diff options
| author | anand <anekkunt@redhat.com> | 2015-08-22 01:09:53 +0530 |
|---|---|---|
| committer | Niels de Vos <ndevos@redhat.com> | 2015-10-15 15:53:03 -0700 |
| commit | 429669168f6e13798c04ad0641909493c213f22e (patch) | |
| tree | 9cdb97a1282c5b5cb5d18808aacc6b2c308ef5ee /configure.ac | |
| parent | 0f72aa8668a6d2da4cce9cd04296454f2bc99d58 (diff) | |
firewall/spec: Create glusterfs firewall service if firewalld installed.
It creates glusterfs firewall service during installation.
glusterfs service : It contains all default ports which needs to be opened.
During installation glusterfs.xml is copied into firewall service directory(/usr/lib/firewalld/services/).
Note:
1.For bricks: It opens the 512 ports, if brick is running out side this range(>49664) then admin need to open the port
for that brick.
2.By default this service is not enabled in any of zone.
To enable this service(glusterfs) in firewall:
1. Get active zone(s) in node
firewall-cmd --get-active-zones
2. Attached this service(glusterfs) to zone(s)
firewall-cmd --zone=<zone_name> --add-service=glusterfs --To apply runtime
firewall-cmd --permanent --zone=<zone_name> --add-service=glusterfs --To apply permanent
Note:
we can also use firewall-config which gives GUI to configure firewall.
Backport of:
>Change-Id: Id97fe620c560fd10599511d751aed11a99ba4da5
>BUG: 1253967
>Signed-off-by: anand <anekkunt@redhat.com>
>Reviewed-on: http://review.gluster.org/11989
>Reviewed-by: Niels de Vos <ndevos@redhat.com>
>Tested-by: NetBSD Build System <jenkins@build.gluster.org>
>Tested-by: Gluster Build System <jenkins@build.gluster.com>
>(cherry picked from commit 7f327d3b4f9222995d2ee78862e48ca44c28411c)
Change-Id: Iacf44b15ffb176c965c7f3b074065a54cf785dc7
BUG: 1057295
Signed-off-by: anand <anekkunt@redhat.com>;
Reviewed-on: http://review.gluster.org/12357
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index a93c1cd6de3..dfe105fab66 100644 --- a/configure.ac +++ b/configure.ac @@ -211,6 +211,7 @@ AC_CONFIG_FILES([Makefile extras/ocf/volume extras/LinuxRPM/Makefile extras/geo-rep/Makefile + extras/firewalld/Makefile extras/hook-scripts/add-brick/Makefile extras/hook-scripts/add-brick/pre/Makefile extras/hook-scripts/add-brick/post/Makefile @@ -731,6 +732,22 @@ AC_SUBST(ZLIB_CFLAGS) AC_SUBST(ZLIB_LIBS) # end CDC xlator secion +#start firewalld section +BUILD_FIREWALLD="no" +AC_ARG_ENABLE([firewalld], + AC_HELP_STRING([--enable-firewalld], + [enable installation configuration for firewalld]), + [BUILD_FIREWALLD="${enableval}"], [BUILD_FIREWALLD="no"]) + +if test "x${BUILD_FIREWALLD}" = "xyes"; then + if !(which firewalld 1>/dev/null 2>&1) ; then + BUILD_FIREWALLD="no (firewalld not installed)" + fi +fi +AM_CONDITIONAL([USE_FIREWALLD],test ["x${BUILD_FIREWALLD}" = "xyes"]) + +#endof firewald section + # Data tiering requires sqlite AC_ARG_ENABLE([tiering], AC_HELP_STRING([--disable-tiering], @@ -1343,4 +1360,5 @@ echo "Encryption xlator : $BUILD_CRYPT_XLATOR" echo "Unit Tests : $BUILD_UNITTEST" echo "POSIX ACLs : $BUILD_POSIX_ACLS" echo "Data Classification : $BUILD_GFDB" +echo "firewalld-config : $BUILD_FIREWALLD" echo |