You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by David Jumani <Da...@shapeblue.com> on 2020/08/03 09:09:53 UTC

Re: Fresh 4.14 install - UI won't start after reboot

Hi,

I've created a PR with a message for the same

https://github.com/apache/cloudstack/pull/4239
[https://avatars3.githubusercontent.com/u/47359?s=400&v=4]<https://github.com/apache/cloudstack/pull/4239>
Adding message to ensure ports are open by davidjumani · Pull Request #4239 · apache/cloudstack<https://github.com/apache/cloudstack/pull/4239>
Description Displays a message so that the user knows to open up the following ports on the management server since the host might be using unsupported firewall management tools Types of changes ...
github.com


Haven't removed the part that adds the rules so existing functionality remains the same but lets the user know that the ports need to be opened. Let me know what you all think!

Thanks,
David
________________________________
From: Andrija Panic <an...@gmail.com>
Sent: Friday, July 31, 2020 4:34 PM
To: users <us...@cloudstack.apache.org>
Subject: Re: Fresh 4.14 install - UI won't start after reboot

Fully agree.... anyone up for a PR that would edit the script to avoid
firewall rules setup but instead print a descriptive message advising ports
8080, 8443, 8250 and possibly 8096 should be open?

cheers,

On Fri, 31 Jul 2020 at 10:26, Riepl, Gregor (SWISS TXT) <
Gregor.Riepl@swisstxt.ch> wrote:

> Hi Andrija,
>
> My idea would be to either ensure (in the cloudstack-setup-management) that
> both firewalld/ufw are disabled and continue operating with pure iptables
>  OR  to not add rules at all, but instead print a message on the
> requirements to open access to ports 8080/8250/9090 with whatever firewall
> management tool the user uses
>
> ​Supporting many different firewall management tools will be a Herculean
> effort and may still fail when new tools emerge.
> I think it would be ok to drop automatic firewall rule creation and let
> the user manage their own rules instead.
>
> It's always been this way on Debian (and derivates), and I don't see why
> other distributions should be different.
> Perhaps RHEL/CentOS has handled this differently in the past, and
> firewalld is supposed to solve the distribution fragmentation problem, just
> like systemd did. But there's far less adoption of firewalld than systemd,
> so I don't think it makes sense to try to solve this in CloudStack.
>
> (just my 2¢)
>
> Regards,
> Gregor
>


--

Andrija Panić

David.Jumani@shapeblue.com 
www.shapeblue.com
3 London Bridge Street,  3rd floor, News Building, London  SE1 9SGUK
@shapeblue