Hey Marc, It's not too complicated or over kill I don't think. At first I was of the same opinion but am currently setting it up on a small development environment. The benefit is that you can define network policies as code and execute them using automation so if a CI tool like Jenkins is a part of your stack you can programmatically tear down and rebuild avoiding manual steps and helping make environment rebuilds consistent.
Cheers On Thu, 25 Jul 2019, 16:38 Marc Roos, <[email protected]> wrote: > > Thanks Greg for the suggestion. Looked a bit at it, I am not sure if it > is not a bit of an overkill for my small environment. I am now testing a > bit with a plugin I made that creates iptables rules directly in the > namespace. Just need to make it more 'dynamic'. > > > > > -----Original Message----- > From: Greg Langford [mailto:[email protected]] > Sent: woensdag 24 juli 2019 16:54 > To: [email protected] > Subject: Re: Firewall options > > Use Calico as a CNI network, you can then use Calico to apply network > policies. > > On Wed, 24 Jul 2019, 15:52 Marc Roos, <[email protected]> wrote: > > > > > I am having a test setup with mesos and marathon, and playing now > a > bit > with haproxy. On vm's I am using iptables to throttle brute force > rdp > connections for instance. > What would be the advised way to apply this to the haproxy app? > > > > > > > > > >
