Open GoogleCodeExporter opened 9 years ago
You could use iptables to block access to the RAPI port on non-cluster IP
addresses. What you can also try is to set RAPI_ARGS="--bind 1.2.3.4" (use the
correct IP address) in /etc/default/ganeti. I don't know if this will work in
all cases. These are just workarounds of course.
Original comment by han...@google.com
on 6 Jul 2011 at 4:51
I am sorry, I should have written that I am already using the RAPI_ARGS
configuration variable in /etc/default/ganeti. I have set it to the cluster IP.
Maybe we could discard this issue and just put a note in the documentation. I
like the "secure by default" approach, but this is not necessarily always the
best way.
Original comment by diaere...@gmail.com
on 7 Jul 2011 at 12:32
Hi,
Trying to see if we can fix this; where in the docs do you think this should
be? In the installation guide, or in the admin guide?
Original comment by ius...@google.com
on 23 May 2012 at 12:16
Hi iustin,
for me, I would put it into the administration part of the guide. My reasoning
is that installation is to go to the point where "it runs" and administration
is to explore the corner cases and the implications of the system. Putting this
in the installation part would complicate it and may result in more errors,
thus more support questions. Better to install then adjust.
Thanks for considering this issue again and thanks for Ganeti, still using it,
still really happy :)
loïc
Original comment by diaere...@gmail.com
on 24 May 2012 at 12:40
Original comment by ius...@google.com
on 19 Jul 2012 at 2:30
Original comment by ultrot...@google.com
on 3 May 2013 at 9:25
Original comment by ultrot...@google.com
on 30 Jul 2013 at 1:52
Move non-critical bugs scheduled for 2.8 or 2.9 to 2.11, as in those versions
only critical bug fixes will be integrated.
Original comment by thoma...@google.com
on 30 Oct 2013 at 9:48
Original issue reported on code.google.com by
diaere...@gmail.com
on 28 Jun 2011 at 12:03