Firewall configuration with Red Hat Enterprise Linux 7
You must complete some firewall configuration steps to enable the
iptables service on a Red Hat Enterprise Linux® (RHEL) 7 instance.
The RHEL 7 image available with IBM® Cloud Pak System W3550 uses
the
iptables service when it configures the firewall
for a deployed instance. The image disabled the firewalld service
and enabled the iptables and ip6tables services
instead. The IBM Spectrum Scale external tiebreaker binary files are using the same scripts that are used by the Cloud Pak System IBM Spectrum Scale Pattern instances, which are deployed on Cloud Pak System.
As a result, when the external tiebreaker is installed on a virtual
machine that is using RHEL 7, the virtual machine must also enable
the iptables service and disable the firewalld service
before the external tiebreaker installation scripts are run. This
is necessary because the external tiebreaker scripts are using the iptables service
to set up the firewall.
The following commands are used by Cloud Pak System to
enable the
iptables service on an instance that uses
RHEL 7. You can use the same commands, or similar ones, to disable
the firewalld service and enable the iptables on
the external tiebreaker virtual machine, when that virtual machine
is using RHEL 7.echo "Disable the firewalld service"
systemctl mask firewalld
echo "Activate the iptables and ip6tables services at boot"
systemctl enable iptables
systemctl enable ip6tables
echo "Stop the firewalld service"
systemctl stop firewalld