Project

General

Profile

Actions
Copy link

Cleanup #50375

closed

cephadm firewall: move to unit.run?

Added by Sebastian Wagner about 3 years ago. Updated over 2 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:

0%

Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:

Description

Right now, firewall ports are opened when deploying a unit.

We should investigate, if the firewall could be configured within the unit.run file. And also close the again when stopping the unit.

Benefits:

  • we're not leaving ports open when undeploying daemons
  • slightly faster deployment of units
  • increased security as we're not opening ports without actually using them.

Is this doable and worthwile?

Actions
Copy link
 #1

Updated by Sebastian Wagner about 3 years ago

  • Subject changed from cpehadm firewall: move to unit.run? to cephadm firewall: move to unit.run?
Actions
Copy link
 #2

Updated by Sebastian Wagner over 2 years ago

  • Status changed from New to Rejected

nope.

Actions
Copy link

Also available in: Atom PDF