<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Hi,<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">we have just merged patches [1], which adds the ability to use firewalld instead of iptables on oVirt hosts.<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">The type of firewall can be defined per cluster, there is new combo box &#39;Firewall Type&#39; in &#39;Cluster Detail&#39; dialog. By default all new clusters will be created with firewalld enabled, existing clusters needs to be switched from iptables to firewalld manually and then invoke Reinstall on all hosts in a cluster. Be aware that firewalld can be enabled only for hosts with 4.2 capabilities (VDSM &gt;= 4.20.0).<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Firewalld deployment is using Ansible role introduced in new ovirt-ansible-roles package [2], which executes ovirt-host-deploy role [3]. ovirt-ansible-roles package is installed automatically if engine is installed from RPM, but for development environment installation please take a look at [4], because ovirt-ansible-roles needs to be installed manually into development environment prefix.<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Please let me or Ondra know if you find any issues.<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Thanks<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Martin<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br>[1] <a href="https://gerrit.ovirt.org/78504">https://gerrit.ovirt.org/78504</a><br>[2] <a href="https://github.com/ovirt/ovirt-ansible">https://github.com/ovirt/ovirt-ansible</a><br>[3] <a href="https://github.com/oVirt/ovirt-ansible/blob/master/roles/ovirt-host-deploy/README.md">https://github.com/oVirt/ovirt-ansible/blob/master/roles/ovirt-host-deploy/README.md</a><br>[4] <a href="https://github.com/oVirt/ovirt-engine/blob/master/README.adoc#host-deploy-via-ansible">https://github.com/oVirt/ovirt-engine/blob/master/README.adoc#host-deploy-via-ansible</a><br></div></div>