Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Example for firewalled host #76

Open
fdcds opened this issue Sep 15, 2021 · 4 comments
Open

Example for firewalled host #76

fdcds opened this issue Sep 15, 2021 · 4 comments
Labels
triaged Scoped and ready for work upstream Work required on Terraform core or provider

Comments

@fdcds
Copy link

fdcds commented Sep 15, 2021
edited
Loading

When -open-iptables=true (the default), Konlet will allow all TCP, UDP and ICMP traffic to enter the host and also forward it: https://github.com/GoogleCloudPlatform/konlet/blob/v.0.11.0/gce-containers-startup/utils/iptables.go

Please add an example of how to disable this.

I suspect that a parameter would have to be added to /usr/share/gce-containers/konlet-startup, but I do not see how that can be done with this Terraform module or by setting VM metadata, or where that file comes from (so I could ask there how to do it).

Update 2021-09-23: Since this might need support from Konlet, I also created GoogleCloudPlatform/konlet#68.
@fdcds fdcds mentioned this issue Sep 23, 2021
Open
@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Nov 22, 2021
@fdcds
Copy link
Author

fdcds commented Nov 23, 2021

This is still relevant to me.

@github-actions github-actions bot removed the Stale label Nov 23, 2021
@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Jan 23, 2022
@fdcds
Copy link
Author

fdcds commented Jan 24, 2022

This is still relevant to me.

@bharathkkb bharathkkb added triaged Scoped and ready for work upstream Work required on Terraform core or provider and removed Stale labels Jan 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triaged Scoped and ready for work upstream Work required on Terraform core or provider
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bharathkkb @fdcds