AnsweredAssumed Answered

MapR and Firewalld

Question asked by briant on Mar 17, 2017
Latest reply on Mar 21, 2017 by maprcommunity

I am trying to install MapR on a Centos 7.2 system where my head node has 2 NICS. 1 (eth0) for the public network and 1 (eth1) for the private network. For the private network to be able to see the public network (yum updates or mapr install) i use the following:

 

  1. Enable IPv4 packet forwarding.
    1. Add the following to /etc/sysctl.conf: net.ipv4.ip_forward = 1
    2. Apply the sysctl settings: sysctl -p
  2. Add direct rules to firewalld. Add the --permanent option to keep these rules across restarts.
    firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
    firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

When installing MapR the installer disabled firewalld. This stops my compute nodes from receiving data from the installer. I have a script that restarts firewalld right away when it goes down. When Firewalld is active again the installer is hung. Firewalld has all ports open. 

My compute nodes all have static ip addresses. super simple network.  

Is there a way to have MapR not kill firewalld?

Outcomes