Make machines running geth accessible only from our clusters and the deployment server #306
Labels
Comments
|
The virtual machine without external ip doesn't have access to internet. To update or install some packages on that kind of machine, we must configure proxy or gateway on instance that have external ip. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In #305 we want to put geth on dedicated machines in GCE. It's easiest to just make them publicly available but that's not the most secure option. In GCE it's possible to create a virtual network and give the machines in it internal IPs. We should create such a network containing our clusters, the deployment server (actually right now we don't have a dedicated deployment server; the build server serves that role) and the geth machines.
Since the geth machines are not accessible from the outside, their configuration playbook must be executed from the deployment server. You may need to use gcloud to make it possible to use SSH on the build server to log into the machine.
All the changes made with
gcloudshould be scripted. Put the script in thecloud/directory in the repository.The text was updated successfully, but these errors were encountered: