Currently, intra-project traffic (i. e., from tools-login to tools-redis or from tools-webproxy to tools-webgrid-01) is not subject to the firewall rules of security groups. Due to that, security groups are not up to date, for example, the redis security group doesn't explicitely allow traffic on port 6379.
The move to eqiad could change the default behaviour.
Therefore, prior to the move, we need to make sure that:
a) all hosts have proper security groups assigned, and
b) security groups really allow traffic they're supposed to allow.
Version: unspecified
Severity: normal