OSDir

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL offloading for Virtual Routers / Loadbalancer


Thank's for your feedback Wei!

I'll dscuss the configuration via tags/values with some collegues, but I think that's a very practical way of configuring some LB specialities.

AFAIK there'll be some changes necessary to the codebase. Have you've done that changes internally or do I live in an ideal world and it's available maybe as pullrequest on github?
In short, may we use that work? :)

cheers,

- Stephan

Am Donnerstag, den 12.04.2018, 10:59 +0200 schrieb Wei ZHOU:
> Hi Stephan,
> 
> We (Leaseweb in Netherlands) had some work on it. It is implemented by
> network tags and lb tags.
> Here is our KB:
> https://kb.leaseweb.com/display/KB/Network%3A+CloudStack#Network:CloudStack-ConfiguringloadbalancerforanIPAddressofanIsolatedNetwork
> 
> -Wei
> 
> 2018-04-12 10:23 GMT+02:00 Stephan Seitz <s.seitz@xxxxxxxxxxxxxxxxxxx>:
> 
> > 
> > Hi!
> > 
> > We've got some projects where it would be very reasonable to have SSL
> > offloading for https available at the loadbalancing component in the VR.
> > 
> > Since loadbalancing is done via haproxy, that wouldn't be impossible to
> > configure (at least for the haproxy.conf).
> > 
> > I wonder if there's some documentation for the management <-> VR
> > communication. IMHO we need to add
> > - upload/update of ssl certs from the management node to the respective VR
> > - configuring/updating SSL as additional LB method (besides the
> > tcp-oproxy, tcp and udp methods)
> > - some VR's feedback or canary code to inform the management node about
> > the LB capabilities(?)
> > 
> > It would be really nice if someone could share some information. How would
> > you start that?
> > 
> > 
> > Thanks!
> > 
> > - Stephan
> > 
Mit freundlichen Grüßen,

Stephan Seitz

--

Heinlein Support GmbH
Schwedter Str. 8/9b, 10119 Berlin

http://www.heinlein-support.de

Tel: 030 / 405051-44
Fax: 030 / 405051-19

Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht
Berlin-Charlottenburg,
Geschäftsführer: Peer Heinlein -- Sitz: Berlin


Attachment: signature.asc
Description: This is a digitally signed message part