Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home Help
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Thoughts about the scale out?

bookstackbookstack Member
edited July 2014 in Help

I have some services, such as elasticsearch and redis to run and they clearly won't fit into a single VM. As most providers won't support the virtual network, the service endpoints have to be exposed to the internet to serve others.

The high availability is not a concern here, I just want to harden the service endpoint to disallow malicious usage.

I could think of the following approaches:

  • password if the service supports it
  • iptable for IP whitelist
  • vpn? Should vpn be a point-to-point network?
  • tinc to create a mesh network?

I wonder has anybody has in this situation, and what is your preferred solution?

Comments

  • NickMNickM Member

    I'm a fan of tinc for this kind of thing. The only other advice I would have is to make sure that you have the services only listen on the tinc interface.

  • FrankZFrankZ Barred

    +1 for tinc

Sign In or Register to comment.