Why disable Firewalld and NetworkManager?
Hello I'm new and I'd like to know the reasons to disable firewalld and NetworkManager. Thank you
First time here? Check out the FAQ!
Because they manage network interfaces and the firewall, and Neutron wants to manage them as well. When there are two managers that don’t know about each other, you can perhaps imagine that the result is chaos.
@Bernd Bausch The teacher said he didn't want to bother adding exceptions to every OpenStack application. He didn't say anything about Neutron.
I don't understand how this relates to the question.
What do you mean by "exception"?
Neutron is not an OpenStack application, but an essential part of OpenStack. Without Neutron, no OpenStack cloud (except if you want to deploy standalone Swift).
I wasn't trying to answer (I should've worded my comment properly. Sorry for that). I wanted your opinion since the teacher's answer wasn't convincing. Also exceptions means opening ports in the firewall. I got the impression that OpenStack manages several processes and each required an open port.
Any application that listens for network connections needs an open port, not just OpenStack.
It is true that the number of ports used by OpenStack used to be high. Nowadays though you can deploy most components behind a regular web server.
NM has nothing to do with opening ports. Indeed Neutron wants to manage the network and would conflict with NM. Or you could see it this way: Neutron is unable to manage network config through NM, and the firewall through firewalld.
Asked: 2018-09-14 05:50:58 -0500
Seen: 1,069 times
Last updated: Dec 07 '18