I'm working on setting up a Cassandra cluster with Datastax OpsCenter. I'm following the instructions here, and I am currently setting up the OpsCenter server. On the firewall creationstep for the instance, my plan was to put all the future Cassandra nodes in a security group and allow access to most the ports (except 22, 8888, etc) only from this security group. This is the most sane way I could think of doing it, but since this is my first time setting this up, anyone have any other approaches? I am assuming the OpsServer panel will allow creating nodes with my security group.
If you use OpsCenter cloud provisioning, it can create a security group specifically for Cassandra/OpsCenter that has only needed ports open. However if that’s not an option, the guide you’ve linked to (here’s a DSE 4.5 version) should work too since you can select existing security group during OpsCenter provisioning.