mirror of
https://github.com/ubicloud/ubicloud.git
synced 2025-11-28 00:20:26 +08:00
9c28a4cdad
This allows for vm-specific firewalls, which offer two advantages: 1) VMs in the same private subnet can have separate firewall rules. Not all VMs in the same subnet run the same services, and there could easily be different firewall rules desired. 2) This will make it easier for managed services to use customer subnets. Instead of adding an internal firewall to the related subnet (which would affect other VMs in the subnet, even if they are customer managed and not-Ubicloud managed), the internal firewall is added directly to the VM, and only affects that specific VM.
12 lines
333 B
Ruby
12 lines
333 B
Ruby
# frozen_string_literal: true
|
|
|
|
Sequel.migration do
|
|
change do
|
|
create_table(:firewalls_vms) do
|
|
foreign_key :firewall_id, :firewall, type: :uuid, on_delete: :cascade
|
|
foreign_key :vm_id, :vm, type: :uuid, on_delete: :cascade
|
|
primary_key [:firewall_id, :vm_id]
|
|
index [:vm_id, :firewall_id]
|
|
end
|
|
end
|
|
end
|