Server WG Quick Vote: Firewall status API for rolekit
Simo Sorce
ssorce at redhat.com
Wed Oct 22 14:40:12 UTC 2014
On Wed, 22 Oct 2014 08:30:47 -0400
Stephen Gallagher <sgallagh at redhat.com> wrote:
> The Beta release criteria for rolekit were largely copied from the PRD
> and Technical Specification. One of these bits was this:
>
> "Release-blocking roles must be able to report their status in regard
> to the system firewall as described in the technical specification."
>
> The tech spec reads:
>
> "Roles will be required to support the following API: ... A query
> interface providing metadata information about the role (not all roles
> must implement all parts of this, bold lines are mandatory): ... A
> list of the ports that the role operates on, as well as data about
> whether those ports are currently firewalled."
>
> Unfortunately, rolekit does not currently have this capability. Thomas
> and I decided during development to defer that (because this
> information is available through the firewalld API and firewall-cmd
> as well), but we forgot to communicate it to the rest of the Server
> SIG.
>
> As a result, we (the Server WG) need to make a decision: Do we believe
> that this firewall status API is important enough to slip Beta.
> Because there's no chance we will be able to implement this in time
> for tonight's compose.
>
> Proposal: The requirement to be able to list the role's related
> firewall state is deferred to Fedora 22 and should be removed from
> the release criteria.
>
> I am +1. Please vote immediately, as we do not have much time.
A pity, but it is unrealistic to stop beta for this, so +1
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the server
mailing list