[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Strange security issue with Origin Install

Hey Shabna--
I'm adding the dev list because I know others have encountered security issues when deploying Origin on AWS. Has anyone else run into this?

On Feb 18, 2014, at 23:50, <s madathilthattantav accenture com> <s madathilthattantav accenture com> wrote:

> I have set up OpenShift Origin V3 Installation  in an aws ec2 Instance(Fedora 19) using oo-install.
> Configuration :
> Broker +Broker Support services in one instance
> Node in another instance
> The installation looks good and I am able to deploy applications and work with it.
> Issue:
> Strangely,I am getting security incident on the Broker  instance saying  that its been operating an open proxy and environment is compromised etc..
> And I  had to shut down this instance.
> More Information:
> I have created the security groups by referring this blog : http://cloud-mechanic.blogspot.in/2013/05/openshift-on-aws-ec2-part-3-getting-in.html
> Also some additional steps required for getting installation working was
> 1.       Modify iptables to enable udp port
> 2.       Since  EC2 images are configured to only allow root logins with a key ,Node Instance sshd config was modified to PermitRootLogin and PasswordAuthentication as yes.
> 3.       On Node Host ,had to modify  the IP address of Broker and Node to point to the public ip addresses of Broker and Node host.
> 4.       On Node host ,Modify the MCollective configuration to point to the ip address of the Broker instead of hostname.
> 5.       Restart the services that were not running
> All the other steps were more or less done by the oo-install .As I understand some Installation configuration needs to be reviewed or modified – Any pointers will be greatly appreciated.
> I am not able to use the Origin installation due to this security issue.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]