Friday, 2020-01-03

« Thursday, 2020-01-02 Index Saturday, 2020-01-04 »
*** skyraven has joined #openstack00:00
*** skyraven has quit IRC00:08
*** skyraven has joined #openstack00:09
*** d34dh0r53 has quit IRC00:14
*** skyraven has quit IRC00:14
*** shokohsc has joined #openstack00:31
*** imega has quit IRC00:48
*** nurdie has joined #openstack00:55
*** gyee has quit IRC00:58
*** nurdie has quit IRC01:00
*** brokencycle has quit IRC01:10
*** wings has quit IRC01:31
*** wings has joined #openstack01:33
*** f0o has quit IRC01:37
*** f0o has joined #openstack01:38
*** spsurya has quit IRC02:03
*** skyraven has joined #openstack02:10
*** skyraven has quit IRC02:15
*** k_mouza has quit IRC02:30
*** d34dh0r53 has joined #openstack02:55
*** Onionnion has joined #openstack02:59
*** rvd has joined #openstack03:54
*** idlemind has joined #openstack04:00
*** skyraven has joined #openstack04:11
*** Lucas_Gray has joined #openstack04:16
*** skyraven has quit IRC04:16
*** bobmel has joined #openstack04:50
*** bobmel has quit IRC04:55
*** pbing19 has joined #openstack05:04
*** Lucas_Gray has quit IRC05:29
*** links has joined #openstack05:30
*** soniya29 has joined #openstack05:35
*** surpatil has joined #openstack05:46
*** pbing19 has quit IRC05:58
*** pbing19 has joined #openstack05:58
*** skyraven has joined #openstack06:12
*** skyraven has quit IRC06:17
*** shyamb has joined #openstack06:23
*** sauvin has joined #openstack06:25
*** pbing19 has quit IRC06:34
*** pbing19 has joined #openstack06:36
*** ymasson has quit IRC06:43
*** nurdie has joined #openstack06:47
*** nurdie has quit IRC06:51
*** SurajPatil has joined #openstack06:59
*** surpatil has quit IRC07:02
*** surpatil has joined #openstack07:11
*** pbing19 has quit IRC07:11
*** pbing19 has joined #openstack07:12
*** SurajPatil has quit IRC07:13
*** shyamb has quit IRC07:17
*** shyamb has joined #openstack07:19
*** E1ephant has quit IRC07:28
*** cah_link has joined #openstack07:29
*** shyamb has quit IRC07:31
*** mn3m has quit IRC07:49
*** maddtux has joined #openstack07:51
*** Domin has quit IRC07:53
*** shyamb has joined #openstack08:01
*** skyraven has joined #openstack08:03
*** jtomasek has joined #openstack08:04
*** shyamb has quit IRC08:05
*** bengates has joined #openstack08:08
*** ArchiFleKs has joined #openstack08:12
*** tesseract has joined #openstack08:14
*** shyamb has joined #openstack08:30
*** Lucas_Gray has joined #openstack08:34
*** pcaruana has joined #openstack08:35
*** rpittau|afk is now known as rpittau08:41
*** Lucas_Gray has quit IRC08:48
*** Domin has joined #openstack08:51
*** shyam89 has joined #openstack08:52
*** shyamb has quit IRC08:52
*** bobmel has joined #openstack08:52
*** bl0m1 has quit IRC08:54
*** bl0m1 has joined #openstack08:56
*** bobmel has quit IRC08:57
*** bl0m1 has quit IRC08:58
*** Lucas_Gray has joined #openstack08:58
*** bl0m1 has joined #openstack08:58
*** wings has quit IRC09:15
*** Lucas_Gray has quit IRC09:26
*** alexmcleod has joined #openstack09:42
*** Lucas_Gray has joined #openstack09:44
*** SurajPatil has joined #openstack09:59
*** arnoldoree has joined #openstack10:01
*** surpatil has quit IRC10:02
*** rohitsakala has joined #openstack10:11
*** k_mouza has joined #openstack10:25
*** pbing19 has quit IRC10:31
*** surpatil has joined #openstack10:32
*** pbing19 has joined #openstack10:32
*** shyam89 has quit IRC10:34
*** SurajPatil has quit IRC10:34
*** imega has joined #openstack10:49
*** rvd has quit IRC10:57
*** SurajPatil has joined #openstack10:59
*** surpatil has quit IRC11:02
*** shyamb has joined #openstack11:06
*** surpatil has joined #openstack11:09
*** SurajPatil has quit IRC11:12
*** Lucas_Gray has quit IRC11:13
*** vxwarlock has joined #openstack11:18
*** Lucas_Gray has joined #openstack11:26
*** Lucas_Gray has quit IRC11:31
*** Lucas_Gray has joined #openstack11:32
*** Lucas_Gray has quit IRC11:34
*** Lucas_Gray has joined #openstack11:34
*** pbing19 has quit IRC11:44
*** shyamb has quit IRC11:45
*** bobmel has joined #openstack11:47
*** Lucas_Gray has quit IRC11:58
*** tonythomas has joined #openstack12:05
*** devfaz has quit IRC12:08
*** devfaz has joined #openstack12:09
*** Lucas_Gray has joined #openstack12:11
*** SurajPatil has joined #openstack12:12
*** pbing19 has joined #openstack12:14
*** surpatil has quit IRC12:14
*** servagem has joined #openstack12:14
*** SirNeo has quit IRC12:15
*** Lucas_Gray has quit IRC12:20
*** rohitsakala has quit IRC12:21
*** slaweq has joined #openstack12:27
*** shyamb has joined #openstack12:27
*** dviroel has joined #openstack12:36
*** cyclaw has quit IRC12:37
*** gentoorax has joined #openstack12:38
*** slaweq has quit IRC12:42
*** slaweq has joined #openstack12:50
*** surpatil has joined #openstack13:06
*** slaweq has quit IRC13:06
*** SurajPatil has quit IRC13:08
*** bobmel has quit IRC13:11
*** shyamb has quit IRC13:21
*** pbing19 has quit IRC13:22
*** slaweq has joined #openstack13:26
*** pbing19 has joined #openstack13:28
*** soniya29 has quit IRC13:31
*** slaweq has quit IRC13:32
*** slaweq has joined #openstack13:49
*** slaweq has quit IRC13:53
*** surpatil has quit IRC13:56
*** links has quit IRC14:42
*** pbing19 has quit IRC14:48
*** henriqueof has joined #openstack14:57
*** slaweq has joined #openstack14:57
*** pbing19 has joined #openstack15:02
*** henriqueof has quit IRC15:03
*** henriqueof has joined #openstack15:03
*** renich has joined #openstack15:24
*** coboluxx has quit IRC15:27
*** slaweq has quit IRC15:29
*** renich has quit IRC15:33
*** nurdie has joined #openstack15:37
*** shortparry has joined #openstack15:42
*** shortparry has quit IRC15:45
*** shortparry has joined #openstack15:47
*** pbing19 has quit IRC16:02
*** shyamb has joined #openstack16:13
*** bengates has quit IRC16:26
*** bengates has joined #openstack16:27
*** bengates has quit IRC16:27
*** maddtux has quit IRC16:27
*** pbing19 has joined #openstack16:27
*** takamatsu has joined #openstack16:37
*** k_mouza has quit IRC16:37
*** Onionnion has quit IRC16:39
*** gentoorax is now known as cyclaw16:39
*** thorre has quit IRC16:41
*** thorre has joined #openstack16:41
*** shortparry has quit IRC16:43
*** henriqueof has quit IRC16:44
*** ymasson has joined #openstack16:46
*** shyamb has quit IRC16:46
*** imega has quit IRC16:54
*** gyee has joined #openstack17:03
*** links has joined #openstack17:06
*** cah_link has quit IRC17:16
*** rpittau is now known as rpittau|afk17:18
*** jathan has joined #openstack17:28
*** nurdie_ has joined #openstack17:31
*** quantomworks has joined #openstack17:33
*** pbing19 has quit IRC17:33
*** pbing19 has joined #openstack17:33
quantomworksConfused. How would one go about blacklisting an IP Address when using octavia loadbalancer? Do security groups work? Last I tried, it didn't have any effect since the only address that needed to be whitelisted was the loadbalancer on the same private network.17:35
*** nurdie has quit IRC17:35
*** nurdie_ has quit IRC17:37
*** jonaspaulo has joined #openstack17:38
johnsomquantomworks There are a few ways to do this.17:41
quantomworksI'm all ears17:41
quantomworksCurrently using proxy protocl + nginx to yeild restrictions17:41
johnsomquantomworks If you are running the Train release or newer, there is an ACL API available on the listener.17:41
quantomworksprotocol*17:41
quantomworksWe are unfortunentally on Stein right now17:41
*** spiral has joined #openstack17:44
johnsomquantomworks If not, then you can use a security group on a floating IP that points to the VIP or use TLS to block requests with no client certificate17:44
quantomworksThat's what I was afraid of. If I have to use a floating IP instead of a loadbalancer I have to made some heavy adjustments...17:44
johnsomquantomworks Finally, you can use an L7 policy and rule to blacklist an address based on the HTTP header fields17:44
quantomworksAh that may be an option. Less adjustments.17:45
johnsomquantomworks Oh, no, you would still use the load balancer, just point a floating IP at it17:45
*** pbing19 has quit IRC17:45
quantomworksReally? How would I apply a security group on a floating IP?17:45
quantomworksI thought they were project wide/utilized by instance17:45
johnsomquantomworks i.e. create a private network with no access for the load balancer VIP, then point a floating IP to that VIP17:45
quantomworksHmm. Last time I tried to put a lb on a different subnet than my instances I would get nothing but timeouts. I didn't investigate far though and was also trying to use an office network that was setup/had a tunnel attached. There may have been other factors...17:47
johnsomquantomworks Well, maybe you didn't use Octavia before? With Octavia it is very common to have the VIP and members on different networks17:48
quantomworksWe are using Octavia at this time and the last I tried. I also tried it with a separate private network, but in both scenarios they did have a gateway on the network/subnet so they did have access. I wonder if thats a factor...17:49
*** alexmcleod has quit IRC17:50
johnsomquantomworks member server networks don't require a gateway for load balancers to access them.  Did you specify a subnet when you created the members? If you didn't do that you required them to be on the VIP subnet.17:51
quantomworksWhen I created the LB I specified a subnet last I tested. If all I need is the network then I will attempt it this way during our down time.17:56
johnsomWell, you specify a subnet at both LB creation time, then optionally at member create time if the member is not located on the VIP subnet.17:57
quantomworksWhat do you mean?17:59
quantomworksAh nevermind I see17:59
quantomworksThank you for the information you provided. I will weigh these options and do some testing and adjustments.18:02
johnsomSure, NP. Also, there is a #openstack-lbaas channel where the load balancing folks hang out, so if you have further questions it is a good resource.18:04
quantomworksAwesome, thanks for that!18:10
*** tomgray has joined #openstack18:24
*** bobmel has joined #openstack18:46
*** bobmel has quit IRC18:46
*** bobmel has joined #openstack18:46
*** Lucas_Gray has joined #openstack18:48
*** tonythomas has quit IRC18:53
*** nurdie has joined #openstack18:55
*** brokencycle has joined #openstack18:59
quantomworks@johnsom regarding the security group method, Is this equivalent to editing the port's security groups assigned to the loadbalancer?19:00
quantomworksIt is odd because currently, under horizon, the port status is showing down for the VIP. However these are the current settings/its on the same network.19:01
quantomworksThere is another port prefixed with vrrp though that appers to be the octavia instance and is enabled.19:02
quantomworksI cant edit that port though19:02
*** nurdie_ has joined #openstack19:02
*** nurdie has quit IRC19:06
*** nurdie_ has quit IRC19:07
*** paladox has quit IRC19:10
*** jraju__ has joined #openstack19:12
*** links has quit IRC19:13
*** cah_link has joined #openstack19:17
*** iniazi has quit IRC19:18
*** iniazi has joined #openstack19:18
*** jraju__ has quit IRC19:19
*** henriqueof has joined #openstack19:21
*** dtrainor_ has joined #openstack19:21
*** pck has quit IRC19:22
*** dtrainor has quit IRC19:24
*** dayou has quit IRC19:26
*** dayou has joined #openstack19:26
*** sauvin has quit IRC19:29
*** paladox has joined #openstack19:34
*** paladox has quit IRC19:35
*** paladox has joined #openstack19:35
*** khyr0n has joined #openstack19:45
*** Lucas_Gray has quit IRC20:00
*** quantomworks has quit IRC20:05
*** cah_link has quit IRC20:12
*** random_yanek has quit IRC20:16
*** random_yanek has joined #openstack20:23
*** vxwarlock has quit IRC20:48
*** takamatsu has quit IRC20:51
*** rav3n has joined #openstack21:23
*** sshnaidm has joined #openstack21:28
*** shibboleth has joined #openstack21:45
*** servagem has quit IRC21:52
*** cah_link has joined #openstack21:55
*** bobmel has quit IRC22:05
*** cah_link has quit IRC22:07
*** stewie925 has joined #openstack22:34
*** TxGirlGeek has joined #openstack22:35
*** dviroel has quit IRC22:48
*** tesseract has quit IRC22:54
*** pcaruana has quit IRC22:59
*** factor has quit IRC23:14
*** factor has joined #openstack23:15
*** TxGirlGeek has quit IRC23:28
*** arnoldoree has quit IRC23:30
*** jathan has quit IRC23:31
*** shibboleth has quit IRC23:52
*** gyee has quit IRC23:58
« Thursday, 2020-01-02 Index Saturday, 2020-01-04 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!