On 07/06/2017 04:31 PM, Uwe Sauter wrote:
Alternatively you can
systemctl disable firewalld.service
systemctl mask firewalld.service
yum install iptables-services
systemctl enable iptables.service ip6tables.service
and configure configure iptables in /etc/sysconfig/iptables and
/etc/sysconfig/ip6tables, then
systemctl start iptables.service ip6tables.service
Yes, this is possible, but I would say it's discouraged to do so.
With RHEL/CentOS 7 you really should be using firewalld, and forget
about the old iptables. Here's a nice introduction:
https://www.certdepot.net/rhel7-get-started-firewalld/
Having worked with firewalld for a while now, I find it more flexible to
use. Admittedly, there is a bit of a learning curve.
The crucial part is to ensure that either firewalld *or* iptables is running
but not both. Or you could run without firewall at
all *if* you trust your network…
Agreed. The compute node network *has to be* trusted in order for Slurm
to work.
/Ole
