Changes between Version 1 and Version 2 of Puppet/Creating Web Services


Ignore:
Timestamp:
Oct 25, 2013 6:59:42 PM (8 years ago)
Author:
Scott Wales
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Puppet/Creating Web Services

    v1 v2  
    11= Creating Web & Network Services =
     2
     3Most network access to the system should be either through apache or ssh - for instance Java webapps running on tomcat should use an apache proxy rather than opening port 8080. Some services will require their own port, however access should be limited as much as possible for this by using the firewall.
    24
    35For services that require their own port:
    46
    5  * Create a secgroup
     7 1. Create a secgroup
    68{{{
    79nova secgroup-create nrpe
     
    911}}}
    1012
    11  * Open the firewall in the service's Puppet module (http/s and ssh are open by default)
     13 2. Open the firewall in the service's Puppet module (http/s and ssh are open by default)
    1214{{{
    1315firewall {"200 NRPE from ${sourceip}":
     
    1820}
    1921}}}
     22
     23For an example that uses this see [https://github.com/ScottWales/puppet-monitoring modules/monitoring], which takes a list of IP addresses to allow through the firewall as a class argument.