[ovirt-users] Hosts firewall custom setup

Nicolas Ecarnot nicolas at ecarnot.net
Wed Feb 28 07:46:23 UTC 2018


Hello,

For the record :
The workaround you suggest below is successful.

Thank you.

-- 
Nicolas Ecarnot

Le 27/02/2018 à 14:15, Ondra Machacek a écrit :
> 
> 
> On 02/27/2018 11:29 AM, Nicolas Ecarnot wrote:
>> Le 26/02/2018 à 15:00, Yedidyah Bar David a écrit :
>>>> But how do we add custom rules in case of firewalld type?
>>>
>>> Please see: https://ovirt.org/blog/2017/12/host-deploy-customization/
>> Hello Didi and al,
>>
>> - I followed the advices found in this blog page, I created the exact 
>> same filename with the adequate content.
>> - I've setup the cluster type to firewalld
>> - I restarted ovirt-engine
>> - I reinstalled a host
>>
>> I see no usage of this Ansible yml file.
>> I see the creation of an ansible deploy log file for my host, and I 
>> see the usual firewall ports being opened, but I see nowhere any usage 
>> of the /etc/ovirt-engine/ansible/ovirt-host-deploy-post-tasks.yml file.
>> - I added the debug msg part in the ansible recipe, but to no avail.
>> - Huge grepping through the /var/log of the engine shows no calls of 
>> this script.
>>
>> Thus, I see no effect on ports of the host's firewalld config.
>>
>> What should I look at now?
> 
> It looks like you hit the following bug:
> 
>   https://bugzilla.redhat.com/show_bug.cgi?id=1549163
> 
> It will be fixed in 4.2.2 release.
> 
> I believe you can meanwhile remove line:
> 
>   - oVirt-metrics
> 
> from file:
> 
> /usr/share/ovirt-engine/playbooks/roles/ovirt-host-deploy/meta/main.yml
> 
>>
>> Thank you.
>>


More information about the Users mailing list