We've configured firewalld on several. We allow only ssh and http to the master node from the outside.
Inside it's wide open. On Mon, Sep 9, 2019 at 5:23 PM Jarrod Johnson <[email protected]> wrote: > That can work fine. Just make sure that your cluster interfaces can > access tcp ports 22, 80, 3001, 3002 and udp tftp, dns, dhcp, and udp ports > 1900 and 3001 at minimum. You may have more services you want to open but > I think that's a good minimal list at the moment off the top of my head. > > Sent from CoChat > ------------------------------ > *From:* John McCulloch > *Send time:* 2019-09-09 17:16:13 > *To:* xCAT Users Mailing list > *Subject:* [External] [xcat-user] firewalld on head node > > Is it problematic to run firewalld on the xCAT head node? I'm looking for > some way to curtail the security auditors from continuously probing our > cluster and sending reports. > > > John McCulloch | PCPC Direct, Ltd. | desk 713-344-0923 > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user >
_______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
