You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Load balancers should have two security groups but only have one.
Expected behaviour
The load balancers should have two security groups. One that takes care of firewall rules, and another without rules that allows ARP and IP traffic between the load balancer and its instances.
Currently the load balancers have only one group that handles both firewall rules and ARP/IP traffic between LB and instances. This causes all of the LB firewall rules to be applied to instances as well.
Summary
Load balancers should have two security groups but only have one.
Expected behaviour
The load balancers should have two security groups. One that takes care of firewall rules, and another without rules that allows ARP and IP traffic between the load balancer and its instances.
Current faulty behaviour
Currently the load balancers have only one group that handles both firewall rules and ARP/IP traffic between LB and instances. This causes all of the LB firewall rules to be applied to instances as well.
Solution
Edit This line and other relevant parts of the LB api to create and maintain two groups. https://github.com/axsh/wakame-vdc/blob/master/dcmgr/lib/dcmgr/endpoints/12.03/load_balancers.rb#L112
Estimated time to fix
2 days if we don't write tests for it
The text was updated successfully, but these errors were encountered: