Page MenuHomePhabricator

Phacility Cluster Bastion
Updated 1,312 Days AgoPublic

This document describes bastion hosts, which serve as gatekeepers for operational access to the Phacility Cluster.

Here and elsewhere, "operational access" refers to deploying, administrating, and managing hosts, services, and data in the cluster.

Overview

The Phacility cluster runs in a VPC. Most devices in the cluster do not have external interfaces, and operational access to the VPC (for example, deploying and upgrading hosts) occurs through a bastion host. The bastion serves as an SSH proxy that authorizes users to act within the cluster. This is a common way to configure access to a private network, see Bastion Host on Wikipedia.

Using a bastion helps protect the cluster from external threats: inbound operational traffic is limited to a single tightly-controlled gateway.

Using a bastion also helps protect the cluster from internal threats, like a compromised employee account or rogue staff member. The bastion identifies and authorizes the connecting user, but also authorizes the commands they are executing. Operations staff can be given limited access to the cluster or selective access to specific instances.

Using the Bastion

Some light operational work can be performed from the instance administration UI on admin.phacility.com.

Most operational work occurs via the bastion proper, via the CLI Tools.

Last Author
epriestley
Last Edited
Feb 17 2015, 3:08 PM

Event Timeline

epriestley created this document.Feb 1 2015, 6:17 PM
epriestley edited the content of this document. (Show Details)
epriestley edited the content of this document. (Show Details)Feb 1 2015, 6:22 PM
epriestley edited the content of this document. (Show Details)Feb 1 2015, 6:42 PM
epriestley edited the content of this document. (Show Details)Feb 17 2015, 3:08 PM