octavia/elements/rebind-sshd
Michael Johnson f935a51fe4 Switch to ubuntu-minimal for default amphora image
Previously we were using the "ubuntu" diskimage-builder base element as the
default base OS to build the amphora image.
The "ubuntu" element is based on the ubuntu cloud image. This image includes
packages we do not need for the amphora image. At this point it's not clear
that Ubuntu will ship an 18.04 LTS cloud image in the format the "ubuntu"
element requires.
This patch switches the default Ubuntu amphora image to build with the
"ubuntu-minimal" diskimage-builder element.

This patch also moves the amphora agent into a virtual environment inside
the amphora.

It also sets up support for Ubuntu 18.04 (bionic beaver) and HAProxy 1.8.

Change-Id: I84a85ca1363bce2e0f13da64540ec7ba3575e818
2018-04-16 18:07:31 -07:00
..
finalise.d Switch to ubuntu-minimal for default amphora image 2018-04-16 18:07:31 -07:00
README.rst Make SSH bind to management net only 2016-03-04 13:58:33 -08:00

This element adds a post-BOUND script to the dhclient configuration to rebind the ssh daemon to listen only on the management network interface. The reason for doing this is that some use cases require load balancing services on TCP port 22 to work, and if SSH binds to the wildcard address on port 22, then haproxy can't.

This also has the secondary benefit of making the amphora slightly more secure as its SSH daemon will only respond to requests on the management network.