Replies: 2 comments
-
Hi @yogeshkk - I think most users of Nebula - including Slack - use automated tooling such as Ansible, Chef, or Puppet in order to update Nebula configurations (e.g. rotating certificates and updating firewall rules) on their hosts. Alternatively, those of us over at Defined Networking have been building a managed version of Nebula that allows you to manage and deploy firewall rules from a centralized UI. I hope that helps. If you have more specific questions, I can try to advise. |
Beta Was this translation helpful? Give feedback.
-
Hi @johnmaguire, Thanks for reply and sharing link. It is good to know that other are able to manage neubula with just ansible and chef. I did notice that we can specify group in cert and open firewall to group instant of host. That will come handy in automation it might reduce complicity Also manage one is super useful but we have an own cloud which have no or limited connection with internet. I don't think we install manage UI to that cloud. I think that all for now. We will start deploying POC and see how it goes. Thanks, |
Beta Was this translation helpful? Give feedback.
-
Hello Team,
We are trying to determining if nebula is right fit for our use case. It fit perfectly of most use case I just need to know about how you guys mange SG group. As SG group are enforced by destination as oppose to traditional SG group. Which make sense in flat architecture, but what happen when we have 100's of node each node? we will have 20-30 type of node and we need to open different port from one type to another.
Example. I have 100's of node and I need to open 3306 from 5 application node to 3 database node etc. There are lot of permutation and combination possible as number of node in cluster increase and keeping up automation will be challenging.
One way is puting small nebula cluster per project etc, but before we look into that, I wanted to know if anyone is managing big cluster? How you are managing/automating SG groups?
Also let me know if I am making wrong assumption etc.
Beta Was this translation helpful? Give feedback.
All reactions