Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > Guides > Dashboard Users Guide > Settings > Account > Concepts > About Firewalls > Host Design Assets Behind a Firewall

Host Design Assets Behind a Firewall

Overview

RightLink is capable of importing Chef cookbooks from Git and Subversion repositories. If you host your own Git or Subversion servers, you may need to configure your firewall to allow inbound requests from RightScale.

Prerequisites

This information applies to the following environment:

  • RightScale customers who use Chef-based ServerTemplates
  • Chef cookbook repositories (git or Subversion) that reside behind a firewall

This information does not apply to:

  • RightScale customers who use RightScript-based ServerTemplates
  • Chef cookbook repositories hosted on the Internet (via GitHub, BitBucket or similar)

Goal

After completing this how-to, you will have configured your network firewall to allow RightScale access to your private repositories. You will be able to import Chef cookbooks for use with the ServerTemplates you build.

Procedure

Note RightScale-Operated Networks

RightScale operates network infrastructure in several geographical regions to provide fault tolerance. Your instances generally communicate with infrastructure in a nearby geographical region, but may be redirected to remote regions during network or cloud outages.

Network/CIDR Location Description
54.225.248.128/27 US-East us-3 cluster and island1 resources
54.244.88.96/27 US-West us-4 cluster and island10 resources
54.86.63.128/26 US-East additional island1 resources
54.187.254.128/26 US-West additional island10 resources
54.217.243.218/32
54.217.243.226/32
Europe

island2 resources. Can be removed after April 30, 2015.

Only required for workloads in AWS EU-Frankfurt and AWS EU-Ireland.

54.246.247.16/28  Europe  Only required for workloads in AWS EU-West and EU-Central. 

54.248.220.136/32

54.248.220.137/32

Japan

island8 resources. Can be removed after April 30 2015.  

Only required for workloads in AWS AP-Tokyo and AWS AP-Sydney

54.248.220.128/28 Japan Only required for workloads in AWS AP-Tokyo and AWS AP-Sydney. 

54.251.98.164/32

54.251.106.120/32

Singapore

island5 resources. Can be removed after April 30 2015.  

Only required  for workloads in AWS AP-Singapore.

54.255.255.208/28 Singapore Only required for workloads in AWS AP-Singapore. 

Enable SCM Repository Requests

You will need to add ingress rules that allow RightScale infrastructure to connect to your design asset repository:

Source Network/CIDR Ports Purpose
54.225.248.128/27 configurable (usually tcp/22 or tcp/443) Receive SCM repository requests from us-3
54.244.88.96/27 configurable (usually tcp/22 or tcp/443) Receive SCM repository requests from us-4
54.86.63.128/26 configurable (usually tcp/22 or tcp/443) Receive SCM repository requests from us-3
54.187.254.128/26 configurable (usually tcp/22 or tcp/443) Receive SCM repository requests from us-4
54.246.247.16/28 configurable (usually tcp/22 or tcp/443) Reserved for expansion
54.255.255.208/28 configurable (usually tcp/22 or tcp/443) Reserved for expansion

What's Next

You can now design ServerTemplates that use Chef cookbooks imported from your private repository.

You must to post a comment.
Last modified
15:21, 24 Nov 2014

Tags

This page has no custom tags.

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.