Hi all,
A customer is using a bring-your-own-node location, and wants to use
something akin to the JcloudsLocation's openIptables. In
JcloudsLocation, it will look at the inboundPorts configuration, and
open those ports in the iptables rules on the OS.
A fundamental question... is this the responsibility of the location, or
should this be in the entity (i.e. the location just does cloud config +
setup of the initial user, and then hands over the VM; whatever is on
the actual OS is the responsibility of the entity)?
I favour adding to SoftwareProcess the config keys:
* openIptables (default true)
* stopIptables (default false)
* dontRequireTtyForSudo (default false - see
BashCommands.dontRequireTtyForSudo for details)
These would be the first things done by the SoftwareProcess (prior to
executing the pre-install commands). The SoftwareProcess has access to
the inboundPorts (it passed those in when obtaining the machine).
Does this sound sensible? Comments much appreciated!
Aled
