Re: Riak cluster protected by firewall

2016-09-18 Thread DeadZen 
Looks right, jmx not imx ;),
and yes provided the erlang kernel options are given to limit dist
comm range to 6000-7999

you can check this from the node (to make sure) with:
> [ application:get_env(kernel, X) || X <- 
> [inet_dist_listen_min,inet_dist_listen_max] ].
[{ok,6000},{ok,7999}]

On Sun, Sep 18, 2016 at 2:42 AM, Alex De la rosa
 wrote:
> So mainly the ports are:
>
> epmd listener: TCP:4369
> handoff_port listener: TCP:8099
> http: TCP:8098
> protocol buffers: TCP: 8087
> solr: TCP:8093
> solr imx: TCP:8985
> erlang range: TCP:6000~7999 (if configured in riak's configuration)
>
> Is that alright? am I missing any? or is there any of them that is not
> needed to add in the firewall?
>
> Thanks,
> Alex
>
> On Sun, Sep 18, 2016 at 5:57 AM, John Daily  wrote:
>>
>> You should find most of what you need here:
>> http://docs.basho.com/riak/kv/2.1.4/using/security/
>>
>> Sent from my iPhone
>>
>> On Sep 17, 2016, at 1:26 PM, Alex De la rosa 
>> wrote:
>>
>> Hi all,
>>
>> I have a cluster of 5 nodes connected to each other and now I want to use
>> UFW to deny any  external incoming traffic into them but i will allow each
>> node to access between themselves. Which ports should i open
>> (pb_port,http_port,solr,...)? I connect via pbc but i may need more ports
>> open i guess.
>>
>> A configurations like this (assuming is node_1):
>>
>> ufw default deny incoming
>> ufw default allow outgoing
>> ufw allow 22 --> SSH (private keys)
>> ufw allow from  to any port 443 --> HTTPS (API that talks
>> with Riak locally via Python client)
>>
>> ufw allow from  to any port 
>> ufw allow from  to any port 
>> ufw allow from  to any port 
>> ufw allow from  to any port 
>>
>> Thanks!
>> Alex
>>
>> ___
>> riak-users mailing list
>> riak-users@lists.basho.com
>> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
>
>
> ___
> riak-users mailing list
> riak-users@lists.basho.com
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>

___
riak-users mailing list
riak-users@lists.basho.com
http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com

app.config missing?

2016-09-18 Thread Alex De la rosa 
Hi there,

I'm trying to locate the app.config file in Riak 2.1.4-1 to add the
following:

{ kernel, [
{inet_dist_listen_min, 6000},
{inet_dist_listen_max, 7999}
  ]},

as explained at http://docs.basho.com/riak/kv/2.1.4/using/security but I
can't find it.

Thanks,
Alex
___
riak-users mailing list
riak-users@lists.basho.com
http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com

Re: Riak cluster protected by firewall

2016-09-18 Thread Alex De la rosa 
So mainly the ports are:

epmd listener: TCP:4369
handoff_port listener: TCP:8099
http: TCP:8098
protocol buffers: TCP: 8087
solr: TCP:8093
solr imx: TCP:8985
erlang range: TCP:6000~7999 (if configured in riak's configuration)

Is that alright? am I missing any? or is there any of them that is not
needed to add in the firewall?

Thanks,
Alex

On Sun, Sep 18, 2016 at 5:57 AM, John Daily  wrote:

> You should find most of what you need here: http://docs.basho.com/
> riak/kv/2.1.4/using/security/
>
> Sent from my iPhone
>
> On Sep 17, 2016, at 1:26 PM, Alex De la rosa 
> wrote:
>
> Hi all,
>
> I have a cluster of 5 nodes connected to each other and now I want to use
> UFW to deny any  external incoming traffic into them but i will allow each
> node to access between themselves. Which ports should i open
> (pb_port,http_port,solr,...)? I connect via pbc but i may need more ports
> open i guess.
>
> A configurations like this (assuming is node_1):
>
> ufw default deny incoming
> ufw default allow outgoing
> ufw allow 22 --> SSH (private keys)
> ufw allow from  to any port 443 --> HTTPS (API that talks
> with Riak locally via Python client)
>
> ufw allow from  to any port 
> ufw allow from  to any port 
> ufw allow from  to any port 
> ufw allow from  to any port 
>
> Thanks!
> Alex
>
> ___
> riak-users mailing list
> riak-users@lists.basho.com
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
>
___
riak-users mailing list
riak-users@lists.basho.com
http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com