[
https://issues.apache.org/jira/browse/WHIRR-71?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12899614#action_12899614
]
Adrian Cole commented on WHIRR-71:
----------------------------------
The firewall rules related to a service may need to be bumped up the stack a
bit. It just so happens that EC2 enforces rules, but this is actually a
service attribute that could be implemented many ways. I suggest coupling the
rules with the cluster, service or spec object.
Then, in provisioning/config, one could apply them where it is needed (ex
whitelist environments like ec2) or where they are desired (ex. the user wants
a whitelist style env, but it isn't naturally supported, and therefore needs to
be configured as software like iptables).
Patch is a good wip. Please submit an issue to jclouds for adding a cidr based
rule to the ec2 template. There's still time to make this in beta-7
> Only allow access to clusters from defined networks
> ---------------------------------------------------
>
> Key: WHIRR-71
> URL: https://issues.apache.org/jira/browse/WHIRR-71
> Project: Whirr
> Issue Type: Bug
> Reporter: Tom White
> Assignee: Tom White
> Priority: Critical
> Fix For: 0.1.0
>
> Attachments: WHIRR-71.patch, WHIRR-71.patch
>
>
> By default a cluster should only be accessible from the machine that launched
> it, unless the client CIDR is specified to describe the machines that may
> access it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
