Page MenuHomePhabricator

Determine process to set up LVS instances under neutron
Closed, ResolvedPublic


Now that eqiad1-r exists and instances can run there, we should figure out what neutron configuration would be required to allow LVS to operate within labs like it does in prod.

Event Timeline

In particular we should look at network restrictions around LVS instances and the backends. I assume LVS should be able to impersonate any host when sending to its backends, and the backends should be able to impersonate the LVS instance when talking to any host. looks relevant - port security and address pairs?
If we do disable port security somewhere we should consider what implications that has for other instances and whether extra restrictions are necessary.

aborrero changed the task status from Open to Stalled.Nov 22 2019, 10:21 AM
aborrero triaged this task as Low priority.
aborrero claimed this task.

I consider this task done. The docs mentioned in the previous comment are up-to-date and this is something one can do in CloudVPS today.