Bug 36906 - Info about security group and SSH / HTTPS connection
Info about security group and SSH / HTTPS connection
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - Virtual machines (UVMM)
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-0-errata
Assigned To: Erik Damrose
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-11-20 10:42 CET by Stefan Gohmann
Modified: 2015-01-29 11:49 CET (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2014-11-20 10:42:10 CET
A new EC2 account has by default only one default security group. In it HTTPS and SSH are not open. If one uses this security group the UCS setup will fail.

The user experience should be improved.
Comment 1 Andreas Peichert univentionstaff 2014-11-27 17:05:47 CET
r56250 Bug #36906: add tooltip in instance wizard
r56251 Bug #36906: Add tooltip in instance wizard YAML

Package: univention-virtual-machine-manager-daemon
Version: 4.0.20-5.565.201411271655
Branch: ucs_4.0-0
Scope: errata4.0-0
Comment 2 Erik Damrose univentionstaff 2015-01-22 13:20:50 CET
The tooltips / popups look very good.

Some suggestions on how we could clarify the texts:

A key pair consists of a public and private key to log in using SSH.
> OK
The configuration of all keys takes place directly via the administration page
of the cloud.
>The key creation or upload has to be done at the provider's administration interface.


A security group acts as a virtual firewall that controls the traffic of the
instance. To access a website in a secure way (for example via the edit page
of the instance), a group rule should be used which allow incoming HTTPS
traffic. The configuration of all security groups takes place directly via
the administration page of the cloud.

>A security group acts as a virtual firewall that controls the traffic of the
>instance. To enable access, correct rules have to be configured (for example, a >UCS instance needs at least TCP ports 22 (ssh) and 443 (https))

The configuration of all security groups takes place directly via the administration page of the cloud.
> The security group configuration has to be done at the provider's administration interface.
Comment 3 Andreas Peichert univentionstaff 2015-01-22 16:02:41 CET
r57493 Bug #36906: Update tooltips in instance wizard
r57498 YAML update

Package: univention-virtual-machine-manager-daemon
Version: 4.0.21-2.573.201501221546
Branch: ucs_4.0-0
Scope: errata4.0-0
Comment 4 Erik Damrose univentionstaff 2015-01-23 10:50:25 CET
> The configuration of all security groups takes place directly via the 
> administration page of the cloud. The security group configuration has to 
> be done at the provider's administration interface.

Reopen: I think i expressed myself poorly, but the last two sentences are almost duplicate. Only the last sentence should be kept.
Comment 5 Erik Damrose univentionstaff 2015-01-23 12:20:07 CET
Fixed in
r57512 univention-virtual-machine-manager-daemon 4.0.21-3
r57514 2014-11-26-univention-virtual-machine-manager-daemon.yaml
Comment 6 Philipp Hahn univentionstaff 2015-01-23 14:43:17 CET
OK: r57512
OK: aptitude install '?source-package(univention-virtual-machine-manager-daemon)?installed'
OK: en
OK: de
OK: r57514
OK: 2014-11-26-univention-virtual-machine-manager-daemon.yaml
OK: errata-announce -V 2014-11-26-univention-virtual-machine-manager-daemon.yaml
Comment 7 Janek Walkenhorst univentionstaff 2015-01-29 11:49:03 CET
<http://errata.univention.de/ucs/4.0/52.html>