https://bugzilla.wikimedia.org/show_bug.cgi?id=60144
Web browser: ---
Bug ID: 60144
Summary: Audit security groups
Product: Wikimedia Labs
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: tools
Assignee: m...@uberbox.org
Reporter: t...@tim-landscheidt.de
CC: benap...@gmail.com, t...@tim-landscheidt.de
Classification: Unclassified
Mobile Platform: ---
Currently, intra-project traffic (i. e., from tools-login to tools-redis or
from tools-webproxy to tools-webgrid-01) is not subject to the firewall rules
of security groups. Due to that, security groups are not up to date, for
example, the redis security group doesn't explicitely allow traffic on port
6379.
The move to eqiad could change the default behaviour.
Therefore, prior to the move, we need to make sure that:
a) all hosts have proper security groups assigned, and
b) security groups really allow traffic they're supposed to allow.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
