Closed
Bug 1011523
Opened 10 years ago
Closed 10 years ago
Open netflows from buildbot-master[113-116] to buildbot-rw-vip.db.scl3.mozilla.com:3306 and releng-rabbitmq-zlb.webapp.scl3.mozilla.com 5672
Categories
(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)
Infrastructure & Operations Graveyard
NetOps: DC ACL Request
x86_64
Linux
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: armenzg, Assigned: arzhel)
References
Details
See bug 859528 for similar request. Marking as major since our releng operations are in a bad state and we need to increase the capacity soon. 10.134.49.144 --fqdn buildbot-master113.srv.releng.use1.mozilla.com 10.134.48.122 --fqdn buildbot-master114.srv.releng.use1.mozilla.com 10.132.49.29 --fqdn buildbot-master115.srv.releng.usw2.mozilla.com 10.132.50.189 --fqdn buildbot-master116.srv.releng.usw2.mozilla.com
|
Reporter | |
Comment 1•10 years ago
|
||
Can you also open this flow? * releng-rabbitmq-zlb.webapp.scl3.mozilla.com 5672 (self-serve agent) See bug 985088 for a previous example.
|
|
Reporter | |
Updated•10 years ago
|
Summary: Open netflows from buildbot-master[113-116] to buildbot-rw-vip.db.scl3.mozilla.com:3306 → Open netflows from buildbot-master[113-116] to buildbot-rw-vip.db.scl3.mozilla.com:3306 and releng-rabbitmq-zlb.webapp.scl3.mozilla.com 5672
|
|
Reporter | |
Comment 2•10 years ago
|
||
In our notes I also see this: "request for the new hosts to the "Build Masters group"" Is that still relevant?
|
|
Reporter | |
Comment 3•10 years ago
|
||
Actually this: ** request for the new hosts to be added to the "Build Masters group" ** request for the new IPs to be added to the "Build Masters" list in the firewall rules I think it is related to this: https://bugzil.la/812342#c13 https://mana.mozilla.org/wiki/display/SECURITY/Firewall+Policy+Recommendation%3A+RelEng-SCl3
|
Assignee | |
Comment 4•10 years ago
|
||
Added to the address-set in releng.scl3 and scl1, let me know if something doesn't work as expected
Assignee: network-operations → arzhel
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
||
Comment 5•10 years ago
|
||
$ nc -zv buildbot-rw-vip.db.scl3.mozilla.com 3306 nc: connect to buildbot-rw-vip.db.scl3.mozilla.com port 3306 (tcp) failed: Connection timed out I tried this from buildbot-master113.srv.releng.use1.mozilla.com has address 10.134.49.144 buildbot-master114.srv.releng.use1.mozilla.com has address 10.134.48.122 buildbot-master115.srv.releng.usw2.mozilla.com has address 10.132.49.29 buildbot-master116.srv.releng.usw2.mozilla.com has address 10.132.50.189
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 6•10 years ago
|
||
Indeed, I forgot the firewall outside the releng BUs (scl3) Should be good now
Status: REOPENED → RESOLVED
Closed: 10 years ago → 10 years ago
Resolution: --- → FIXED
|
||
Updated•2 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•