You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@whirr.apache.org by "Adrian Cole (JIRA)" <ji...@apache.org> on 2010/08/17 23:55:16 UTC
[jira] Commented: (WHIRR-71) Only allow access to clusters from
defined networks
[ https://issues.apache.org/jira/browse/WHIRR-71?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12899614#action_12899614 ]
Adrian Cole commented on WHIRR-71:
----------------------------------
The firewall rules related to a service may need to be bumped up the stack a bit. It just so happens that EC2 enforces rules, but this is actually a service attribute that could be implemented many ways. I suggest coupling the rules with the cluster, service or spec object.
Then, in provisioning/config, one could apply them where it is needed (ex whitelist environments like ec2) or where they are desired (ex. the user wants a whitelist style env, but it isn't naturally supported, and therefore needs to be configured as software like iptables).
Patch is a good wip. Please submit an issue to jclouds for adding a cidr based rule to the ec2 template. There's still time to make this in beta-7
> Only allow access to clusters from defined networks
> ---------------------------------------------------
>
> Key: WHIRR-71
> URL: https://issues.apache.org/jira/browse/WHIRR-71
> Project: Whirr
> Issue Type: Bug
> Reporter: Tom White
> Assignee: Tom White
> Priority: Critical
> Fix For: 0.1.0
>
> Attachments: WHIRR-71.patch, WHIRR-71.patch
>
>
> By default a cluster should only be accessible from the machine that launched it, unless the client CIDR is specified to describe the machines that may access it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.