Specify an existing security group as model config?

Marco Ceppi marco.ceppi at canonical.com
Mon Jan 29 09:26:03 UTC 2018


This would be a good start, but this will likely end up being an
application level constraint.

Marco

On Wed, Jan 17, 2018, 13:56 Nicholas Skaggs <nicholas.skaggs at canonical.com>
wrote:

> Marco, we have done a POC of this in the past as a model constraint. So,
>
> juju bootstrap aws aws --constraints security-groups=sg1,sg2
> juju set-model-constraints security-groups=sg1,sg2,...
>
> How does that feel?
>
> Nicholas
>
> On Sat, Jan 13, 2018 at 1:08 AM, Kapil Thangavelu <kapilt at gmail.com>
> wrote:
>
>> two cents, typical real world requirements vary, in the enterprise you
>> might have various tiering by architectural layer (front end waf elb
>> ingress, waf servers, set of dmz components/web servers, set of app
>> servers, set of dbs) all structured out with connectivity models. typically
>> these map to a m:n on security group basis to service model, based on the
>> model's responsibilities and consumers.
>>
>> On Fri, Jan 12, 2018 at 8:09 AM, Mark Shuttleworth <mark at ubuntu.com>
>> wrote:
>>
>>> On 12/22/2017 03:03 AM, Marco Ceppi wrote:
>>> > When it comes to scaling operations this can be tedious. I know there
>>> > are configurations for VPC-ID - is there also a similar security-group
>>> > setting where either the default model SG will be set based on user
>>> > input instead of created or a setting where an additional "model"
>>> > security group can be set so instances have it in addition to the
>>> > model/instance security group?
>>>
>>> I think it makes sense that the model creation process might accept such
>>> a parameter, yes.
>>>
>>> Does a security group per model make sense, or should it be per
>>> application in the model (though that sounds like it might be wasteful).
>>>
>>> Mark
>>>
>>> --
>>> Juju mailing list
>>> Juju at lists.ubuntu.com
>>> Modify settings or unsubscribe at:
>>> https://lists.ubuntu.com/mailman/listinfo/juju
>>>
>>
>>
>> --
>> Juju mailing list
>> Juju at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/juju
>>
>>
> --
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20180129/489ec948/attachment.html>


More information about the Juju mailing list