StarCluster - Mailing List Archive

Adding security group permissions

From: C. Titus Brown <no email>
Date: Mon, 12 Mar 2012 22:01:11 -0400

Hi all,

thanks for Starcluster! Truly awesome.

I'm running into a slight security group problem with 0.93.1 that I don't understand.

I was using starcluster start to start an EBS AMI, and everything seemed to be working fine -- it would start up & I would be able to ssh into it with 'sshmaster'.

Then I wanted to add https to the security group permissions on startup, so I modified my '[cluster smallcluster]' config settings to include

PERMISSIONS = ssh, https

and then added

---
[permission ssh]
protocol=tcp
from_port=22
to_port=22
[permission https]
protocol=tcp
from_port=443
to_port=443
---
at the bottom of the config file.
This worked partially: https was now allowed.  But ssh wasn't any more!
I can disable https and enable ssh on start by commenting out PERMISSIONS; or disable ssh and enable https by uncommenting PERMISSIONS.
Any thoughts?  I have verified that the security settings on Amazon match the behavior (that is, no SSH port added when PERMISSIONS is uncommented, etc.)
thanks,
--titus
The output, with PERMISSIONS uncommented:
>>> Using default cluster template: smallcluster
>>> Validating cluster template settings...
>>> Cluster template settings are valid
>>> Starting cluster...
>>> Launching a 1-node cluster...
>>> Creating security group _at_sc-test2...
>>> Opening tcp port range 443-443 for CIDR 0.0.0.0/0
Reservation:r-e5fbe185
>>> Starting cluster took 0.033 mins
The output, with PERMISSIONS commented out:
>>> Using default cluster template: smallcluster
>>> Validating cluster template settings...
>>> Cluster template settings are valid
>>> Starting cluster...
>>> Launching a 1-node cluster...
>>> Creating security group _at_sc-test...
Reservation:r-49fae029
>>> Starting cluster took 0.029 mins
Received on Mon Mar 12 2012 - 22:01:18 EDT
This archive was generated by hypermail 2.3.0.

Search:

Sort all by:

Date

Month

Thread

Author

Subject