apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Disabling managing firewall - cloudstack-setup-management (#4239)

Browse Source 
* Adding message to ensure ports are open

* Removing configuring iptables

* Fixing merge conflict
This commit is contained in:
davidjumani 2020-09-22 17:46:21 +05:30 committed by GitHub
parent c06e7ded3c
commit ead9a34b3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
client/bindir/cloud-setup-management.in
View File

@ -45,13 +45,14 @@ if __name__ == '__main__':
try: try:
syscfg = sysConfigFactory.getSysConfigFactory(glbEnv) syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
except UnknownSystemException: except UnknownSystemException:
print(("Error: CloudStack failed to detect your " print("Error: CloudStack failed to detect your "
"operating system. Exiting."), file=sys.stderr) "operating system. Exiting.", file=sys.stderr)
sys.exit(1) sys.exit(1)
try: try:
syscfg.registerService(cloudManagementConfig) syscfg.registerService(cloudManagementConfig)
syscfg.config() syscfg.config()
print("CloudStack Management Server setup is Done!") print("CloudStack Management Server setup is Done!")
print("Please ensure the following ports are open for the management server to function properly : 8080 8250 8443 9090")
except (CloudRuntimeException, CloudInternalException) as e: except (CloudRuntimeException, CloudInternalException) as e:
print(e) print(e)
print("Try to restore your system:") print("Try to restore your system:")

33
python/lib/cloudutils/serviceConfig.py
View File

@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the # to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance # "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at # with the License. You may obtain a copy of the License at
# #
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, # Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an # software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -775,32 +775,3 @@ class cloudAgentConfig(serviceCfgBase):
def restore(self): def restore(self):
return True return True
class firewallConfigServer(firewallConfigBase):
def __init__(self, syscfg):
super(firewallConfigServer, self).__init__(syscfg)
#9090 is used for cluster management server
if self.syscfg.env.svrMode == "myCloud":
self.ports = "443 8080 8250 8443 9090".split()
else:
self.ports = "8080 8250 9090".split()
class ubuntuFirewallConfigServer(firewallConfigServer):
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
bash("ufw allow %s/tcp"%port)
def config(self):
try:
for port in self.ports:
self.allowPort(port)
return True
except:
raise

38
python/lib/cloudutils/syscfg.py
View File

@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the # to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance # "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at # with the License. You may obtain a copy of the License at
# #
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, # Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an # software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -29,7 +29,7 @@ class sysConfigFactory:
return sysConfigDbFactory.getDb(glbEnv) return sysConfigDbFactory.getDb(glbEnv)
else: else:
raise CloudInternalException("Need to specify which mode are u running: Agent/Server/Db") raise CloudInternalException("Need to specify which mode are u running: Agent/Server/Db")
class sysConfigAgentFactory: class sysConfigAgentFactory:
@staticmethod @staticmethod
def getAgent(glbEnv): def getAgent(glbEnv):
@ -61,7 +61,7 @@ class sysConfigServerFactory:
else: else:
print("Can't find the distribution version") print("Can't find the distribution version")
return sysConfig() return sysConfig()
class sysConfigDbFactory: class sysConfigDbFactory:
@staticmethod @staticmethod
def getDb(glbEnv): def getDb(glbEnv):
@ -71,10 +71,10 @@ class sysConfig(object):
def __init__(self, env): def __init__(self, env):
self.env = env self.env = env
self.services = [] self.services = []
def registerService(self, service): def registerService(self, service):
self.services.append(service(self)) self.services.append(service(self))
def config(self): def config(self):
if not self.check(): if not self.check():
return False return False
@ -82,14 +82,14 @@ class sysConfig(object):
for service in self.services: for service in self.services:
if not service.configration(): if not service.configration():
raise CloudInternalException("Configuration failed for service %s" % service.serviceName) raise CloudInternalException("Configuration failed for service %s" % service.serviceName)
def restore(self): def restore(self):
for service in self.services: for service in self.services:
service.backup() service.backup()
def check(self): def check(self):
return True return True
class sysConfigAgent(sysConfig): class sysConfigAgent(sysConfig):
def __init__(self, env): def __init__(self, env):
super(sysConfigAgent, self).__init__(env) super(sysConfigAgent, self).__init__(env)
@ -97,13 +97,13 @@ class sysConfigAgent(sysConfig):
def check(self): def check(self):
if self.env.debug: if self.env.debug:
return True return True
if self.env.agentMode == "myCloud": if self.env.agentMode == "myCloud":
if self.env.distribution.getVersion() != "Ubuntu": if self.env.distribution.getVersion() != "Ubuntu":
raise CloudInternalException("Need to run myCloud agent on an Ubuntu machine\n") raise CloudInternalException("Need to run myCloud agent on an Ubuntu machine\n")
elif self.env.distribution.getArch() != "x86_64": elif self.env.distribution.getArch() != "x86_64":
raise CloudInternalException("Need to run myCloud agent on an 64bit machine\n") raise CloudInternalException("Need to run myCloud agent on an 64bit machine\n")
#check free disk space on the local disk #check free disk space on the local disk
if os.path.exists("/var/lib/libvirt/images"): if os.path.exists("/var/lib/libvirt/images"):
size = -1 size = -1
try: try:
@ -127,7 +127,7 @@ class sysConfigAgent(sysConfig):
if os.geteuid() != 0: if os.geteuid() != 0:
raise CloudInternalException("Need to execute with root permission\n") raise CloudInternalException("Need to execute with root permission\n")
hostname = bash("hostname -f") hostname = bash("hostname -f")
if not hostname.isSuccess(): if not hostname.isSuccess():
raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n") raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n")
@ -135,10 +135,10 @@ class sysConfigAgent(sysConfig):
kvmEnabled = self.svo.isKVMEnabled() kvmEnabled = self.svo.isKVMEnabled()
if not kvmEnabled: if not kvmEnabled:
raise CloudInternalException("Checking KVM...[Failed]\nPlease enable KVM on this machine\n") raise CloudInternalException("Checking KVM...[Failed]\nPlease enable KVM on this machine\n")
return True return True
class sysConfigAgentRedhatBase(sysConfigAgent): class sysConfigAgentRedhatBase(sysConfigAgent):
def __init__(self, env): def __init__(self, env):
self.svo = serviceOpsRedhat() self.svo = serviceOpsRedhat()
@ -188,7 +188,7 @@ class sysConfigRedhat5(sysConfigAgentRedhatBase):
libvirtConfigRedhat(self), libvirtConfigRedhat(self),
firewallConfigAgent(self), firewallConfigAgent(self),
cloudAgentConfig(self)] cloudAgentConfig(self)]
#it covers RHEL7 #it covers RHEL7
class sysConfigRedhat7(sysConfigAgentRedhat7Base): class sysConfigRedhat7(sysConfigAgentRedhat7Base):
def __init__(self, glbEnv): def __init__(self, glbEnv):
@ -219,15 +219,15 @@ class sysConfigServer(sysConfig):
if not hostname.isSuccess(): if not hostname.isSuccess():
raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n") raise CloudInternalException("Checking hostname ... [Failed]\nPlease edit /etc/hosts, add a Fully Qualified Domain Name as your hostname\n")
return True return True
class sysConfigServerRedhat(sysConfigServer): class sysConfigServerRedhat(sysConfigServer):
def __init__(self, glbEnv): def __init__(self, glbEnv):
super(sysConfigServerRedhat, self).__init__(glbEnv) super(sysConfigServerRedhat, self).__init__(glbEnv)
self.svo = serviceOpsRedhat() self.svo = serviceOpsRedhat()
self.services = [firewallConfigServer(self)] self.services = []
class sysConfigServerUbuntu(sysConfigServer): class sysConfigServerUbuntu(sysConfigServer):
def __init__(self, glbEnv): def __init__(self, glbEnv):
super(sysConfigServerUbuntu, self).__init__(glbEnv) super(sysConfigServerUbuntu, self).__init__(glbEnv)
self.svo = serviceOpsUbuntu() self.svo = serviceOpsUbuntu()
self.services = [ubuntuFirewallConfigServer(self)] self.services = []