circle-check
Version Data Mover 2.1.12 iS RELEASED
See the Release Notesarrow-up-right
search
Ctrlk
HomepageBlog

Advanced Network Configuration

hashtag
Network Interface and IP Configuration Management

Network interfaces and IP configurations are managed directly within the operating systems. Our deployment leverages this configuration, allowing for enhanced security hardening through firewall settings and network interface segregation. The deployment also supports configuring services to bind to specific network interfaces. An internal firewall provides additional protection by filtering and managing network traffic across different security layers.

triangle-exclamation

Ensure the hostname does not exceed 15 characters when using AD authentication. Proper DNS configuration is crucial; without it, DNS-IP resolution issues may arise, affecting system functionality.

hashtag
Network Interface

The network interface settings are specified in the inventory files of the Nodeum Ansible installation package.

You can locate the inventory files at /inventory/hosts_vars/srv1. There is a section for defining the service binding.

hashtag
Standard Configuration

By default, the iface_name parameter uses the primary network interface, and each service binds to this default interface. default interface.

# If there is no default network interface defined or you want to override it
# iface_name: eth0

hashtag
Mapping Services to Specific Network Interfaces

Each service can be explicitly mapped to a specific network interface by configuring the iface_name parameter. By default, services bind to the primary network interface. However, to override this behavior and assign a service to a particular interface, specify the desired interface name in the iface_name setting of that service’s configuration.

After updating the inventory files to reflect your desired mappings, rerun the Nodeum Ansible Installation playbook to apply the changes.

# Specific name of interface for each service. Default to iface_name 
(or default network interface) if undefined
# smb_iface_name: eth0
# nfs_iface_name: eth0
# rails_iface_name: eth0
# zookeeper_iface_name: eth0
# solr_iface_name: eth0
# catalog_indexer_iface_name: eth0

Description of each parameter:

Parameter
Service Name

smb_iface_name

SAMBA

nfs_iface_name

NFS

rails_iface_name

RAILS

solr_iface_name

SOLR

catalog_iface_name

CATALOG INDEXER

hashtag
Firewall Configuration

A comprehensive security guide is available on demand to help configure and manage the various components of firewall security settings. Whether it's an external or internal firewall, it can be set up to filter and protect the network traffic between different security layers.

circle-info

Nodeum Ansible installation package does not alter your firewall configuration

PreviousSLURM IntegrationNextAdd a SSL Certificate

Last updated

Was this helpful?