<br>Better technology. Faster innovation. Powered by community collaboration.<br>See how it works at <a href="http://redhat.com" target="_blank">redhat.com</a><br></div></div></div></div>
</div></div>