JcloudsLocation: allow disabling of opening IP Tables - If not WAIT_FOR_SSHABLE then don't try to mapSecurityGroupRuleToIpTables. With private subnets, this fails because the IP that jclouds knows about isn't visible. Subsequent code in brooklyn can set up port-forwarding to make it usable, but this code blocked waiting and then failed.
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/a253e39c Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/a253e39c Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/a253e39c Branch: refs/heads/0.5.0 Commit: a253e39c6a680d9b2ae458c28ff8006fc5fddb3f Parents: 1a41019 Author: Aled Sage <[email protected]> Authored: Wed Apr 17 14:44:43 2013 +0100 Committer: Aled Sage <[email protected]> Committed: Thu Apr 25 11:22:15 2013 +0100 ---------------------------------------------------------------------- .../java/brooklyn/location/jclouds/JcloudsLocation.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/a253e39c/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java ---------------------------------------------------------------------- diff --git a/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java b/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java index c044232..43baea3 100644 --- a/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java +++ b/locations/jclouds/src/main/java/brooklyn/location/jclouds/JcloudsLocation.java @@ -336,8 +336,14 @@ public class JcloudsLocation extends AbstractCloudMachineProvisioningLocation im JcloudsSshMachineLocation sshLocByHostname = registerJcloudsSshMachineLocation(node, vmHostname, setup); // Apply same securityGroups rules to iptables, if iptables is running on the node - mapSecurityGroupRuleToIpTables(computeService, node, initialCredentials, "eth0", - (Iterable<Integer>) setup.get(INBOUND_PORTS)); + String waitForSshable = setup.get(WAIT_FOR_SSHABLE); + if (!(waitForSshable!=null && "false".equalsIgnoreCase(waitForSshable))) { + mapSecurityGroupRuleToIpTables(computeService, node, initialCredentials, "eth0", + (Iterable<Integer>) setup.get(INBOUND_PORTS)); + } else { + // Otherwise would break CloudStack, where port-forwarding means that jclouds opinion + // of using port 22 is wrong. + } // Apply any optional app-specific customization. for (JcloudsLocationCustomizer customizer : getCustomizers(setup)) {
