action #68095

Updated by okurz over 1 year ago

## Motivation
SuSEfirewall2 is not going to be supported anymore in current versions of openSUSE or SLE distributions. Our o3 workers already run firewalld just fine including multi-machine tests. We can not easily check the firewall status compared to firewalld where the systemd service is more helpful (#68092)

## Acceptance criteria

* **AC1:** has rules for setup of firewalld instead of SuSEfirewall2
* **AC2:** All osd workers managed by salt use firewalld

## Suggestions

* Read
* Ensure good cases exists for multi-machine jobs, e.g. and related jobs , run clones of these tests to ensure they pass in the current state before migration
* See existing o3 worker configuration for reference
* See pointers in #66236 , #64700 , #62162 , #54785 , #45848 , #43148 , #52499
On a selected worker without salt overriding configure firewalld, remove SuSEfirewall2 and test with above mentioned openQA test scenarios
* Add corresponding configuration to salt
* Ensure salt removes SuSEfirewall2 and/or remove all references to SuSEfirewall2 in salt recipes
* Test again after all salt recipes have been applied