Re: Adding security group permissions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Titus,
By default StarCluster will configure the proper permissions for ssh
so the ssh permission you've defined is not needed. Simply removing
the SSH permission from the list should work for you. Let me know how
it goes.
~Justin
On 03/12/2012 10:01 PM, C. Titus Brown wrote:
> Hi all,
>
> thanks for Starcluster! Truly awesome.
>
> I'm running into a slight security group problem with 0.93.1 that I
> don't understand.
>
> I was using starcluster start to start an EBS AMI, and everything
> seemed to be working fine -- it would start up & I would be able to
> ssh into it with 'sshmaster'.
>
> Then I wanted to add https to the security group permissions on
> startup, so I modified my '[cluster smallcluster]' config settings
> to include
>
> PERMISSIONS = ssh, https
>
> and then added
>
> --- [permission ssh] protocol=tcp from_port=22 to_port=22
>
> [permission https] protocol=tcp from_port=443 to_port=443 ---
>
> at the bottom of the config file.
>
> This worked partially: https was now allowed. But ssh wasn't any
> more!
>
> I can disable https and enable ssh on start by commenting out
> PERMISSIONS; or disable ssh and enable https by uncommenting
> PERMISSIONS.
>
> Any thoughts? I have verified that the security settings on Amazon
> match the behavior (that is, no SSH port added when PERMISSIONS is
> uncommented, etc.)
>
> thanks, --titus
>
> The output, with PERMISSIONS uncommented:
>
>>>> Using default cluster template: smallcluster Validating
>>>> cluster template settings... Cluster template settings are
>>>> valid Starting cluster... Launching a 1-node cluster...
>>>> Creating security group _at_sc-test2... Opening tcp port range
>>>> 443-443 for CIDR 0.0.0.0/0
> Reservation:r-e5fbe185
>>>> Starting cluster took 0.033 mins
>
> The output, with PERMISSIONS commented out:
>
>>>> Using default cluster template: smallcluster Validating
>>>> cluster template settings... Cluster template settings are
>>>> valid Starting cluster... Launching a 1-node cluster...
>>>> Creating security group _at_sc-test...
> Reservation:r-49fae029
>>>> Starting cluster took 0.029 mins
>
>
>
> _______________________________________________ StarCluster mailing
> list StarCluster_at_mit.edu
> http://mailman.mit.edu/mailman/listinfo/starcluster
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iEUEARECAAYFAk9fpHkACgkQ4llAkMfDcrnJrwCWIgtXRGM/lKAcAkMHBbVR5wUG
uACbBaLZf4zJWrERB8XunXhCKO8qFOg=
=S+cK
-----END PGP SIGNATURE-----
Received on Tue Mar 13 2012 - 15:48:11 EDT
This archive was generated by
hypermail 2.3.0.