Not able to set new "allow_host_access" property in cf-release manifest

Question

Not able to set new "allow_host_access" property in cf-release manifest

Closed this issue 10 years ago · 3 comments

We'd like to take advantage of the new option added in this commit:

64683f4

The new property hasn't been added to the spec or templates in cf-release so right now we'd need to set it manually in warden.yml after deployment.

Answer 1 · 2014-08-04T20:36:05.000Z

We have created an issue in Pivotal Tracker to manage this. You can view the current status of your issue at: https://www.pivotaltracker.com/story/show/76312042.

Answer 2 · 2014-08-06T22:25:29.000Z

@amhuber This should be opened against cf-release. Also, could you expand on why you would be interested in exposing this.

Answer 3 · 2014-08-06T22:55:57.000Z

I'll open an issue on cf-release.

As to why, we are required by our security policy to use IPSec encryption between all CF systems because you guys don't have SSL enabled on all internal communications, and that requires us to manage more complicated iptables rules than what you already create. Right now we have to work around this block rule so having this option exposed just lets us simplify our iptables logic.