Disabling managing firewall - cloudstack-setup-management (#4239)

* Adding message to ensure ports are open * Removing configuring iptables * Fixing merge conflict
2025-10-26 08:42:29 +01:00 · 2020-09-22 17:46:21 +05:30 · 2020-09-22 17:46:21 +05:30 · ead9a34b3d
commit ead9a34b3d
parent c06e7ded3c
3 changed files with 24 additions and 52 deletions
--- a/client/bindir/cloud-setup-management.in
+++ b/client/bindir/cloud-setup-management.in
@ -45,13 +45,14 @@ if __name__ == '__main__':
    try:
        syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
    except UnknownSystemException:
-        print(("Error: CloudStack failed to detect your "
-                "operating system. Exiting."), file=sys.stderr)
+        print("Error: CloudStack failed to detect your "
+                "operating system. Exiting.", file=sys.stderr)
        sys.exit(1)
    try:
        syscfg.registerService(cloudManagementConfig)
        syscfg.config()
        print("CloudStack Management Server setup is Done!")
+        print("Please ensure the following ports are open for the management server to function properly : 8080 8250 8443 9090")
    except (CloudRuntimeException, CloudInternalException) as e:
        print(e)
        print("Try to restore your system:")
--- a/python/lib/cloudutils/serviceConfig.py
+++ b/python/lib/cloudutils/serviceConfig.py
@ -775,32 +775,3 @@ class cloudAgentConfig(serviceCfgBase):

    def restore(self):
        return True
-
-class firewallConfigServer(firewallConfigBase):
-    def __init__(self, syscfg):
-        super(firewallConfigServer, self).__init__(syscfg)
-        #9090 is used for cluster management server
-        if self.syscfg.env.svrMode == "myCloud":
-            self.ports = "443 8080 8250 8443 9090".split()
-        else:
-            self.ports = "8080 8250 9090".split()
-
-class ubuntuFirewallConfigServer(firewallConfigServer):
-    def allowPort(self, port):
-        status = False
-        try:
-            status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
-        except:
-            pass
-
-        if not status:
-            bash("ufw allow %s/tcp"%port)
-
-    def config(self):
-        try:
-            for port in self.ports:
-                self.allowPort(port)
-
-            return True
-        except:
-            raise
--- a/python/lib/cloudutils/syscfg.py
+++ b/python/lib/cloudutils/syscfg.py
@ -224,10 +224,10 @@ class sysConfigServerRedhat(sysConfigServer):
    def __init__(self, glbEnv):
        super(sysConfigServerRedhat, self).__init__(glbEnv)
        self.svo = serviceOpsRedhat()
-        self.services = [firewallConfigServer(self)]
+        self.services = []

 class sysConfigServerUbuntu(sysConfigServer):
    def __init__(self, glbEnv):
        super(sysConfigServerUbuntu, self).__init__(glbEnv)
        self.svo = serviceOpsUbuntu()
-        self.services = [ubuntuFirewallConfigServer(self)]
+        self.services = []