I need to firewall our Opennebula cluster / management interfaces.
I am reviewing the Documentation but I miss a comprehensive list of required firewall rules, or a list of communications to allow between nodes and one.
I can only find here/there some mentions to ports that must be allowed:
...make sure TCP port 9869 is allowed... ...must allow UDP packages incoming from the hosts on port 4124...
Other rules are obvious/implied such as:
- allowing SSH access between all nodes in the cluster.
- allowing HTTPS to sunstone
- allowing VNC ports to sunstone proxy and then to the nodes…
Also I am not clear if any other functionalities will require rules to work.
- marketplace: are images downloaded from the nodes or from one?
Where can I find documentation securing my opennebula cluster / related IP traffic?
Which communications will we need to allow?