[Openstack-operators] Octavia on ocata centos 7
Ignazio Cassano
ignaziocassano at gmail.com
Thu May 10 17:45:45 UTC 2018
Hi everyone,
I am moving from lbaas v2 based on haproxy driver to octavia on centos 7
ocata.
I installed a new host with octavia following the documentation.
I removed all old load balancers, stopped lbaas agent and configured
neutron following this link:
https://docs.openstack.org/octavia/queens/contributor/guides/dev-quick-start.html
On the octavia server all services are active, amphora images are
installed, but when I try to create a load balancer:
nuutron lbaas-loadbalancer-create --name lb1 private-subnet
it tries to connect to 127.0.0.1:5000
Either on octavia.conf or neutron.conf the section for keystone is
correctly configured
to reach controller address.
The old lbaas v2 based on haproxy driver worked fine before changing
configuration but
is was not possible protect lbaas adresses with security groups (this
is a very old problem) because security groups are applyed only to vm
ports.
Since Octavia load balancer is based on vm deirved from amphora image,
I'd like to use it to improve my security.
Any suggestion for my octavia configuration or alternatives to improve
security on lbaas ?
Thanks and Regards
Ignazio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20180510/f39b9405/attachment-0001.html>
More information about the OpenStack-operators
mailing list