[one-users] Dynamic firewall like Amazon
Steven Timm
timm at fnal.gov
Tue Feb 1 10:47:20 PST 2011
OpenNebula allows you to define private networks that
are accessible by different user groups. What it does
not have is the ability to assign a (public IP, port)
combination and forward that traffic into the private net.
(In Eucalyptus, for instance, this is the euca-allocate-address,
euca-associate-address set of commands).
It is tricky to do that implementation correctly. WE liked the
feature but Eucalyptus implemented it in a pig-headed way that
made the frontend be a single bottleneck for network traffic
and a single point of failure. Hopefully if Opennebula ever
tries it they will do it right.
Steve Timm
On Tue, 1 Feb 2011, Zeeshan Ali Shah wrote:
> No Firewall yet , that is i am asking how to put mechanism like Security
> Group of amazon . preferably with out any HW (if possible)
>
> Zeeshan
>
> On 02/01/2011 06:50 PM, Toens Bueker wrote:
>> Zeeshan Ali Shah<zashah at pdc.kth.se> wrote:
>>
>>
>>> any way to configure Dynamic firewall options like in Amazon or
>>> Eucalyptus . (security group)
>>>
>> What kind of firewall-mechanism do you use? How is it configured?
>>
>> Regards,
>> Töns
>>
>
>
>
--
------------------------------------------------------------------
Steven C. Timm, Ph.D (630) 840-8525
timm at fnal.gov http://home.fnal.gov/~timm/
Fermilab Computing Division, Scientific Computing Facilities,
Grid Facilities Department, FermiGrid Services Group, Group Leader.
Lead of FermiCloud project.
More information about the Users
mailing list