[StarCluster] Adding security group permissions
C. Titus Brown
ctb at msu.edu
Mon Mar 12 22:01:11 EDT 2012
Hi all,
thanks for Starcluster! Truly awesome.
I'm running into a slight security group problem with 0.93.1 that I don't understand.
I was using starcluster start to start an EBS AMI, and everything seemed to be working fine -- it would start up & I would be able to ssh into it with 'sshmaster'.
Then I wanted to add https to the security group permissions on startup, so I modified my '[cluster smallcluster]' config settings to include
PERMISSIONS = ssh, https
and then added
---
[permission ssh]
protocol=tcp
from_port=22
to_port=22
[permission https]
protocol=tcp
from_port=443
to_port=443
---
at the bottom of the config file.
This worked partially: https was now allowed. But ssh wasn't any more!
I can disable https and enable ssh on start by commenting out PERMISSIONS; or disable ssh and enable https by uncommenting PERMISSIONS.
Any thoughts? I have verified that the security settings on Amazon match the behavior (that is, no SSH port added when PERMISSIONS is uncommented, etc.)
thanks,
--titus
The output, with PERMISSIONS uncommented:
>>> Using default cluster template: smallcluster
>>> Validating cluster template settings...
>>> Cluster template settings are valid
>>> Starting cluster...
>>> Launching a 1-node cluster...
>>> Creating security group @sc-test2...
>>> Opening tcp port range 443-443 for CIDR 0.0.0.0/0
Reservation:r-e5fbe185
>>> Starting cluster took 0.033 mins
The output, with PERMISSIONS commented out:
>>> Using default cluster template: smallcluster
>>> Validating cluster template settings...
>>> Cluster template settings are valid
>>> Starting cluster...
>>> Launching a 1-node cluster...
>>> Creating security group @sc-test...
Reservation:r-49fae029
>>> Starting cluster took 0.029 mins
More information about the StarCluster
mailing list