[Openstack-operators] Keystone audit logs with haproxy

Ajay Kalambur (akalambu) akalambu at cisco.com
Wed Nov 25 05:40:06 UTC 2015

Have a deployment where keystone sits behind a ha proxy node. Now authentication requests are made to a vip. Problem is when there is an authentication failure we cannot track the remote ip that failed login as all authentication failures show the VIP ip since ha proxy fwds the request to a backend keystone server

How do we use a load balancer like ha proxy and also track the remote failed ip for authentication failures
We get all authentication failures showing up with remote ip as vip ip


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20151125/787afdb8/attachment.html>

More information about the OpenStack-operators mailing list