securing klopt installation

To prevent downtime and bad reputation we chose to secure the installations with a simple strategy. It will be outlined here.

If any machine will be compromised it will be through compromised software, it will not be by cracking an ssh password. So it is vital to keep security update up to par.

Also there is no reason to open up any other port than 443 on production machines, installation machines can remain completely shut.

development machine

These machines are generally less protected and it does not have to be. We develop and test on the dev machine and regularly commit to bitbucket. If a hacker really wants to hurt he might want to delete the sources from bitbucket. So a daily backup of all sources from multiple machine would be very useful.

backup machine

These are very small machines, they only need to download the sources and databases from bitbucket and nodes.

genesis machine

We start from the genesis machine which is a bare or even readonly machine with ssh outward only. The only way into this machine is login from the command line which means physical access to the console and knowledge of the password. The genesis machine can therefore be regarded as safe for installing other machines.

genesis also creates a key-pair for all machines it connects to and a separate password, creating a sort of compartments on a ship where only one compartment will flood and no others can be accessed.

installation machine

Separate installation machines will not be used.

At first the idea of an installation machine or provisioner seemed useful, especially inside a providers network. This would mean quick installs, but also extra security risks since it is another ssh connection that should be opened. So i have dispatched with this extra step.

klopt node machine

The main nodes will be exactly the same structure, and capable of doing all services. But some or all services will be started on such nodes.