Hi Kees,
It's not possible to update the rules of the SG at the moment.
Some contributors are working on a feature that would allow ICMP echo requests on the VIP of a load balancer:
Customizing the SG of the VIP port is also a feature that has been requested on numerous occasions, we will discuss it during the next PTG in April.
Regards,
Greg
On Wed, Mar 13, 2024 at 3:09 PM Kees Meijs | Nefos <
keesm@nefos.nl> wrote:
Hello list,
When creating a new load balancer using Octavia, I noticed the VIP
network port gets assigned a dynamic created Security Group.
The Security Group does not contain a rule allowing ICMP, therefore
the VIP not being "pingable". Other than harder diagnostics, it
could pose PMTU issues and such.
Is it maybe possible to either just enable ICMP, or maybe template
the dynamic Security Groups?
Thanks in advance!
Cheers,
Kees