Merge lp:~michael.nelson/charms/trusty/elasticsearch/ufw-for-peers-too into lp:~charmers/charms/trusty/elasticsearch/trunk
Proposed by
Michael Nelson
Status: | Merged |
---|---|
Approved by: | Matt Bruzek |
Approved revision: | 41 |
Merge reported by: | Matt Bruzek |
Merged at revision: | not available |
Proposed branch: | lp:~michael.nelson/charms/trusty/elasticsearch/ufw-for-peers-too |
Merge into: | lp:~charmers/charms/trusty/elasticsearch/trunk |
Prerequisite: | lp:~michael.nelson/charms/trusty/elasticsearch/add-ufw |
Diff against target: |
82 lines (+20/-2) 5 files modified
README.md (+4/-0) hooks/hooks.py (+1/-0) playbook.yaml (+4/-1) tasks/peer-relations.yml (+0/-1) tasks/setup-ufw.yml (+11/-0) |
To merge this branch: | bzr merge lp:~michael.nelson/charms/trusty/elasticsearch/ufw-for-peers-too |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Matt Bruzek (community) | Approve | ||
Kapil Thangavelu (community) | Approve | ||
Review via email: mp+225968@code.launchpad.net |
Commit message
Firewall rules for the node-to-node communications port 9300
Description of the change
This branch follows on from the prerequisite, and adds firewall rules for the peer-to-peer communications port 9300.
I found that I could only deny all on 9300 once the unit had joined the cluster, as the es master communicates back to the unit is part of joining the cluster.
Here's a full demo of adding and destroying units showing the firewall rules at each step (note, the charm has a task that actually fails if a unit fails to join the cluster):
To post a comment you must log in.
same comments apply to this as to the pre-req merge proposal, re upgrade of extant cluster.