Sha256: 79508ff73e1d525fc2dd64ce5bc1d33f745cbd2783fdd388708ac58b8676cdc5

Contents?: true

Size: 1.68 KB

Versions: 9

Compression:

Stored size: 1.68 KB

Contents

module Ironfan
  ComputeBuilder.class_eval do

    # organization-wide security group
    role_implication "systemwide" do
      self.cloud.security_group "systemwide" do
      end
    end

    # NFS server allows access from nfs_clients
    role_implication "nfs_server" do
      self.cloud.security_group "nfs_server" do
        authorize_group "nfs_client"
      end
    end

    role_implication "nfs_client" do
      self.cloud.security_group "nfs_client"
    end

    # Opens port 22 to the world
    role_implication "ssh" do
      self.cloud.security_group 'ssh' do
        authorize_port_range 22..22
      end
    end

    # Open the Chef server API port (4000) and the webui (4040)
    role_implication "chef_server" do
      self.cloud.security_group "chef_server" do
        authorize_port_range 4000..4000  # chef-server-api
        authorize_port_range 4040..4040  # chef-server-webui
      end
    end

    # web server? add the group "web_server" to open the web holes
    role_implication "web_server" do
      self.cloud.security_group("#{cluster_name}-web_server") do
        authorize_port_range  80..80
        authorize_port_range 443..443
      end
    end

    # if you're a redis server, open the port and authorize redis clients in your group to talk to you
    role_implication("redis_server") do
      cluster_name = self.cluster_name # hack: put cluster_name is in scope
      self.cloud.security_group("#{cluster_name}-redis_server") do
        authorize_group("#{cluster_name}-redis_client")
      end
    end

    # redis_clients gain rights to the redis_server
    role_implication("redis_client") do
      self.cloud.security_group("#{cluster_name}-redis_client")
    end

  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version Path
ironfan-3.2.2 lib/ironfan/role_implications.rb
ironfan-3.1.7 lib/ironfan/role_implications.rb
ironfan-3.1.6 lib/ironfan/role_implications.rb
ironfan-3.1.5 lib/ironfan/role_implications.rb
ironfan-3.1.4 lib/ironfan/role_implications.rb
ironfan-3.1.3 lib/ironfan/role_implications.rb
ironfan-3.1.2 lib/ironfan/role_implications.rb
ironfan-3.1.1 lib/ironfan/role_implications.rb
ironfan-3.1.0.rc1 lib/ironfan/role_implications.rb