Last week I made a post about opening ports in Ubuntu's ufw firewall when using Devstack (Openstack upstream). Today I will show you how to do the same thing in firewalld dynamic firewall which is now the default in RHEL 7+ and Fedora.
The ports to be opened are the same, but you must also enable two additional services in firewalld, namely http and vnc-server. If you don't enable the former, you will be unable to access Horizon web UI, and if you don't enable the latter, you will not be able to see the console through Horizon when you launch an instance on Nova compute.
In the case of ufw, however, http port 80 was opened by default and vnc was enabled by simply opening 6080/tcp.
I wrote a Bash script to open the necessary ports for Openstack in firewalld. I have tested it on Openstack Kilo running on F23. You can find the script at the following link: