[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OpenShift node hardening - are these IP table rules ok?

Thanks Jay

Excuse my ignorance. How do I run the tests?

On 5 April 2017 at 13:01, Jay Vyas <jvyas redhat com> wrote:
Without loss of generality it's easy to find out wether or not you've broken networking in openshift, since ships with a lot of tests for networking, and DNS (extended.test). 
KUBECONFIG=/etc/origin/master/admin.kubeconfig /usr/libexec/atomic-openshift/extended.test --ginkgo.v=True --ginkgo.focus="DNS"
(use "Networking" tags as well and make sure those pass).
- Run the tests above with  the argument --ginkgo.focus=DNS , 
- apply the rules, 
- re run them again and you will quickly detect a regression if you've broken anything .

On Apr 5, 2017, at 4:43 AM, Anton <kurrent93 gmail com> wrote:


I would like to harden my OpenShift node. 

I'm not at all versed in iptable rules, and would like hear if these rules - https://javapipe.com/iptables-ddos-protection - are ok to apply, or not.

Thanks for your help.

users mailing list
users lists openshift redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]