Todas as coleções
Network
How to create and join security groups in BCOS?
How to create and join security groups in BCOS?

Learn how to release specific network ports on instances through security groups.

Luiz Fernando Justino Silva avatar
Escrito por Luiz Fernando Justino Silva
Updated over a week ago

Security Groups

   A security group is a set of rules for IP filters, ICMP is a protocol that controls internet connections, we will add ICMP as a rule within the security group.

   In this post will be done some SSH tests in instances that consists of accessing the machine virtually, as if accessing from a terminal, we recommend using Xshell to perform these tests, access the link below to download the tool:

  In Project / Network / Security Groups click in Create Security Group, then type a name for the security group and click in Create Security Group:

Example:

  • Name: ALLOW ICMP.

   Once you have created the group, click in Manage Rules on the actions button, select the two existing rules and click in Delete Rules, confirm the deletion by clicking Delete Rules again:

  Now you need to create a new rule for the group by clicking in Add Rule, in Rule select the rule that allows ICMP, click in Add:

Example:

  • Rule: All ICMP.

  After the rule is created, in Project / Compute / Instances, on the action button to the right of the instance name select Edit Security Groups, then add the security group you created earlier and click in Save:

​  Note: If you do not have one, virtual machine created or do not know the processes of creating an instance, see the post How to create instances in BCOS?.

   Now try to ping the instance from the local machine by entering the floating IP of the instance:

    Note: If your machine does not already have a floating IP, visit the post How to associate floating IPs in BCOS?.

  • Ping the VM from local machine by floating IP: 45.225.25.x.

   Note that ping from an external network is now enabled.

   Try to have SSH access to the instance:

Example:

  • Command for SSH access on Xshell: ssh 45.225.25.x.

  You will not be able to access because you must apply the rule that allows SSH.

   To apply the rule, in Project / Network / Security Group click in Create Security Group, type the name of the new group to create, and click in Create Security Group again:

Example:

  • Name: ALLOW SSH.

  Click in Manage Rules on the actions button to the right of the name of the newly created group, then select and delete the two existing rules by clicking in Delete Rules, then confirm the deletion:

    Now click in Add Rule, in Rule select SSH, if you want to restrict the rule to only some networks modify the IP in CIDR, then click in Add:

  • Rule: SSH.

   Added the rule, go to Project / Compute / Instances, on the actions button to the right of the instance, select Edit Security Groups, add the previously created SSH group and click in Save:

 Retry SSH access, enter user name and password by clicking in OK:

  • Command for SSH access on Xshell: ssh 45.225.25.x.

  •  User login: cirros.

  • Password: “cubswin:)” without the quotes.

  Note that the SSH connection has been established.

  In the next post How to apply volumes to instances in BCOS?, we will learn how to create volumes and attach them to instances.

Respondeu à sua pergunta?