Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/binocarlos/vpc

Virtual Private Cluster - iptables for secure multi-server deployments
https://github.com/binocarlos/vpc

Last synced: 10 days ago
JSON representation

Virtual Private Cluster - iptables for secure multi-server deployments

Host: GitHub
URL: https://github.com/binocarlos/vpc
Owner: binocarlos
License: mit
Created: 2014-04-04T22:31:39.000Z (over 10 years ago)
Default Branch: master
Last Pushed: 2014-07-31T10:42:30.000Z (over 10 years ago)
Last Synced: 2024-04-14T14:36:49.129Z (7 months ago)
Language: Shell
Homepage:
Size: 227 KB
Stars: 9
Watchers: 4
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

vpc
===

Virtual Private Cluster - configure an iptables whitelist for a private network of docker hosts.

Basically a poor mans [Virtual Private Cloud](http://en.wikipedia.org/wiki/Virtual_private_cloud)

![vpc network](docs/network.png)

## Why?

Beacuse I wanted my own little network of machines inside Digital Ocean all communicating over the private network.

I didn't want other droplets to be able to connect to the services on my droplets.

I did want to still talk to docker containers from my other droplets.

vpc is an api to do this - it is based on [iptables-boilerplate](https://github.com/bmaeser/iptables-boilerplate) with an api to manage hosts and ports and with modifications to play nice with docker.

## installation

```
$ wget -qO- https://raw.github.com/binocarlos/vpc/master/bootstrap.sh | sudo bash
```

NOTE - until I have time to debug - this needs running twice

## usage

vpc allows easy whitelisting of ip addresses and ports.

```bash
$ vpc add-host 192.168.8.120
$ vpc add-host 192.168.8.121
$ vpc add-host 192.168.8.122
$ vpc add-port 1978
$ vpc apply
```

you can see the entries:

```bash
$ vpc ls
```

and you can see how it affects iptables:

```bash
$ vpc status
```

The default is for everything is be disallowed apart from ports:

* 22
* 80
* 443

### vpc add-host

Add a new host to the whitelist:

```bash
$ sudo vpc add-host 10.12.13.14
```

### vpc remove-host

Remove a host from the whitelist:

```bash
$ sudo vpc remove-host 10.12.13.14
```

### vpc hosts

List the hosts in the whitelist:

```bash
$ sudo vpc hosts
```

### vpc add-port

Add a port to the whitelist:

```bash
$ sudo vpc add-port 443
```

### vpc remove-port

Remove a port from the whitelist:

```bash
$ sudo vpc remove-port 443
```

### vpc ports

List the ports in the whitelist:

```bash
$ sudo vpc ports
```

### vpc ls

List the items in the whitelist:

```bash
$ sudo vpc ls
```

### vpc status

Show the current status of the firewall:

```bash
$ sudo vpc status
```

### vpc apply

Apply the firewall:

```bash
$ sudo vpc apply
```

### vpc cancel

Cancel the firewall:

```bash
$ sudo vpc cancel
```

### vpc reset

Reset the firewall (warning - deletes data):

```bash
$ sudo vpc reset
```

### vpc start

start the firewall

```bash
$ sudo vpc start
```

### vpc stop

stop the firewall

```bash
$ sudo vpc stop
```

## license

MIT