Sandro Bonazzola has uploaded a new change for review. Change subject: packaging: firewall: override iptables configuration ......................................................................
packaging: firewall: override iptables configuration Previously iptables configuration was not overridden when the host was added to the engine. Now override_iptables is specified when adding the host. Requiring iptables also on systems with FirewallD because the engine still doesn't support FirewallD. Change-Id: I03b0bc75dcbdc92d6f430e3a11d0549a3f0172c0 Bug-Url: https://bugzilla.redhat.com/1014616 Signed-off-by: Sandro Bonazzola <sbona...@redhat.com> --- M ovirt-hosted-engine-setup.spec.in M src/plugins/ovirt-hosted-engine-setup/engine/add_host.py M src/plugins/ovirt-hosted-engine-setup/network/firewall_manager.py 3 files changed, 9 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-hosted-engine-setup refs/changes/30/20030/1 diff --git a/ovirt-hosted-engine-setup.spec.in b/ovirt-hosted-engine-setup.spec.in index 2787d61..9c5d99a 100644 --- a/ovirt-hosted-engine-setup.spec.in +++ b/ovirt-hosted-engine-setup.spec.in @@ -54,6 +54,7 @@ Requires: sanlock >= 2.8 Requires: sanlock-python >= 2.8 Requires: lsof +Requires: iptables BuildRequires: gettext BuildRequires: otopi-devel >= 1.1.0 BuildRequires: python2-devel diff --git a/src/plugins/ovirt-hosted-engine-setup/engine/add_host.py b/src/plugins/ovirt-hosted-engine-setup/engine/add_host.py index 019cad5..aa658d6 100644 --- a/src/plugins/ovirt-hosted-engine-setup/engine/add_host.py +++ b/src/plugins/ovirt-hosted-engine-setup/engine/add_host.py @@ -344,6 +344,7 @@ ohostedcons.NetworkEnv.SSHD_PORT ], ), + override_iptables=True, ) ) except ovirtsdk.infrastructure.errors.RequestError as e: diff --git a/src/plugins/ovirt-hosted-engine-setup/network/firewall_manager.py b/src/plugins/ovirt-hosted-engine-setup/network/firewall_manager.py index 833b0d8..6181136 100644 --- a/src/plugins/ovirt-hosted-engine-setup/network/firewall_manager.py +++ b/src/plugins/ovirt-hosted-engine-setup/network/firewall_manager.py @@ -133,6 +133,13 @@ ), ) def _customization(self): + # TODO: remove the following line when FirewallD will be supported + # by ovirt-engine. Actually the engine is not able to configure + # FirewallD while it's adding an host + # It has to be done here and not at init stage because it's assigned + # at customization stage by otopi. + self.environment[otopicons.NetEnv.FIREWALLD_AVAILABLE] = False + if self.environment[ohostedcons.NetworkEnv.FIREWALL_MANAGER] is None: managers = [] if self.environment[otopicons.NetEnv.FIREWALLD_AVAILABLE]: -- To view, visit http://gerrit.ovirt.org/20030 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I03b0bc75dcbdc92d6f430e3a11d0549a3f0172c0 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-hosted-engine-setup Gerrit-Branch: master Gerrit-Owner: Sandro Bonazzola <sbona...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
