Comments (7)
It's a bug in firewalld that appears when masquerading is enabled.
Description:
https://bugzilla.redhat.com/show_bug.cgi?id=904098
https://bugzilla.redhat.com/show_bug.cgi?id=1326130
Workaround:
Disable masquerading on the controller. Comment out this line:
FWD_NAT_PUBLIC=1
Long-term fix:
The package included in RHEL7 has the bug, I will try to ship an updated one in the local repo for the time being.
from trinityx.
I couldn't find a prebuilt update for CentOS 7. Firewalld is integrated with systemd and dbus, and I end up very quickly with conflicts.
Down the line I may end up rebuilding one, because this is one annoying issue. For now I disabled NAT by default and added a warning message in the config file.
from trinityx.
Can we just drop chrony and instal old well known ntpd?
On Aug 12, 2016 3:18 PM, "jflf-CV" [email protected] wrote:
I couldn't find a prebuilt update for CentOS 7. Firewalld is integrated
with systemd and dbus, and I end up very quickly with conflicts.
Down the line I may end up rebuilding one, because this is one annoying
issue. For now I disabled NAT by default and added a warning message in the
config file.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#51 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFvTCL7sKlFgv9bU_HSszBv41UM_1Lv0ks5qfHIigaJpZM4Ji1Nb
.
from trinityx.
The problem is not with chrony, but with firewalld.
from trinityx.
Yes, my concer is: crony is exotic, we won't encounter this bug if switch
to ntpd. What are the drawbacks?
On Aug 12, 2016 5:49 PM, "jflf-CV" [email protected] wrote:
The problem is not with chrony, but with firewalld.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#51 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFvTCBMIh2OTRPp-jMDzMM7T_o1FHk-uks5qfJXxgaJpZM4Ji1Nb
.
from trinityx.
I don't think that chrony is exotic anymore, as it has been picked up by RedHat by default and is now in all its derivatives. There have been conversations on the mailing lists about the merits of both, and they took the decision to move to chrony. So that part is done and out of our control.
Again, that problem is not with chrony. Chrony is the first software impacted by the firewalld bug that we saw, but it doesn't even prevent it from working properly, it's only affecting the CLI tool. That's not enough to throw out chrony entirely.
Now, once I'll figure out a way to work around the bug with firewalld, the chrony issue will disappear entirely. That is the real goal, not getting rid of chrony and then hitting the bug again with another piece of software.
from trinityx.
no longer an issue in 2e7d1e9
from trinityx.
Related Issues (20)
- release life cycle HOT 2
- Patch in `/etc/firewalld/direct.xml` for PXE booting issues not applied on c2
- Typo in release notes for Release 11 HOT 1
- zabbix_api import in zabbix_conf.py clashes with Ansible zabbix modules HOT 1
- SELINUX error HOT 1
- Openstack integration
- No ubuntu at all? HOT 14
- docs.clustervision down? HOT 2
- Regarding sensu repository inside the controller.yml HOT 5
- Missing hwloc-plugins, libhugetlbfs, moreutils, perl(IPC::Run) on RHEL9 HOT 3
- obol command not in PATH of root user HOT 1
- named listens on all interfaces (internal and external) HOT 4
- Issue regarding prepare.sh, ansible and matching python version HOT 3
- SELinux | prepare.sh vs ansible HOT 2
- SLURM filepath issue HOT 5
- python venv never created HOT 3
- LUNA2 role filepath issue HOT 2
- Missing python package breaks luna2 installation HOT 4
- sssd role assumes ldap package is installed HOT 16
- luna2 wants dhcpd.service but dhcp isn't being configured correclty HOT 16
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from trinityx.