Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load balancer security groups #170

Closed
Metallion opened this issue Feb 19, 2013 · 1 comment
Closed

Load balancer security groups #170

Metallion opened this issue Feb 19, 2013 · 1 comment
Labels
Type : Bug

Comments

@Metallion
Copy link
Contributor

Summary

Load balancers should have two security groups but only have one.

Expected behaviour

The load balancers should have two security groups. One that takes care of firewall rules, and another without rules that allows ARP and IP traffic between the load balancer and its instances.

             LB - Instance group without rules
        +-----------------------------------------+
        |                                         |
        |                                         |
        |    LB firewall rules                    |
     +--|---------------------+                   |
     |  |  +----------------+ |    +----------+   |
     |  |  |                | |    |          |   |
     |  |  | Load balancer  | |    | Instance |   |
     |  |  |                | |    |          |   |
     |  |  +----------------+ |    +----------+   |
     +--|---------------------+                   |
        |                                         |
        +-----------------------------------------+

Current faulty behaviour

Currently the load balancers have only one group that handles both firewall rules and ARP/IP traffic between LB and instances. This causes all of the LB firewall rules to be applied to instances as well.

   1 group with rules and Inst-LB connection
 +-----------------------------------------+
 |                                         |
 |                                         |
 |  +----------------+      +----------+   |
 |  |                |      |          |   |
 |  | Load balancer  |      | Instance |   |
 |  |                |      |          |   |
 |  +----------------+      +----------+   |
 |                                         |
 |                                         |
 +-----------------------------------------+

Solution

Edit This line and other relevant parts of the LB api to create and maintain two groups. https://github.com/axsh/wakame-vdc/blob/master/dcmgr/lib/dcmgr/endpoints/12.03/load_balancers.rb#L112

Estimated time to fix

2 days if we don't write tests for it
@unakatsuo unakatsuo mentioned this issue Feb 21, 2013
Open
rakshasa added a commit that referenced this issue Jun 11, 2013
@rakshasa
Merge pull request #170 from axsh/feature-ip-handle-retention
80d8b2f 
Feature ip handle retention
@Metallion
Copy link
Contributor Author

Has been done.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type : Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Metallion