Specifying a node's Client Network is untrusted

If you are using a Client Network, you can specify whether each node's Client Network is trusted or untrusted. You can also specify the default setting for new nodes added in an expansion.

Before you begin

Steps

  1. Select Configuration > Untrusted Client Network.

    The Untrusted Client Networks page appears.

    This page lists all nodes in your StorageGRID system. The Unavailable Reason column includes an entry if the Client Network on the node must be trusted. For example, a bare-metal node can only have a trusted Client Network, so the Unavailable Reason column for a node deployed on Red Hat Enterprise Linux would show Unsupported Platform: RHEL container.


    Untrusted Client Networks
  2. In the Set New Node Default section, specify what the default setting should be when new nodes are added to the grid in an expansion procedure.
    • Trusted: When a node is added in an expansion, its Client Network is trusted.
    • Untrusted: When a node is added in an expansion, its Client Network is untrusted.
    As required, you can return to this page to change the setting for a specific new node.
    Note: This setting does not affect the existing nodes in your StorageGRID system.
  3. In the Select Untrusted Client Network Nodes section, select the nodes that should allow client connections only on explicitly configured load balancer endpoints.
    You can select or unselect the check box in the title to select or unselect all nodes.
  4. Click Save.
    The new firewall rules are immediately added and enforced. Existing client connections might fail if load balancer endpoints have not been configured.