sdodson added a new comment to an issue you are following:
``
OpenShift doesn't like firewalld according to clayton and
@vbatts.
Firewalld would be the preferred firewall management tool for OpenShift if it were
available on atomic host. OpenShift needs to be kept aware of firewall changes so that it
can ensure that all the required rules are there. When using firewalld openshift becomes
aware of changes and can immediately reconcile the rules, without firewalld it has to
resync everything periodically which leaves a windows of brokenness and I believe that
syncing the rules is more costly than necessary.
@eparis @dcbw @danw -- was there some recent change to our disposition on preference for
firewalld?
``
To reply, visit the link below or just reply to this email
https://pagure.io/atomic-wg/issue/372