Revert some changes made in #4149 (#4175)

After some more research and testing it turns out we can support the use case where you want to reuse an associated IP address that already has port 22 or 5985 forwarded, by using a random public port.

The correct port to open in the firewall is different for the type of firewall used. The standard firewall requires the public port to be opened and the network ACL requires the private port to be opened.

So by partially reverting this code and updating which ports to open in which cases, we can support all use cases again.

builder/cloudstack/step_configure_networking.go

@@ -2,14 +2,19 @@ package cloudstack
 
 import (
 	"fmt"
+	"math/rand"
 	"strings"
+	"time"
 
 	"github.com/mitchellh/multistep"
 	"github.com/mitchellh/packer/packer"
 	"github.com/xanzy/go-cloudstack/cloudstack"
 )
 
-type stepSetupNetworking struct{}
+type stepSetupNetworking struct {
+	privatePort int
+	publicPort  int
+}
 
 func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction {
 	client := state.Get("client").(*cloudstack.CloudStackClient)
@@ -24,6 +29,21 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 		return multistep.ActionContinue
 	}
 
+	// Generate a random public port used to configure our port forward.
+	rand.Seed(time.Now().UnixNano())
+	s.publicPort = 50000 + rand.Intn(10000)
+
+	// Set the currently configured port to be the private port.
+	s.privatePort = config.Comm.Port()
+
+	// Set the SSH or WinRM port to be the randomly generated public port.
+	switch config.Comm.Type {
+	case "ssh":
+		config.Comm.SSHPort = s.publicPort
+	case "winrm":
+		config.Comm.WinRMPort = s.publicPort
+	}
+
 	// Retrieve the instance ID from the previously saved state.
 	instanceID, ok := state.Get("instance_id").(string)
 	if !ok || instanceID == "" {
@@ -54,10 +74,6 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 			p.SetNetworkid(network.Id)
 		}
 
-		if config.Zone != "" {
-			p.SetZoneid(config.Zone)
-		}
-
 		// Associate a new public IP address.
 		ipAddr, err := client.Address.AssociateIpAddress(p)
 		if err != nil {
@@ -76,9 +92,9 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 	ui.Message("Creating port forward...")
 	p := client.Firewall.NewCreatePortForwardingRuleParams(
 		config.PublicIPAddress,
-		config.Comm.Port(),
+		s.privatePort,
 		"TCP",
-		config.Comm.Port(),
+		s.publicPort,
 		instanceID,
 	)
 
@@ -110,8 +126,8 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 		p.SetAclid(network.Aclid)
 		p.SetAction("allow")
 		p.SetCidrlist(config.CIDRList)
-		p.SetStartport(config.Comm.Port())
-		p.SetEndport(config.Comm.Port())
+		p.SetStartport(s.privatePort)
+		p.SetEndport(s.privatePort)
 		p.SetTraffictype("ingress")
 
 		// Create the network ACL rule.
@@ -131,8 +147,8 @@ func (s *stepSetupNetworking) Run(state multistep.StateBag) multistep.StepAction
 
 		// Configure the firewall rule.
 		p.SetCidrlist(config.CIDRList)
-		p.SetStartport(config.Comm.Port())
-		p.SetEndport(config.Comm.Port())
+		p.SetStartport(s.publicPort)
+		p.SetEndport(s.publicPort)
 
 		fwRule, err := client.Firewall.CreateFirewallRule(p)
 		if err != nil {