If your task is exactly the same as mine (see screenshot) it has an error: It is asking to use the “puppet firewall module” (without ‘d’) but the correct module to use is the “puppet firewalld module” (with ‘d’).
Watch examples of how to use the module, the “usage” section is important.
I hope this helps anyone having a hard time with this task.
Can you please let me know which resource type to use and what is the synatx ?
Also create a puppet programming file official.pp under /etc/puppetlabs/code/environments/production/manifests directory on puppet master node i.e on Jump Server and write code to perform below mention task.
Install puppet firewall module on master node i.e on Jump Server (you can install manually).
There are some different applications running on all three apps. One of the application is using port 6400 on App server 1 , 9006 on App server 2 and 8092 on App server 3 . Complete below mentioned tasks:
a. Open all incoming connection for 6400/tcp port on App Server 1 and zone should be public .
b. Open all incoming connection for 9006/tcp port on App Server 2 and zone should be public .
c. Open all incoming connection for 8092/tcp port on App Server 3 and zone should be public .
@Inderpreet…Need your help. When I submitted this task I had 47 minutes left on the clock I had to wait for more than 3 -4 minutes to get the result…I am not sure why I only got 180 bonus points instead of 300…Also during the start, the description screen took 2 - 3 minutes to load…Could you please check if the loading & validation is taking 5 - 6 minutes ? If so kindly update the points
So it seems i used [firewalld_rich_rule] instead of [firewalld_port]. This might have caused validation to fail but I dont think this was mentioned in the question.
Hey @andrescaroc
what was the issue with this class function?
class firewall_node1 {
firewalld_port { ‘Open port 6000 in the public zone’:
ensure => present,
zone => ‘public’,
port => 6000,
protocol => ‘tcp’,
}
}
I am getting similar behaviours what you got before. puppet agent get the config applied with success, but there has been no change on the ports in public zone? how did you overcome that issue?
I’m also investigating this behavior.
I think it has to do with firewalld not reloading after manifest is deployed.
After pulling the manifest on Agent, try with firewall-cmd --reload and see if the port is now opened.
This is mentioned among the lines in the doc shared by @andrzejhttps://forge.puppet.com/puppet/firewalld/readme
However, It’s not 100% clear to me the advise given there about this topic. If someone can help me to clarify it, I’d be good.
The class function does not have issue, what I learned from docs is that you must declare the class { 'firewalld': } specified in the usage section, this way:
class { 'firewalld': }
class firewall_node1 {
firewalld_port { 'Open port 6400 in the public zone':
ensure => present,
zone => 'public',
port => 6400,
protocol => 'tcp',
}
}
I hope this helps for everybody that is stuck with this task.
For sure, I think the documentation of this module could be better with an example of that “usage” statement within a code example, but this is what we have.