servicing ~10 teams in different organizations and multiple countries But probably they shouldn't all have access to everything... NATed containers are hard to distinguish
servicing ~10 teams in different organizations and multiple countries But probably they shouldn't all have access to everything... NATed containers are hard to distinguish s o m e - c o n t a i n e r $ s s - n t r E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 3 : 5 3 0 5 4 E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 2 : 5 3 1 9 5 E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 1 : 5 3 0 1 3 . . . 6 5 0 m o r e l i n e s . . . E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 7 : 4 1 9 8 4 E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 2 : 4 7 0 4 2 E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 p r o d - d o c k e r 0 9 : 4 6 2 4 8 Hm. Should all of these connections have been allowed?
o c u r l - L g i t . i o / w e a v e - o / u s r / l o c a l / b i n / w e a v e s u d o c h m o d + x / u s r / l o c a l / b i n / w e a v e w e a v e l a u n c h [ p r e v i o u s l y - a d d e d - h o s t s ]
the proxy w e a v e l a u n c h - r o u t e r - - i p a l l o c - r a n g e 1 0 . 3 2 . 0 . 0 / 2 0 \ - - i p a l l o c - d e f a u l t - s u b n e t 1 0 . 3 2 . 0 . 0 / 2 4 \ - - n o - d n s p e e r - 1 p e e r - 2 w e a v e l a u n c h - p r o x y - - r e w r i t e - i n s p e c t
the proxy Nomad { " c l i e n t " : { " o p t i o n s " : { " d o c k e r . e n d p o i n t " : " u n i x : / / / v a r / r u n / w e a v e / w e a v e . s o c k " } } }
the proxy Nomad j o b " m y - s e r v i c e " { d a t a c e n t e r s = [ " d c 1 " ] g r o u p " c o n t a i n e r " { t a s k " s e r v e r " { d r i v e r = " d o c k e r " c o n f i g { i m a g e = " m y - i m a g e s " } r e s o u r c e s { c p u = 5 0 0 m e m o r y = 2 5 6 } } } }
the proxy Nomad Registrator e x p o r t D O C K E R _ H O S T = u n i x : / / / v a r / r u n / w e a v e / w e a v e . s o c k r e g i s t r a t o r - i n t e r n a l " c o n s u l : / / l o c a l h o s t : 8 5 0 0 "
o m a d r u n m y - s e r v i c e . n o m a d . . . $ d o c k e r e x e c m y - c o n t a i n e r - i d i p a d d r s h o w | g r e p - o E " i n e t [ ^ ] + " i n e t 1 2 7 . 0 . 0 . 1 / 8 i n e t 1 7 2 . 1 7 . 0 . 2 / 1 6 i n e t 1 0 . 3 2 . 0 . 2 $ d i g + s h o r t m y - s e r v i c e . s e r v i c e . c o n s u l . @ l o c a l h o s t - p 8 6 0 0 1 0 . 3 2 . 0 . 2
s o m e - c o n t a i n e r $ s s - n t r | g r e p 1 0 . 3 2 . 0 . 2 E S T A B 0 0 s o m e - c o n t a i n e r : 8 0 8 0 1 0 . 3 2 . 0 . 2 : 3 4 3 9 9
Specific allocations t a s k " s e r v e r " { d r i v e r = " d o c k e r " c o n f i g { i m a g e = " m y - i m a g e s " } e n v { W E A V E _ C I D R = " n e t : 1 0 . 3 6 . 1 5 . 0 / 2 4 " } r e s o u r c e s { c p u = 5 0 0 m e m o r y = 2 5 6 } }
ysknsid25
sugamasao
tammyeverts
abemii
oracle4engineer
asei
sonatard
salaboy
sudoakiy
neuecc
smt7174
yoshidashingo
jonyablonski
ammeep
cassininazir
eileencodes
geeforr
morganepeng
rasmusluckow
marcduiker
62gerente
swwweet
malarkey
colly
