Disabling managing firewall - cloudstack-setup-management (#4239)
* Adding message to ensure ports are open
* Removing configuring iptables
* Fixing merge conflict
diff --git a/client/bindir/cloud-setup-management.in b/client/bindir/cloud-setup-management.in
index 1daf60e..96b9121 100755
--- a/client/bindir/cloud-setup-management.in
+++ b/client/bindir/cloud-setup-management.in
@@ -45,13 +45,14 @@
try:
syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
except UnknownSystemException:
- print(("Error: CloudStack failed to detect your "
- "operating system. Exiting."), file=sys.stderr)
+ print("Error: CloudStack failed to detect your "
+ "operating system. Exiting.", file=sys.stderr)
sys.exit(1)
try:
syscfg.registerService(cloudManagementConfig)
syscfg.config()
print("CloudStack Management Server setup is Done!")
+ print("Please ensure the following ports are open for the management server to function properly : 8080 8250 8443 9090")
except (CloudRuntimeException, CloudInternalException) as e:
print(e)
print("Try to restore your system:")
diff --git a/python/lib/cloudutils/serviceConfig.py b/python/lib/cloudutils/serviceConfig.py
index 0d8d591..4cbab59 100755
--- a/python/lib/cloudutils/serviceConfig.py
+++ b/python/lib/cloudutils/serviceConfig.py
@@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -775,32 +775,3 @@
def restore(self):
return True
-
-class firewallConfigServer(firewallConfigBase):
- def __init__(self, syscfg):
- super(firewallConfigServer, self).__init__(syscfg)
- #9090 is used for cluster management server
- if self.syscfg.env.svrMode == "myCloud":
- self.ports = "443 8080 8250 8443 9090".split()
- else:
- self.ports = "8080 8250 9090".split()
-
-class ubuntuFirewallConfigServer(firewallConfigServer):
- def allowPort(self, port):
- status = False
- try:
- status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
- except:
- pass
-
- if not status:
- bash("ufw allow %s/tcp"%port)
-
- def config(self):
- try:
- for port in self.ports:
- self.allowPort(port)
-
- return True
- except:
- raise
diff --git a/python/lib/cloudutils/syscfg.py b/python/lib/cloudutils/syscfg.py
index 7796867..fdc077d 100755
--- a/python/lib/cloudutils/syscfg.py
+++ b/python/lib/cloudutils/syscfg.py
@@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -29,7 +29,7 @@
return sysConfigDbFactory.getDb(glbEnv)
else:
raise CloudInternalException("Need to specify which mode are u running: Agent/Server/Db")
-
+
class sysConfigAgentFactory:
@staticmethod
def getAgent(glbEnv):
@@ -61,7 +61,7 @@
else:
print("Can't find the distribution version")
return sysConfig()
-
+
class sysConfigDbFactory:
@staticmethod
def getDb(glbEnv):
@@ -71,10 +71,10 @@
def __init__(self, env):
self.env = env
self.services = []
-
+
def registerService(self, service):
self.services.append(service(self))
-
+
def config(self):
if not self.check():
return False
@@ -82,14 +82,14 @@
for service in self.services:
if not service.configration():
raise CloudInternalException("Configuration failed for service %s" % service.serviceName)
-
+
def restore(self):
for service in self.services:
service.backup()
-
+
def check(self):
return True
-
+
class sysConfigAgent(sysConfig):
def __init__(self, env):
super(sysConfigAgent, self).__init__(env)
@@ -97,13 +97,13 @@
def check(self):
if self.env.debug:
return True
-
+
if self.env.agentMode == "myCloud":
if self.env.distribution.getVersion() != "Ubuntu":
raise CloudInternalException("Need to run myCloud agent on an Ubuntu machine\n")
elif self.env.distribution.getArch() != "x86_64":
raise CloudInternalException("Need to run myCloud agent on an 64bit machine\n")
- #check free disk space on the local disk
+ #check free disk space on the local disk
if os.path.exists("/var/lib/libvirt/images"):
size = -1
try:
@@ -127,7 +127,7 @@
if os.geteuid() != 0:
raise CloudInternalException("Need to execute with root permission\n")
-
+
hostname = bash("hostname -f")
if not hostname.isSuccess():
raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n")
@@ -135,10 +135,10 @@
kvmEnabled = self.svo.isKVMEnabled()
if not kvmEnabled:
raise CloudInternalException("Checking KVM...[Failed]\nPlease enable KVM on this machine\n")
-
+
return True
-
+
class sysConfigAgentRedhatBase(sysConfigAgent):
def __init__(self, env):
self.svo = serviceOpsRedhat()
@@ -188,7 +188,7 @@
libvirtConfigRedhat(self),
firewallConfigAgent(self),
cloudAgentConfig(self)]
-
+
#it covers RHEL7
class sysConfigRedhat7(sysConfigAgentRedhat7Base):
def __init__(self, glbEnv):
@@ -219,15 +219,15 @@
if not hostname.isSuccess():
raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n")
return True
-
+
class sysConfigServerRedhat(sysConfigServer):
def __init__(self, glbEnv):
super(sysConfigServerRedhat, self).__init__(glbEnv)
self.svo = serviceOpsRedhat()
- self.services = [firewallConfigServer(self)]
-
+ self.services = []
+
class sysConfigServerUbuntu(sysConfigServer):
def __init__(self, glbEnv):
super(sysConfigServerUbuntu, self).__init__(glbEnv)
self.svo = serviceOpsUbuntu()
- self.services = [ubuntuFirewallConfigServer(self)]
+ self.services = []
