Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-1315

puppetlabs/firewall doesn't work on CentOS 7

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: firewall
    • Labels:
      None
    • Template:

      Description

      Here's what happens when I run Puppet on CentOS 7 after
      adding in a declaration of firewall resources:

      [root@jupiter manifests]# puppet apply /etc/puppet/manifests/projectname.pp
      Warning: Config file /etc/puppet/hiera.yaml not found, using Hiera defaults
      Notice: Compiled catalog for jupiter.swarmcritic.com in environment production in 1.28 seconds
      Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
         (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
      Notice: /Stage[main]/Simple_firewall::My_fw::Pre/Firewall[000 accept all icmp]/ensure: created
      Warning: Firewall[000 accept all icmp](provider=iptables): Unable to persist firewall rules: Execution of '/sbin/service iptables save' returned 2: The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
      Error: Could not start Service[iptables]: Execution of '/usr/bin/systemctl start iptables' returned 6: Failed to issue method call: Unit iptables.service failed to load: No such file or directory.
      Wrapped exception:
      Execution of '/usr/bin/systemctl start iptables' returned 6: Failed to issue method call: Unit iptables.service failed to load: No such file or directory.
      Error: /Stage[main]/Firewall::Linux::Redhat/Service[iptables]/ensure: change from stopped to running failed: Could not start Service[iptables]: Execution of '/usr/bin/systemctl start iptables' returned 6: Failed to issue method call: Unit iptables.service failed to load: No such file or directory.
      Notice: /Stage[main]/Simple_firewall::My_fw::Pre/Firewall[003 Allow SSH]/ensure: created
      Warning: Firewall[003 Allow SSH](provider=iptables): Unable to persist firewall rules: Execution of '/sbin/service iptables save' returned 2: The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
      Notice: /Stage[main]/Simple_firewall::My_fw::Pre/Firewall[002 accept related established rules]/ensure: created
      Warning: Firewall[002 accept related established rules](provider=iptables): Unable to persist firewall rules: Execution of '/sbin/service iptables save' returned 2: The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
      Notice: /Stage[main]/Simple_firewall::My_fw::Pre/Firewall[001 accept all to lo interface]/ensure: created
      Warning: Firewall[001 accept all to lo interface](provider=iptables): Unable to persist firewall rules: Execution of '/sbin/service iptables save' returned 2: The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
      Notice: /Stage[main]/Simple_firewall::My_fw::Post/Firewall[999 Drop Everything Not Explicitly Allowed]/ensure: created
      Warning: Firewall[999 Drop Everything Not Explicitly Allowed](provider=iptables): Unable to persist firewall rules: Execution of '/sbin/service iptables save' returned 2: The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
      Notice: Finished catalog run in 0.48 seconds
      

      This stuff worked fine on CentOS 6.4!

        Attachments

          Activity

            People

            • Assignee:
              hunter Hunter (Hunner) Haugen
              Reporter:
              ross_williams Ross Williams
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support

                  Time Tracking

                  Estimated:
                  Original Estimate - 3 hours
                  3h
                  Remaining:
                  Remaining Estimate - 3 hours
                  3h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified