Skip to content

Remove special-case for firewalld in builder #364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Mar 8, 2024
Merged

Remove special-case for firewalld in builder #364

merged 7 commits into from
Mar 8, 2024

Conversation

sjpb
Copy link
Collaborator

@sjpb sjpb commented Feb 22, 2024
edited
Loading

Uses extravars instead of a workaround in fatimage.yml to ensure firewalld service is not enabled on all nodes, to minimise differences/changes of error between fatimage.yml and site.yml

Background for future reference: ansible/bootstrap.yml is run by both site.yml and fatimage.yml This runs the firewalld role which dnf-installs firewalld . On install, the firewalld service is enabled so after a reboot it starts running. Hence by default firewalld ends up running on all nodes created with a fatimage, even though its only wanted on the login node(s) running fail2ban. Before this PR there was a workaround in fatimage.yml to explicitly disable it on build.

Requires new image build.

@sjpb sjpb force-pushed the refactor/firewalld branch from 6231b20 to b47ff15 Compare March 7, 2024 17:45
@sjpb sjpb changed the base branch from main to ci/leafcloud-imagebuild March 7, 2024 17:45
@sjpb
Copy link
Collaborator Author

sjpb commented Mar 7, 2024
edited
Loading

Fat image build: https://github.com/stackhpc/ansible-slurm-appliance/actions/runs/8192527716

Edit: succeeded, openhpc-240307-1747-b47ff153

Base automatically changed from ci/leafcloud-imagebuild to main March 8, 2024 10:06
@sjpb
Copy link
Collaborator Author

sjpb commented Mar 8, 2024
edited
Loading

Canceled workflow, rebuilding image for safety: https://github.com/stackhpc/ansible-slurm-appliance/actions/runs/8201785642: openhpc-240308-1011-0f0291c0

@sjpb sjpb marked this pull request as ready for review March 8, 2024 11:15
@sjpb sjpb requested a review from a team as a code owner March 8, 2024 11:15
sd109
sd109 approved these changes Mar 8, 2024
View reviewed changes
Copy link
Member

@sd109 sd109 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sjpb sjpb merged commit 678d08d into main Mar 8, 2024
@sjpb sjpb deleted the refactor/firewalld branch March 8, 2024 14:12
@sjpb sjpb mentioned this pull request Mar 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sd109 sd109 sd109 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sjpb @sd109