brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Corbett <sam.corb...@cloudsoftcorp.com>
Subject Re: openIptables with BYON machines: add to SoftwareProcess?
Date Mon, 20 Jul 2015 10:01:45 GMT
Hi Aled,

I favour including these parameters on the entity. Presumably it is the
software process being modelled that requires iptables opened or stopped.

Sam


On 17 July 2015 at 21:41, Aled Sage <aled.sage@gmail.com> wrote:

> Hi all,
>
> A customer is using a bring-your-own-node location, and wants to use
> something akin to the JcloudsLocation's openIptables. In JcloudsLocation,
> it will look at the inboundPorts configuration, and open those ports in the
> iptables rules on the OS.
>
> A fundamental question... is this the responsibility of the location, or
> should this be in the entity (i.e. the location just does cloud config +
> setup of the initial user, and then hands over the VM; whatever is on the
> actual OS is the responsibility of the entity)?
>
> I favour adding to SoftwareProcess the config keys:
>
>  * openIptables (default true)
>  * stopIptables (default false)
>  * dontRequireTtyForSudo (default false - see
>    BashCommands.dontRequireTtyForSudo for details)
>
> These would be the first things done by the SoftwareProcess (prior to
> executing the pre-install commands). The SoftwareProcess has access to the
> inboundPorts (it passed those in when obtaining the machine).
>
> Does this sound sensible? Comments much appreciated!
>
> Aled
>
>

-- 
Cloudsoft Corporation Limited, Registered in Scotland No: SC349230. 
 Registered Office: 13 Dryden Place, Edinburgh, EH9 1RP
 
This e-mail message is confidential and for use by the addressee only. If 
the message is received by anyone other than the addressee, please return 
the message to the sender by replying to it and then delete the message 
from your computer. Internet e-mails are not necessarily secure. Cloudsoft 
Corporation Limited does not accept responsibility for changes made to this 
message after it was sent.

Whilst all reasonable care has been taken to avoid the transmission of 
viruses, it is the responsibility of the recipient to ensure that the 
onward transmission, opening or use of this message and any attachments 
will not adversely affect its systems or data. No responsibility is 
accepted by Cloudsoft Corporation Limited in this regard and the recipient 
should carry out such virus and other checks as it considers appropriate.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message