Closed Bug 1121697 Opened 9 years ago Closed 9 years ago

Access for crashanalysis.dmz.phx1.mozilla.com to socorro-reporting2.db.phx1.mozilla.com

Categories

(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps: DC ACL Request
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mpressman, Assigned: jbarnell)

References

Details

Can we please have access from crashanalysis.dmz.phx1.mozilla.com to socorro-reporting2.db.phx1.mozilla.com on ports 5432, 6432 and 6433. Effectively we need:

10.8.74.42 -> 10.8.70.198:5432
10.8.74.42 -> 10.8.70.198:6432
10.8.74.42 -> 10.8.70.198:6433
Blocks: 1121490
Given this blocks bug 1121490, upping to critical as well as it's release week and I'm missing all custom reports I'm running and which I need to assess releases.
Severity: normal → critical
Severity: critical → normal
Assignee: network-operations → jbarnell
This has been added 

jbarnell@fw1.phx1.mozilla.net# show | compare 
[edit security policies from-zone dmz to-zone db]
      policy jenkins--mysql { ... }
+     /* https://bugzilla.mozilla.org/show_bug.cgi?id=1121697 */
+     policy crash-analysis {
+         match {
+             source-address crashanalysis;
+             destination-address socorro-reporting2.db.phx1.mozilla.com;
+             application [ postgres postgres-alt postgres-processors ];
+         }
+         then {
+             permit;
+         }
+     }
[edit security zones security-zone db address-book]
       address jenkins-mysql-ro-vip { ... }
+      address socorro-reporting2.db.phx1.mozilla.com 10.8.70.198/32;

Please test and confirm tonight.
OK, this works, thanks!
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.