You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This as an alternate option to VIBs makes a lot of sense.
Couple of questions/concerns:
If this is pointed at a cluster, will it open up all outbound TCP on all hosts in that cluster?
In either case, can we prompt the user to accept (y/n) before we make the change?
As I understand it, if we open all outbound TCP then it isn't great, but in environments where customers want to quickly test vSphere Integrated Containers, this will work pretty well and remove the initial barrier to getting up and running. Once we have the VIB option, this could be a good stop-gap solution in lab environments.
User Statement:
As a customer of VIC, I want the ESX firewall to be properly configured during the install process with minimal effort.
Details:
Parent/epic: #3643
Use firewall ruleset
vSPC
for each host (ComputeResource.Hosts()
)https://github.com/vmware/govmomi/blob/master/object/host_firewall_system.go
Acceptance Criteria:
vic-machine create
that enables the firewall rulesetThe text was updated successfully, but these errors were encountered: