[Labs-l] Project security group changes in eqiad labs
Andrew Bogott
abogott at wikimedia.org
Fri Mar 7 02:09:52 UTC 2014
On 3/7/14 7:53 AM, Bryan Davis wrote:
> * Add a rule allowing port 22 TCP from 10.0.0.0/8
> * Delete old rule allowing port 22 TCP from 10.4.0.0/21
Thanks for sending this, Bryan! I've started a 'troubleshooting'
section on wikitech with an entry about this, here:
https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration_Howto#Troubleshooting
-- all of you are welcome to contribute to that section.
Ideally I would just make this security rule change to every project
preemptively, but I don't have enough confidence in my mysql skills to
run such an invasive script. If anyone wants to help me out with this,
please ping me on IRC, I'll show you the schema in question and maybe
we can work something out.
-Andrew
>
> Just to be "safe" I did the same thing for port 5666 (icinga monitor)
> in eqiad. I also changed my ssh allowed rule in pmtpa to make copying
> things from one data center to the other easier.
>
> Thanks to Coren for pointing me to this and giving me the CIDR range
> to use. And in general big props to everyone who has helped get the
> eqiad data center up and running. Three cheers for the death of
> gluster!
>
> Bryan
More information about the Labs-l
mailing list