cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Riepl, Gregor (SWISS TXT)" <Gregor.Ri...@swisstxt.ch>
Subject Re: Fresh 4.14 install - UI won't start after reboot
Date Fri, 31 Jul 2020 08:25:49 GMT
Hi Andrija,

My idea would be to either ensure (in the cloudstack-setup-management) that
both firewalld/ufw are disabled and continue operating with pure iptables
 OR  to not add rules at all, but instead print a message on the
requirements to open access to ports 8080/8250/9090 with whatever firewall
management tool the user uses

​Supporting many different firewall management tools will be a Herculean effort and may
still fail when new tools emerge.
I think it would be ok to drop automatic firewall rule creation and let the user manage their
own rules instead.

It's always been this way on Debian (and derivates), and I don't see why other distributions
should be different.
Perhaps RHEL/CentOS has handled this differently in the past, and firewalld is supposed to
solve the distribution fragmentation problem, just like systemd did. But there's far less
adoption of firewalld than systemd, so I don't think it makes sense to try to solve this in
CloudStack.

(just my 2¢)

Regards,
Gregor
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message