As of CentOS 7.5, the use of ZONE=<zone> no longer works in /etc/sysconfig/network-scripts/ifcfg-* files. The most notable side-effect of this is that all nodes that accessed the Internet through the head node will no longer be able to do so until this is remedied. The new way of setting up zones in the firewall is using firewall-cmd using the following commands: (adjust accordingly if your network is set up differently)
$ firewall-cmd --zone=trusted --add-interface=en0 --permanent
$ firewall-cmd --zone=external --add-interface=en1 --permanent
# If you have InfiniBand
$ firewall-cmd --zone=trusted --add-interface=ib0 --permanent
$ firewall-cmd --reload
CODE