d43d3fce86
Merge source and RHEL elements, allowing both source and package based installations. Allow amphora agent install from distribution packages (not limited to RHEL) Add a new option to diskimage-create.sh script to do so (default is kept to source installation from Octavia git tree) For now, amphorae built with distribution packages will have SELinux (when available) running in permissive mode. Made the rebind-sshd element generic to streamline the script Use POSIX syntax for logrotate kill command Change-Id: I391b2a95d54c7b9fd8f31d3e2c136ff9cc3451f1 |
||
|---|---|---|
| .. | ||
| finalise.d | ||
| README.rst | ||
This element adds a post-BOUND script to the dhclient configuration to rebind the ssh daemon to listen only on the management network interface. The reason for doing this is that some use cases require load balancing services on TCP port 22 to work, and if SSH binds to the wildcard address on port 22, then haproxy can't.
This also has the secondary benefit of making the amphora slightly more secure as its SSH daemon will only respond to requests on the management network.