List down External URL to whitelist for centos7 setup using dockerfile
List down External URL to whitelist for centos7 setup using dockerfile
I am seeting up Centos7 in our environment using dockerfile. Can someone help me in listing out external url to be whitelisted so that my dockerfile could work perfectly. In the dockerfile I am installing python3, pip,nodejs,npm
Re: List down External URL to whitelist for centos7 setup using dockerfile
CentOS 7 dies at the end of June. It's not a good choice for deploying new things.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: List down External URL to whitelist for centos7 setup using dockerfile
Indeed. Personally, I don't like containers (and particularly dislike docker) but if it were an old application that can't be rebuilt and thus has to have a legacy platform ...for deploying new things
A container is merely one or more processes on the host (which presumably is not CentOS 7).
On all(?) EL systems the host has firewall set to:
Inbound: allow minimal set of services, e.g. ssh
Outbound: allow everything
A "whitelist" implies outbound ruleset:
to X in list allow
to * deny
While the default outbound ruleset is:
to * allow
In other words, "everyone" is on the list. Do you really want to limit where your processes in the container can connect to?
Sounds like there might be things that are not on any yum repository. Even the yum repositories (for CentOS 7) tend to have mirrors, which means that their IP addresses do change (all the time) and are many. Add all the other services and your whitelist gets long.
Besides, firewall rules tend to match with IP address, not names. URLs do usually have names (for "humans").