jvehent
commented
10 years ago I'm not sure what you are asking beyond some more examples... I'm happy to update the doc where needed, but without knowing what you don't yet understand, it's sort of hard :)
Below are a few examples from an old config, that gives you an idea of how to use Chef searches to open inbound and outbound rules:
:afw => {
:rules => {
'Graphite Server Web Interface' => {
:protocol => 'tcp',
:direction => 'in',
:user => 'www-data',
:source => '0.0.0.0/0',
:dport => '80'
},
'Graphite Line Entry Points' => {
:protocol => 'tcp',
:direction => 'in',
:user => 'www-data',
:source => ['roles:chef-client',
'172.17.0.0/24'],
:dport => '2003'
},
'Graphite Pickle Inbound Replication' => {
:protocol => 'tcp',
:direction => 'in',
:user => 'www-data',
:source => 'roles:graphite-server OR recipes:graphite*',
:dport => '2014'
},
'Graphite Pickle Outbound Replication' => {
:protocol => 'tcp',
:direction => 'out',
:user => 'www-data',
:destination => 'roles:graphite-server',
:dport => '2014'
},
'Graphite Metrics access from LAN' => {
:direction => 'in',
:protocol => 'tcp',
:user => 'www-data',
:source => '10.0.0.0/8',
:dport => '2003',
}
}
dhartford
This projects looks perfect for what I'm looking for, however, are there some more 'general' usecases that can help break down what problems AFW can solve?
(Blog, wiki, etc versus github directly possibly).
For example, nginix server fronting a tomcat app that talks to a mysql database (3 different servers, 3 different chef recipes/templates) sounds like what AFW handles the network connecting piece between each (nginix:80 -> public facing, nginix* -> tomcat:8080, tomcat:* -> mysql:3306)
If this seems correct, maybe just a link to wiki or blog that helps provide some hands-on examples (don't get me wrong, the examples in the readme are great, but assume some expectations that you already know what you are doing :-).