@Inderpreet…Need your help. When I submitted this task I had 47 minutes left on the clock I had to wait for more than 3 -4 minutes to get the result…I am not sure why I only got 180 bonus points instead of 300…Also during the start, the description screen took 2 - 3 minutes to load…Could you please check if the loading & validation is taking 5 - 6 minutes ? If so kindly update the points
@Inderpreet @Ayman @kodekloud-support3
or anyone else can help me out here? I am new to DevOps task.
when I run puppet agent -t, I got this error message
What I did wrong? Any tutorial I should read first to solve this task?
Thanks so much
Hello, tylorC
Have you tried with sudo. e.g. sudo puppet agent -tv
thanks sudo is working for it
Anyone can give some tips for my config?
If I set
node ‘stapp01.stratos.xfusioncorp.com’ {
include firewall}
and the will open, but I believe the task will fail.
Hello…
I got task failed error:
- port ‘8082’ is not found in firewall public zone on App Server 1
But this I had applied rich rule set:
[tony@stapp01 ~]$ sudo firewall-cmd --list-all --zone=public
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family=“ipv4” port port=“8082” protocol=“tcp” accept
curl from Jump host also worked…
curl http://172.16.238.10:8082
@Inderpreet @Ayman @mmumshad Can you please check… I checked all ports from just host and they worked.
So it seems i used [firewalld_rich_rule] instead of [firewalld_port]. This might have caused validation to fail but I dont think this was mentioned in the question.
Can you please check.
@salilpune1 We can mark it Pending
for you to give it an another try. Was this task assigned to you today itself ?
Hey @andrescaroc
what was the issue with this class function?
class firewall_node1 {
firewalld_port { ‘Open port 6000 in the public zone’:
ensure => present,
zone => ‘public’,
port => 6000,
protocol => ‘tcp’,
}
}
I am getting similar behaviours what you got before. puppet agent get the config applied with success, but there has been no change on the ports in public zone? how did you overcome that issue?
I’m also investigating this behavior.
I think it has to do with firewalld not reloading after manifest is deployed.
After pulling the manifest on Agent, try with firewall-cmd --reload and see if the port is now opened.
@nashwan I’m glad this tip helped.
This is mentioned among the lines in the doc shared by @andrzej https://forge.puppet.com/puppet/firewalld/readme
However, It’s not 100% clear to me the advise given there about this topic. If someone can help me to clarify it, I’d be good.
I was looking into Firewalld not reloading in 3.0 · Issue #38 · voxpupuli/puppet-firewalld · GitHub. I found out that adding include firewalld inside the classes, at the beginning of each also works to solve this.
Hello @nashwan
The class function does not have issue, what I learned from docs is that you must declare the class { 'firewalld': }
specified in the usage section, this way:
class { 'firewalld': }
class firewall_node1 {
firewalld_port { 'Open port 6400 in the public zone':
ensure => present,
zone => 'public',
port => 6400,
protocol => 'tcp',
}
}
I hope this helps for everybody that is stuck with this task.
For sure, I think the documentation of this module could be better with an example of that “usage” statement within a code example, but this is what we have.
Regards
@andrescaroc thank you very much mate. I managed to solve the task without
class { ‘firewalld’: }
but I had to reload the firewall list port with firewall-cmd --reload
thanks a lot @andrescaroc and @gustavos86
Hi All,
Could you please check and advise here.
as per the above error message, one of the blogs mentioned I have to include the below code snippet in my code.
I have added that towards the end of my code. is that correct? or should I include it in the beginning or at a different place?
also, class { ‘firewalld’: } am I supposed to declare it three times, or declaring it once is sufficient?
#separate pp file for firewall rules
separate pp file for node specification
I have attached my codes here. Please advise.
thanks
Hi All,
one of you please check and advise.
Thank you!
@Inderpreet @gustavos86 @Tej-Singh-Rana @nashwan @ramnamy @andrescaroc @andrzej @Devops @antonysavio1111 @mouador
blog.pp
data.pp
as per this note.
should I also use Hiera example too in my blog.pp?