TANGO Cloud VMs use firewalld by default, by default minimal ports will be open. To get a list of the ports that are open you can use the below command.
To know what zone you are running in you can run....
To list all the available zones you can run...
In order to open ports on TANGO Cloud VMs you need to use the firewall-cmd command from the terminal with the "--add" option. When using this command you also need to define a zone for the rule to apply within. For example to open port 80 for http traffic in the public zone. (using the public zone is usually the option if you want to be able to access your server via SSH and not via the TANGO Cloud console)
firewall-cmd --zone=public --add-port=80/tcp
IMPORTANT NOTE: when using the above command the rule gets added to the current runtime environment, this means that as soon as you reboot the machine that rule will be lost. To fix this issue adjust the command as below.
firewall-cmd --permanent --zone=public --add-port=80/tcp
After adding rules to firewalld please run the command to reload the firewall
For further documentation on the use of firewalld, please go to their website: http://www.firewalld.org/documentation/
PLEASE NOTE: Using UFW or IPTables will have adverse effects.