Riak cluster protected by firewall

Alex De la rosa alex.rosa.box at gmail.com
Sun Sep 18 02:42:25 EDT 2016


So mainly the ports are:

epmd listener: TCP:4369
handoff_port listener: TCP:8099
http: TCP:8098
protocol buffers: TCP: 8087
solr: TCP:8093
solr imx: TCP:8985
erlang range: TCP:6000~7999 (if configured in riak's configuration)

Is that alright? am I missing any? or is there any of them that is not
needed to add in the firewall?

Thanks,
Alex

On Sun, Sep 18, 2016 at 5:57 AM, John Daily <jdaily at basho.com> wrote:

> You should find most of what you need here: http://docs.basho.com/
> riak/kv/2.1.4/using/security/
>
> Sent from my iPhone
>
> On Sep 17, 2016, at 1:26 PM, Alex De la rosa <alex.rosa.box at gmail.com>
> wrote:
>
> Hi all,
>
> I have a cluster of 5 nodes connected to each other and now I want to use
> UFW to deny any  external incoming traffic into them but i will allow each
> node to access between themselves. Which ports should i open
> (pb_port,http_port,solr,...)? I connect via pbc but i may need more ports
> open i guess.
>
> A configurations like this (assuming is node_1):
>
> ufw default deny incoming
> ufw default allow outgoing
> ufw allow 22 --> SSH (private keys)
> ufw allow from <load_balancer> to any port 443 --> HTTPS (API that talks
> with Riak locally via Python client)
>
> ufw allow from <node_2> to any port <port_numbers>
> ufw allow from <node_3> to any port <port_numbers>
> ufw allow from <node_4> to any port <port_numbers>
> ufw allow from <node_5> to any port <port_numbers>
>
> Thanks!
> Alex
>
> _______________________________________________
> riak-users mailing list
> riak-users at lists.basho.com
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.basho.com/pipermail/riak-users_lists.basho.com/attachments/20160918/93f7ae13/attachment-0002.html>


More information about the riak-users mailing list