diff options
author | anand <anekkunt@redhat.com> | 2015-08-22 01:09:53 +0530 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2015-09-10 23:44:50 -0700 |
commit | 7f327d3b4f9222995d2ee78862e48ca44c28411c (patch) | |
tree | d9bfa0ce8ab13e073fca84114ef8eb5a2307125d /configure.ac | |
parent | 22cad7b522f223b47d87df6724f34273306ab7cd (diff) |
firewall/spec: Create glusterfs firewall service if firewalld installed.
It creates glusterfs firewall service during installation.
glusterfs service : It contains all default ports which needs to be opened.
During installation glusterfs.xml is copied into firewall service directory(/usr/lib/firewalld/services/).
Note:
1.For bricks: It opens the 512 ports, if brick is running out side this range(>49664) then admin need to open the port
for that brick.
2.By default this service is not enabled in any of zone.
To enable this service(glusterfs) in firewall:
1. Get active zone(s) in node
firewall-cmd --get-active-zones
2. Attached this service(glusterfs) to zone(s)
firewall-cmd --zone=<zone_name> --add-service=glusterfs --To apply runtime
firewall-cmd --permanent --zone=<zone_name> --add-service=glusterfs --To apply permanent
Note:
we can also use firewall-config which gives GUI to configure firewall.
Change-Id: Id97fe620c560fd10599511d751aed11a99ba4da5
BUG: 1253967
Signed-off-by: anand <anekkunt@redhat.com>
Reviewed-on: http://review.gluster.org/11989
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index a46b532fdd2..3245d1fa20c 100644 --- a/configure.ac +++ b/configure.ac @@ -211,6 +211,7 @@ AC_CONFIG_FILES([Makefile extras/ocf/volume extras/LinuxRPM/Makefile extras/geo-rep/Makefile + extras/firewalld/Makefile extras/hook-scripts/add-brick/Makefile extras/hook-scripts/add-brick/pre/Makefile extras/hook-scripts/add-brick/post/Makefile @@ -731,6 +732,22 @@ AC_SUBST(ZLIB_CFLAGS) AC_SUBST(ZLIB_LIBS) # end CDC xlator secion +#start firewalld section +BUILD_FIREWALLD="no" +AC_ARG_ENABLE([firewalld], + AC_HELP_STRING([--enable-firewalld], + [enable installation configuration for firewalld]), + [BUILD_FIREWALLD="${enableval}"], [BUILD_FIREWALLD="no"]) + +if test "x${BUILD_FIREWALLD}" = "xyes"; then + if !(which firewalld 1>/dev/null 2>&1) ; then + BUILD_FIREWALLD="no (firewalld not installed)" + fi +fi +AM_CONDITIONAL([USE_FIREWALLD],test ["x${BUILD_FIREWALLD}" = "xyes"]) + +#endof firewald section + # Data tiering requires sqlite AC_ARG_ENABLE([tiering], AC_HELP_STRING([--disable-tiering], @@ -1351,4 +1368,5 @@ echo "Encryption xlator : $BUILD_CRYPT_XLATOR" echo "Unit Tests : $BUILD_UNITTEST" echo "POSIX ACLs : $BUILD_POSIX_ACLS" echo "Data Classification : $BUILD_GFDB" +echo "firewalld-config : $BUILD_FIREWALLD" echo |