You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/06/22 12:19:30 UTC

[GitHub] [pulsar] akshayar opened a new issue, #16176: AWS Deployment using terraform | all nodes have SSH open to the world

akshayar opened a new issue, #16176:
URL: https://github.com/apache/pulsar/issues/16176

   **Is your enhancement request related to a problem? Please describe.**
   A clear and concise description of what the enhancement is.
   I am referring to https://github.com/apache/pulsar/blob/master/deployment/terraform-ansible/aws/security.tf. The default security group (SG) opens SSH to the world and this SG gets applied to all the nodes. This is not a right practice. I would recommend opening only the proxy for SSH from anywhere. You can allow SSH from the default SG elsewhere.  
   
   **Describe the solution you'd like**
   A clear and concise description of what you want to happen.
   I am referring to https://github.com/apache/pulsar/blob/master/deployment/terraform-ansible/aws/security.tf. Create 3 SGs. 1) ELB 2) Proxy and 3) default. Open only Proxy for SSH. Apply Proxy and default to proxy server. Apply default to all other nodes. Also in the instructions ask to use private IP everywhere. `TF_STATE=./ TF_KEY_NAME=private_ip ansible-playbook   --user='ec2-user'   --inventory=~/environment/terraform-inventory  ../deploy-pulsar.yaml
   ` , this is useful as now servers are connecting to each other using private IP. 
   **Describe alternatives you've considered**
   A clear and concise description of any alternative solutions or features you've considered.
   
   **Additional context**
   Add any other context or screenshots about the feature request here.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] github-actions[bot] commented on issue #16176: AWS Deployment using terraform | all nodes have SSH open to the world

Posted by GitBox <gi...@apache.org>.

github-actions[bot] commented on issue #16176:
URL: https://github.com/apache/pulsar/issues/16176#issuecomment-1193039191

   The issue had no activity for 30 days, mark with Stale label.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org