[Gluster-infra] Firewall upgrade and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

(this time with right recipient)

after several month of tests, and sinc epeople seems to be out for
Diwala in the indian office, I did took the time to finally switch the
firewall from firewalld to nftables.

The switch went well, but due to unforeseen consequence, it is possible
that some hosts in the internal network did suffer from a 30 seconds
lose of connectivity (due to firewall switching affecting the
deployment of the firewall itself). 

However, this kind of failure was taken in account and the change got
rollback pretty quickly.  

So we are now using a more hardened firewall, based on nftables. I will
continue to harden the rules in the weeks coming. It should be as
seemless as possible, but if anything break in a *.int.rht.gluster.org
server (mostly builders) please tell infra team.


-- 
Michael Scherer
Sysadmin, Community Infrastructure and Platform, OSAS

_______________________________________________
Gluster-infra mailing list
Gluster-infra@xxxxxxxxxxx
https://lists.gluster.org/mailman/listinfo/gluster-infra

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Gluster-devel mailing list
Gluster-devel@xxxxxxxxxxx
https://lists.gluster.org/mailman/listinfo/gluster-devel

[Index of Archives]     [Gluster Users]     [Ceph Users]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux