From 85ebb3a868560c5272c0c8a16a99d5073edcad1e Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 19 Aug 2014 10:54:59 -0500 Subject: [PATCH] Remove firewalld on Fedora 20 by default firewalld interacts badly with the libvirt on f20, causing slow-downs so great that it can timeout the gate. Developers who want to leave it enabled should set FORCE_FIREWALLD=True Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799 --- lib/nova_plugins/functions-libvirt | 2 +- tools/fixup_stuff.sh | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt index 6fb5c38930..258e1a40e6 100644 --- a/lib/nova_plugins/functions-libvirt +++ b/lib/nova_plugins/functions-libvirt @@ -37,7 +37,7 @@ function install_libvirt { # and HP images used in the gate; rackspace has firewalld but hp # cloud doesn't. RHEL6 doesn't have firewalld either. So we # don't care if it fails. - if is_fedora; then + if is_fedora && is_package_installed firewalld; then sudo service firewalld restart || true fi } diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh index d849302a13..1732eccdbe 100755 --- a/tools/fixup_stuff.sh +++ b/tools/fixup_stuff.sh @@ -103,6 +103,21 @@ if is_fedora; then if selinuxenabled; then sudo setenforce 0 fi + + FORCE_FIREWALLD=$(trueorfalse False $FORCE_FIREWALLD) + if [[ ${DISTRO} =~ (f19|f20) && $FORCE_FIREWALLD == "False" ]]; then + # On Fedora 19 and 20 firewalld interacts badly with libvirt and + # slows things down significantly. However, for those cases + # where that combination is desired, allow this fix to be skipped. + + # There was also an additional issue with firewalld hanging + # after install of libvirt with polkit. See + # https://bugzilla.redhat.com/show_bug.cgi?id=1099031 + if is_package_installed firewalld; then + uninstall_package firewalld + fi + fi + fi # RHEL6