droplan
droplan copied to clipboard
tam7t
Manage iptable rules for the private interface on DigitalOcean droplets
Hi @tam7t I had a quick look ad the code, and it seems to me that you only append rules to the chain. Droplets are ephemeral, so we will end...
rules applied by droplan seem to be pre-empted by docker iptable rules (at least on coreos)
Following a reboot it may take up to 5 minutes (if using the cron method) for iptable rules to be applied, leaving the droplet unprotected. This may not be obvious...
I think it would be nicer to run `droplan` as a daemon process that continuously ran so that it could better splay out requests to the digitalocean api and more...