[ovirt-users] Hosts firewall custom setup

Ondra Machacek omachace at redhat.com
Tue Feb 27 13:15:37 UTC 2018

On 02/27/2018 11:29 AM, Nicolas Ecarnot wrote:
> Le 26/02/2018 à 15:00, Yedidyah Bar David a écrit :
>>> But how do we add custom rules in case of firewalld type?
>> Please see: https://ovirt.org/blog/2017/12/host-deploy-customization/
> Hello Didi and al,
> - I followed the advices found in this blog page, I created the exact 
> same filename with the adequate content.
> - I've setup the cluster type to firewalld
> - I restarted ovirt-engine
> - I reinstalled a host
> I see no usage of this Ansible yml file.
> I see the creation of an ansible deploy log file for my host, and I see 
> the usual firewall ports being opened, but I see nowhere any usage of 
> the /etc/ovirt-engine/ansible/ovirt-host-deploy-post-tasks.yml file.
> - I added the debug msg part in the ansible recipe, but to no avail.
> - Huge grepping through the /var/log of the engine shows no calls of 
> this script.
> Thus, I see no effect on ports of the host's firewalld config.
> What should I look at now?

It looks like you hit the following bug:


It will be fixed in 4.2.2 release.

I believe you can meanwhile remove line:

  - oVirt-metrics

from file:


> Thank you.

More information about the Users mailing list