https://bugzilla.suse.com/show_bug.cgi?id=1214160 https://bugzilla.suse.com/show_bug.cgi?id=1214160#c9 --- Comment #9 from Robert Munteanu <rombert@apache.org> --- (In reply to James Fehlig from comment #7)
I forgot to set needinfo to Robert for my question in #6...
(In reply to Mohd Saquib from comment #4)
Hi, firewalld maintainer here!
Thanks for taking a look!
Yes there was a firewalld update recently but I highly doubt that this error is due to that. Anyway I'll double check.
Robert already verified the issue was not caused by the firewalld update. Still, any help understanding the cause of "INVALID_ZONE: 'libvirt-routed' not among existing zones" error would be much appreciated.
I can share more information about my setup, if helpful. I am not sure I can create an actual reproducer, since I don't have another bare metal machine around. The setup (loosely) is the following: - NFS server running on the host - libvirt managing 3 VMs defined via https://github.com/dmacvicar/terraform-provider-libvirt - a kubernetes cluster provisioned using k3s is running on those machines - a systemd unit opens up additional ports for the relevant firewalld zones [Unit] Description=Opens ports for libvirtd Requires=libvirtd.service After=libvirtd.service [Service] ExecStart=/usr/local/bin/libvirtd-open-ports.sh [Install] WantedBy=multi-user.targ The script currently casts a very wide net because of my troubleshooting #!/bin/bash -eu zones="libvirt libvirt-routed" services="rpc-bind mountd nfs http mysql" ports="7090/tcp 9115/tcp 9427/tcp" # Motion webcam, blackbox_exporter, ping exporter for zone in ${zones}; do for svc in ${services}; do firewall-cmd --zone="${zone}" --add-service="${svc}" done for port in ${ports}; do firewall-cmd --zone="${zone}" --add-port="${port}" done done I am using a script instead of passing '--permanent' to firewall-cmd invocations because it's easier for me to manage it with SaltStack. I'm clearing needinfo in hope that it helps, feel free to request again. -- You are receiving this mail because: You are on the CC list for the bug.