To access the
administrator services, Cisco VIM 2.0 provides source IP based filtering of
network requests on the management node. These services include SSH and Kibana
dashboard access. When the services are configured all admin network requests
made to the management node are dropped, except those from white listed
addresses in the configuration.
administrator source network supports the following options:
source network list: Network addresses can be added or deleted from the
configuration; the list is replaced in whole during a reconfigure operation.
administrator source network list: If the
admin_source_networks option is removed, then the source
address will not filter the incoming admin service requests.
The following section
needs to be configured in the Setup_data.yaml file:
admin_source_networks: # optional, host based firewall to white list admin's source IP
The operator should
to be careful while updating the source networks. If the list is
mis-configured, operators may lock themselves out of access to the management
node through SSH. If this happens, an operator must log into the management
node through the console port to repair the configuration.
To initiate the
integration, copy the
setupdata into a local directory by running the
[root@mgmt1 ~]# cd /root/
[root@mgmt1 ~]# mkdir MyDir
[root@mgmt1 ~]# cd MyDir
[root@mgmt1 ~]# cp /root/openstack-configs/setup_data.yaml <my_setup_data.yaml>
setupdata by running the following command:
[root@mgmt1 ~]# vi my_setup_data.yaml (update the setup_data to include SwiftStack info)
reconfiguration command as follows:
[root@mgmt1 ~]# cd ~/installer-xxxx
[root@mgmt1 ~]# ./ciscovimclient/ciscovim –-setupfile ~/MyDir/<my_setup_data.yaml> reconfigure