Securing MooseFS public installation #88
Labels
community
not a bug, but a question for the community
documentation
Issue related to documentation
need feedback
question
Question
I couldn't find in the documentation all details about securing MooseFS installation which would be installed on the public IP addresses, to be accessible from anywhere.
So, to be able to mount the mfs share, port 9421 on master and port 9422 on chunkservers need to be open to everybody, right? Then we secure master - cs communication by setting AUTH_CODE in master and chunkservers. Then we secure mounts by requiring password for all of them in mfsexports.cfg. Ports 9419/9420/9425 can be firewalled, as they're not used for user access.
Can the above described MooseFS cluster setup be declared secure enough to be open in public? Meaning, no unauthorized access will be possible? At this point I'm not concerned with unencrypted traffic, just that data can't be accessed, unless you have provided proper password.
This is also a great opportunity to thank you for probably the best distributed file system out there, and wish you all the best in 2018!
The text was updated successfully, but these errors were encountered: