Disable firewalld on Red Hat Enterprise Linux OpenStack Platform nodes

Updated 20 May 2016

The firewalld service must be disabled and replaced with iptables on Compute and OpenStack Networking nodes running Red Hat Enterprise Linux 7. This configuration is a prerequisite step for a successful Red Hat Enterprise Linux OpenStack Platform deployment.

Disable the firewalld service

1. Review the iptables rules defined in /etc/sysconfig/iptables

Note: You can review the current firewalld configuration by running the firewall-cmd command:

# firewall-cmd --list-all

2. Once satisfied with the iptables rules, disable firewalld:

# systemctl disable firewalld.service

3. Stop the firewalld service and start iptables:

Note: You may need to install the iptables-services package in order to manage the iptables service.

# systemctl stop firewalld.service; systemctl start iptables; systemctl start ip6tables

4. Permanently enable the iptables services:

# systemctl enable iptables
# systemctl enable ip6tables

The firewalld service has been disabled, and the iptables service has been enabled and configured to start on boot.

Product(s)

Red Hat OpenStack Platform

Category

Install

Components

neutron

Tags

Article Type

General