I got some helpful tips from Coren in irc today that I thought I'd pass on to others who may be starting to setup their projects in eqiad.
Security group rules from pmtpa were copied over to eqiad, which is awesome, but they probably need some changes. I needed to change the port 22 (ssh) allowed CIDR range so that proxying via bastion-eqiad.wmflabs.org was allowed. To do this: * Add a rule allowing port 22 TCP from 10.0.0.0/8 * Delete old rule allowing port 22 TCP from 10.4.0.0/21 Just to be "safe" I did the same thing for port 5666 (icinga monitor) in eqiad. I also changed my ssh allowed rule in pmtpa to make copying things from one data center to the other easier. Thanks to Coren for pointing me to this and giving me the CIDR range to use. And in general big props to everyone who has helped get the eqiad data center up and running. Three cheers for the death of gluster! Bryan -- Bryan Davis Wikimedia Foundation <[email protected]> [[m:User:BDavis_(WMF)]] Sr Software Engineer Boise, ID USA irc: bd808 v:415.839.6885 x6855 _______________________________________________ Labs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/labs-l
