Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

Thoughts about the scale out?
New on LowEndTalk? Please Register and read our Community Rules.

Thoughts about the scale out?

bookstackbookstack Member
edited July 2014 in Help

I have some services, such as elasticsearch and redis to run and they clearly won't fit into a single VM. As most providers won't support the virtual network, the service endpoints have to be exposed to the internet to serve others.

The high availability is not a concern here, I just want to harden the service endpoint to disallow malicious usage.

I could think of the following approaches:

  • password if the service supports it
  • iptable for IP whitelist
  • vpn? Should vpn be a point-to-point network?
  • tinc to create a mesh network?

I wonder has anybody has in this situation, and what is your preferred solution?

My site, powered by Netlify and Let's Encrypt.


  • NickMNickM Member

    I'm a fan of tinc for this kind of thing. The only other advice I would have is to make sure that you have the services only listen on the tinc interface.

  • FrankZFrankZ Member

    +1 for tinc

Sign In or Register to comment.