On Tue, Apr 25, 2017 at 5:31 AM, Fabian Deutsch <fdeut...@redhat.com> wrote: > On Tue, Apr 25, 2017 at 5:42 AM, Ben Breard <bbre...@redhat.com> wrote: >> I'm starting to warm up to the idea of adding firewalld in Atomic Host. If >> we do this, it would be a requirement to clean up the absurd default zones & >> policies and have something relevant for AH out of the box. > > +1 > > for AH, and to play nice with OCP/Kube by default - if used in that use-case. > > - fabian
I will admit, I do think it is easier to change Atomic Host to have firewalld than seemingly everyone else to move back to iptables. Adding Russell Teague from the openshift ansible side since he's done some firewalld/iptables work in this area. -- Thanks, Steve Milner Atomic | Red Hat | http://projectatomic.io/ | http://commissaire.io
