search

dm-vdo / bunsen

Ansible suite to configure a set of machines to replicate the VDO Team's test environment.
GNU General Public License v2.0
0 stars 4 forks source link

Provisioning fails when firewalld and python3-firewalld aren't installed on the infra box #28

Open rhawalsh opened 1 year ago

rhawalsh commented 1 year ago

Running a Fedora 36 infrastructure system (using Vagrant's public repository fedora/36-cloud-base image) with a freshly checked out version of Bunsen ends up with failed provisioning.

TASK [nfs_server : Modify firewall port 2049/tcp] ***********************************************************************************************************************************
Wednesday 10 May 2023  16:05:14 -0400 (0:00:00.061)       0:09:56.148 *********                                                                                                      
fatal: [ossbunsen-infra]: FAILED! => {                                                                                                                                               
    "changed": false                                                                                                                                                                 
}                                                                                                                                                                                    

MSG:                                                                                                                                                                                 

Python Module not found: firewalld and its python module are required for this module,                         version 0.2.11 or newer required (0.3.9 or newer for offline operations)

If I then install python3-firewall on the infrastructure box, it gets further but still ends up failing.

TASK [nfs_server : Modify firewall port 2049/tcp] ***********************************************************************************************************************************
Wednesday 10 May 2023  17:00:20 -0400 (0:00:00.077)       0:00:58.654 *********                                                                                                      
fatal: [ossbunsen-infra]: FAILED! => {                                                                                                                                               
    "changed": false,                                                                                                                                                                
    "rc": 254                                                                                                                                                                        
}                                                                                                                                                                                    

MSG:                                                                                                                                                                                 

MODULE FAILURE                                                                                                                                                                       
See stdout/stderr for the exact error                                                                                                                                                

MODULE_STDERR:                                                                                                                                                                       

ERROR: Failed to load '/etc/firewalld/firewalld.conf': [Errno 2] No such file or directory: '/etc/firewalld/firewalld.conf'                                                          
WARNING: [Errno 2] No such file or directory: '/etc/firewalld/firewalld.conf'                                                                                                        
WARNING: Using fallback firewalld configuration settings.                                                                                                                            
ERROR: Failed to load user configuration. Falling back to full stock configuration.                                                                                                  
ERROR: INVALID_ZONE: Zone 'block' is not available.                                                                                                                                  
ERROR: INVALID_ZONE: Zone 'block' is not available.                                                                                                                                  
ERROR: Failed to load full stock configuration. This likely indicates a system level issue, e.g. the firewall backend (nftables, iptables) is broken. All hope is lost. Exiting.

If I then install firewalld, provisioning is able to continue as expected.

I am going to try to reproduce with Fedora 37 and Fedora 38 (if that image is available; I'm not sure atm).

rhawalsh commented 1 year ago

This also seems to apply to the farm role as well, but not resources.