Network interfaces and IP configurations are managed directly within the operating systems. Our deployment leverages this configuration, allowing for enhanced security hardening through firewall settings and network interface segregation. The deployment also supports configuring services to bind to specific network interfaces. An internal firewall provides additional protection by filtering and managing network traffic across different security layers.
Ensure the hostname does not exceed 15 characters when using AD authentication. Proper DNS configuration is crucial; without it, DNS-IP resolution issues may arise, affecting system functionality.
Network Interface
The network interface settings are specified in the inventory files of the Nodeum Ansible installation package.
You can locate the inventory files at /inventory/hosts_vars/srv1. There is a section for defining the service binding.
Standard Configuration
By default, the iface_name parameter uses the primary network interface, and each service binds to this default interface. default interface.
# If there is no default network interface defined or you want to override it# iface_name: eth0
Mapping Services to Specific Network Interfaces
Each service can be explicitly mapped to a specific network interface by configuring the iface_name parameter. By default, services bind to the primary network interface. However, to override this behavior and assign a service to a particular interface, specify the desired interface name in the iface_name setting of that service’s configuration.
After updating the inventory files to reflect your desired mappings, rerun the Nodeum Ansible Installation playbook to apply the changes.
# Specific name of interface for each service. Default to iface_name (or default network interface) if undefined# smb_iface_name: eth0# nfs_iface_name: eth0# rails_iface_name: eth0# zookeeper_iface_name: eth0# solr_iface_name: eth0# catalog_indexer_iface_name: eth0
Description of each parameter:
Parameter
Service Name
smb_iface_name
SAMBA
nfs_iface_name
NFS
rails_iface_name
RAILS
solr_iface_name
SOLR
catalog_iface_name
CATALOG INDEXER
Firewall Configuration
A comprehensive security guide is available on demand to help configure and manage the various components of firewall security settings. Whether it's an external or internal firewall, it can be set up to filter and protect the network traffic between different security layers.
Nodeum Ansible installation package does not alter your firewall configuration
