A Passionate Techie

ingress = “22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8080:0.0.0.0/0:tcp” egress = “22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8081:127.0.0.0/0:udp” resource “openstack_compute_secgroup_v2” “secgroup_1” { name = “secgroup” description = “my security group” count = “${length(split(“,”,var.ingress))}” rule { from_port = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 0)}” to_port = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 0)}” ip_protocol = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 2)}” cidr = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 1)}” } } Note : This will create multiple security groups if you want single security group and multiple rules use following code: resource “openstack_networking_secgroup_v2” “secgroup” { name = “secgroup” description = “My neutron security group” } resource “openstack_networking_secgroup_rule_v2” “secgroup_rule_ingress” { count = “${length(spl...

In general when opening ICMP rule for security groups we generally use the following configuration: Port: -1 Protocol: icmp CIDR: 0.0.0.0/0 But with the openstack terraform when using a negative value for port throws the following error: module.compute.instance.openstack_compute_floatingip_associate_v2.floating_ip_assoc: Creation complete (ID: 10.43.14.187/0e48f51d-6dc0-479d-9481-358e5f739dac/) Error applying plan: 1 error(s) occurred: module.network.module.sg.openstack_networking_secgroup_rule_v2.secgroup_rule_test: 1 error(s) occurred: openstack_networking_secgroup_rule_v2.secgroup_rule_test: Invalid request due to incorrect syntax or missing required parameters. The correct way to open ICMP rule is as follows: resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_test" { direction = "ingress" ethertype = "IPv4" protocol = "icmp" port_range_min = "0" port_range_max = "0" r...

You can use  AllowUsers  /  AllowGroups  if you have only a few users/groups that are allowed to login via ssh or  DenyUsers  /  DenyGroups  if you have only a few users/groups that are  not  allowed to login. Note that this only restricts login via ssh, other ways of login (console, ftp, …) are still possible. You need to add these options to your  /etc/ssh/sshd_config  file for most ssh installations. If you have set the login shell to  /bin/false  you can use  su -s /bin/bash user  (replace  /bin/bash with the shell of your choice)

You can use  AllowUsers  /  AllowGroups  if you have only a few users/groups that are allowed to login via ssh or  DenyUsers  /  DenyGroups  if you have only a few users/groups that are  not  allowed to login. Note that this only restricts login via ssh, other ways of login (console, ftp, ...) are still possible. You need to add these options to your  /etc/ssh/sshd_config  file for most ssh installations. If you have set the login shell to  /bin/false  you can use  su -s /bin/bash user  (replace  /bin/bash with the shell of your choice)

In general when opening ICMP rule for security groups we generally use the following configuration: Port: -1 Protocol: icmp CIDR: 0.0.0.0/0 But with the openstack terraform when using a negative value for port throws the following error: module.compute.instance.openstack_compute_floatingip_associate_v2.floating_ip_assoc: Creation complete (ID: 10.43.14.187/0e48f51d-6dc0-479d-9481-358e5f739dac/) Error applying plan: 1 error(s) occurred: module.network.module.sg.openstack_networking_secgroup_rule_v2.secgroup_rule_test: 1 error(s) occurred: openstack_networking_secgroup_rule_v2.secgroup_rule_test: Invalid request due to incorrect syntax or missing required parameters. The correct way to open ICMP rule is as follows: resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_test" { direction = "ingress" ethertype = "IPv4" protocol = "icmp" port_range_min = "0" port_range_max = "0" remote_ip_prefix =...

ingress = "22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8080:0.0.0.0/0:tcp" egress = "22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8081:127.0.0.0/0:udp" resource "openstack_compute_secgroup_v2" "secgroup_1" { name = "secgroup" description = "my security group" count = "${length(split(",",var.ingress))}" rule { from_port = "${element(split(":",element(split(",",var.ingress),count.index)), 0)}" to_port = "${element(split(":",element(split(",",var.ingress),count.index)), 0)}" ip_protocol = "${element(split(":",element(split(",",var.ingress),count.index)), 2)}" cidr = "${element(split(":",element(split(",",var.ingress),count.index)), 1)}" } } Note : This will create multiple security groups if you want single security group and multiple rules use following code: resource "openstack_networ...

Take a look at the image below. It’s a collection of bugs and creepy-crawlies of different shapes and sizes. Take a moment to categorize them by similarity into a number of groups. This isn’t a trick question. Start with grouping the spiders together.   Images via Google Image Search, labelled for reuse Done? While there’s not necessarily a “correct” answer here, it’s most likely you split the bugs into four  clusters . The spiders in one cluster, the pair of snails in another, the butterflies and moth into one, and the trio of wasps and bees into one more. That wasn’t too bad, was it? You could probably do the same with twice as many bugs, right? If you had a bit of time to spare — or a passion for entomology — you could probably even do the same with a hundred bugs. For a machine though, grouping ten objects into however many meaningful clusters is no small task, thanks to a mind-bending branch of maths called  combinatorics , which tells us th...

Take a look at the image below. It’s a collection of bugs and creepy-crawlies of different shapes and sizes. Take a moment to categorize them by similarity into a number of groups. This isn’t a trick question. Start with grouping the spiders together. Images via Google Image Search, labelled for reuse Done? While there’s not necessarily a “correct” answer here, it’s most likely you split the bugs into four clusters . The spiders in one cluster, the pair of snails in another, the butterflies and moth into one, and the trio of wasps and bees into one more. That wasn’t too bad, was it? You could probably do the same with twice as many bugs, right? If you had a bit of time to spare — or a passion for entomology — you could probably even do the same with a hundred bugs. For a machine though, grouping ten objects into however many meaningful clusters is no small task, thanks to a mind-bending branch of maths called combinatorics , which tells us that are 115,975 different possible ways you c...