Task #1343
closed
Permit connections to the mongodb servers from the EGI cloud networks
100%
Description
The smartgears nodes instantiated to the EGI cloud providers need to talk to our mongodb servers.
I have temporarily opened the mongodb to all while we gather the right network addresses.
Updated by Andrea Dell'Amico over 9 years ago
The CESNET network is 147.228.240.0/22
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 20
About the Catania provider, we can assume that the public network for the cloud images is 90.147.16.0/22
Updated by Andrea Dell'Amico over 9 years ago
Is this still valid, or all the apps are now using the http URIs?
Updated by Fabio Sinibaldi over 9 years ago
In my understanding connections were opened by storage handler, which now should use http connection to the URI resolver if needed. I don't fully understand the logic, so I'd ask @roberto.cirillo@isti.cnr.it to clarify on this.
Updated by Roberto Cirillo over 9 years ago
This is still valid: the smart-generic-worker downloads files by connection to mongodb servers.
Now the mongodb access is opened to all the world or only to the Catania provider network and CESNET network? If is open to all the world, could you restrict the connections only to Catania provider and CESNET networks, please?
Anyway I'm going to open a ticket to change the behavior of smart-generic-worker.
Updated by Andrea Dell'Amico over 9 years ago
Roberto Cirillo wrote:
This is still valid: the smart-generic-worker downloads files by connection to mongodb servers.
OK
Now the mongodb access is opened to all the world or only to the Catania provider network and CESNET network? If is open to all the world, could you restrict the connections only to Catania provider and CESNET networks, please?
mongo is now open to the world. This ticket's goal was to gather information about the cloud providers we are going to use. I'm going to add CESNET and INFN-CATANIA and remove the global ACL.
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from In Progress to Feedback
Removed the global ACL, added the CESNET and INFN-CATANIA networks.
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from Feedback to Closed
Updated by Andrea Dell'Amico over 9 years ago
We have a network for the Bari provider, too: 90.147.102.0/24
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from Closed to In Progress
Updated by Andrea Dell'Amico over 9 years ago
The German FZJ provider's network: 134.94.0.0/16
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from In Progress to Closed
The IN2P3-IRES (FR) cloud provider network: 134.158.0.0/16
