Douglas Schilling Landgraf has uploaded a new change for review. Change subject: rhevh7-post: add the ovirt xml firewalld file ......................................................................
rhevh7-post: add the ovirt xml firewalld file To allow tradicional ovirt services communicate, we must let firewalld know. This patch adds the needed rules. Change-Id: I88b40bbdef860d77299d38556d38413f7536d7ff Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1150328 Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M recipe/rhevh7-post.ks 1 file changed, 20 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/15/33915/1 diff --git a/recipe/rhevh7-post.ks b/recipe/rhevh7-post.ks index ab71dae..6d8786a 100644 --- a/recipe/rhevh7-post.ks +++ b/recipe/rhevh7-post.ks @@ -60,6 +60,26 @@ sed -i '/rm -f \/etc\/ntp.conf/d' $DHSCRIPT sed -i '/rm -f \/etc\/yp.conf/d' $DHSCRIPT +echo "Configuring firewalld" +cat > /usr/lib/firewalld/services/ovirt.xml << \EOF +<?xml version="1.0" encoding="utf-8"?> +<service> + <short>ovirt-node</short> + <description>This service opens necessary ports for ovirt-node operations</description> + <!-- libvirt tls --> + <port protocol="tcp" port="16514"/> + <!-- guest consoles --> + <port protocol="tcp" port="5634-6166"/> + <!-- migration --> + <port protocol="tcp" port="49152-49216"/> + <!-- snmp --> + <port protocol="udp" port="161"/> +</service> +EOF + +# enable required services +firewall-offline-cmd -s ovirt + # bz#1128523 - replace dirs with files to keep everything below /var/lib/puppet sed -ie 's/dirs[ \t]\+\(.*puppet\)//1' /etc/rwtab echo "files /var/lib/puppet" >> /etc/rwtab -- To view, visit http://gerrit.ovirt.org/33915 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I88b40bbdef860d77299d38556d38413f7536d7ff Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
