Hey Norman, Your assumption is correct. In this particular situation, with regard to the AppFog Application, you'd need to provide another facade over the Riak Cluster in AWS that would provide security and API end point access. This facade application, which easily could just be another node.js web service running at AWS, would provide all access while the Riak Cluster would be setup and allowed only internal communication with the facade layer.
Another option is to move the existing application to AWS. One good option is to use Beanstalk for Node.js and then you can just open up internal to AWS ports per their firewall settings to connect the Riak Cluster directly to the actual Node.js Application. That would remove the need for a completely autonomous service facade. Cheers, -Adron On Thu, Jun 6, 2013 at 12:58 AM, Norman Khine <[email protected]> wrote: > hi adron, > thanks for the reply, my current setup is simple, i have an > node.js/express website, where users can register and add content to > mongodb hosted on AppFog with Redis used for sessions. i like to move this > over to riak. > > i was looking at > http://docs.basho.com/riak/latest/cookbooks/Network-Security-and-Firewall-Configurations/and > it states that clients should be able to communicate to port 8089 or > 8087 depending on what back-end you use, that is fine i understand this. so > in my case the client is the application on AppFog which 'talks' to the > riak cluster (CRUD) > > where i am unsure/uneasy, is that AppFog uses a global IP address, so > 176.34.147.242 with af-eu01-1982654436.eu-west-1.elb.amazonaws.com, as i > chose AWS for the deployment, but if i open the firewall to this IP address > then anyone with an AppFog application on AWS would be able to access my > riak cluster! > > or am i missing something? > > any advice much appreciated. > > > On Thu, Jun 6, 2013 at 5:18 AM, Adron Hall <[email protected]> wrote: > >> Hey Norman, >> >> Could you elaborate on how you are currently planning to migrate and >> setup your cluster? Is it in another cloud provider such as AWS or Azure? >> >> From a connection point of view one could access the database directly >> from AppFog the same way as one would access any external (of AppFog) >> sysystem, but may need to have an appropriate API or network level of >> security put in place. I can elaborate more when I get a little better >> picture of how the architecture is being setup. >> >> Thanks, >> -Adron >> > > > > -- > %>>> "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-83)%26) > for c in ",adym,*)&uzq^zqf" ] ) > -- *Adron B Hall* Blog <http://compositecode.com/>, Adron.Me <http://adron.me/>, @adron<http://twitter.com/adron> with Basho <http://basho.com/> @Basho <https://twitter.com/basho>
_______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
