Hi Gianluca,
I'd like to mention FirewallD support for hosts is oVirt 4.2 feature, so it
was available to you even before upgrade to 4.3.
Anyway, if you want to switch firewall type of a cluster, then you need to
do that in following steps:
1. Change firewall type in the Edit cluster dialog
- when done all hosts in the cluster are marked and message "host
reinstallation is required" is shown
2. For all hosts in the cluster perform following operations:
a. Put host into Maintenance
b. Perform Reinstall on the host from webadmin
c. Activate the host
In the case you have used custom IPTables rules defined using
engine-config, then please take a look at blog post [1], which mentions how
to define those custom rules using FirewallD:
https://www.ovirt.org/blog/2017/12/host-deploy-customization.html
The definition of those custom rules needs to be performed even before you
start host reinstallation.
Please let us know if you have any issues during the process
Regards,
Martin
On Tue, Mar 5, 2019 at 2:10 PM Gianluca Cecchi <gianluca.cec...@gmail.com>
wrote:
> Hello,
> I have updated a 4.2.8 environment to 4.3.1
> So far so good, I have updated cluster level and dc level from 4.2 to 4.3
>
> I notice the field "Firewall type" in my cluster and it is currently set
> to "iptables".
> My 3 hosts are CentOS 7.6 plain servers.
> My external engine is CentOS 7.6 and already with firewalld
>
> I seem to remember in the long run only firewalld supported also on hosts.
> Is this correct and in case is there an ETA/version?
> What would be the steps to pass my current hosts to firewalld in case?
>
> Currently I see:
> iptables enabled and running
> ip6tables disabled
> ebtables disabled
>
> Thanks in advance,
> Gianluca
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/D62RXQO2XYCBQVOCTMAMKQ572HKWST23/
>
--
Martin Perina
Associate Manager, Software Engineering
Red Hat Czech s.r.o.
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/T27S6ERY6KRUWGQSXWBQPYEHW2QHLEZA/
