Specify an existing security group as model config?
Kapil Thangavelu
kapilt at gmail.com
Fri Jan 12 23:08:09 UTC 2018
two cents, typical real world requirements vary, in the enterprise you
might have various tiering by architectural layer (front end waf elb
ingress, waf servers, set of dmz components/web servers, set of app
servers, set of dbs) all structured out with connectivity models. typically
these map to a m:n on security group basis to service model, based on the
model's responsibilities and consumers.
On Fri, Jan 12, 2018 at 8:09 AM, Mark Shuttleworth <mark at ubuntu.com> wrote:
> On 12/22/2017 03:03 AM, Marco Ceppi wrote:
> > When it comes to scaling operations this can be tedious. I know there
> > are configurations for VPC-ID - is there also a similar security-group
> > setting where either the default model SG will be set based on user
> > input instead of created or a setting where an additional "model"
> > security group can be set so instances have it in addition to the
> > model/instance security group?
>
> I think it makes sense that the model creation process might accept such
> a parameter, yes.
>
> Does a security group per model make sense, or should it be per
> application in the model (though that sounds like it might be wasteful).
>
> Mark
>
> --
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/juju
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20180112/1daeb239/attachment.html>
More information about the Juju
mailing list