Remove firewalld on Fedora 20 by default
firewalld interacts badly with the libvirt on f20, causing slow-downs
so great that it can timeout the gate.
Developers who want to leave it enabled should set FORCE_FIREWALLD=True
Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 6fb5c38..258e1a4 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -37,7 +37,7 @@
# and HP images used in the gate; rackspace has firewalld but hp
# cloud doesn't. RHEL6 doesn't have firewalld either. So we
# don't care if it fails.
- if is_fedora; then
+ if is_fedora && is_package_installed firewalld; then
sudo service firewalld restart || true
fi
}
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index d849302..1732ecc 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -103,6 +103,21 @@
if selinuxenabled; then
sudo setenforce 0
fi
+
+ FORCE_FIREWALLD=$(trueorfalse False $FORCE_FIREWALLD)
+ if [[ ${DISTRO} =~ (f19|f20) && $FORCE_FIREWALLD == "False" ]]; then
+ # On Fedora 19 and 20 firewalld interacts badly with libvirt and
+ # slows things down significantly. However, for those cases
+ # where that combination is desired, allow this fix to be skipped.
+
+ # There was also an additional issue with firewalld hanging
+ # after install of libvirt with polkit. See
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1099031
+ if is_package_installed firewalld; then
+ uninstall_package firewalld
+ fi
+ fi
+
fi
# RHEL6