Closed
Bug 1037159
Opened 10 years ago
Closed 10 years ago
net flows for new aws buildbot masters
Categories
(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)
Infrastructure & Operations Graveyard
NetOps: DC ACL Request
x86
macOS
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kmoir, Assigned: dcurado)
References
Details
Please add the following masters to the build masters group buildbot-master118.bb.releng.usw2.mozilla.com buildbot-master117.bb.releng.use1.mozilla.com Please add the following ips to the "Build Masters" list in the firewall rules 10.134.68.221 10.132.68.246 Please open netflows from the master(s) to: buildbot-rw-vip.db.scl3.mozilla.com 3306 and releng-rabbitmq-zlb.webapp.scl3.mozilla.com 5672
|
Assignee | |
Updated•10 years ago
|
Assignee: network-operations → dcurado
|
|
Assignee | |
Comment 2•10 years ago
|
||
OK, this is mildly interesting.
Dustin had me do a bunch of changes to fw1.releng.scl3 and fw1.scl3, which sort of synced up
the build-bot masters lists, and also generalized things a bit.
I include that information to help you if/when you need to put in future requests.
Here's the policy I added for letting bb-masters get to port 5672/tcp on
releng-rabbitmq-zlb.webapp.scl3.mozilla.com:
From zone: dc, To zone: webapp
Source addresses:
buildbot-master117.bb.releng.use1: 10.134.68.221/32 <--- I added this host for you,
buildbot-master118.bb.releng.usw2: 10.132.68.246/32 <--- and this one.
us-west-2-68: 10.132.68.0/24 <--- but look! I didn't need to!
us-east-1-68: 10.134.68.0/24 <--- they are already covered by this network!
buildbot-master116.srv.releng.usw2: 10.132.50.189/32
buildbot-master115.srv.releng.usw2: 10.132.49.29/32
buildbot-master114.srv.releng.use1: 10.134.48.122/32
buildbot-master113.srv.releng.use1: 10.134.49.144/32
buildbot-master98.srv.releng.use1: 10.134.48.51/32
buildbot-master97.srv.releng.usw2: 10.132.50.51/32
buildbot-master96.srv.releng.use1: 10.134.48.53/32
buildbot-master95.srv.releng.usw2: 10.132.49.197/32
buildbot-master94.srv.releng.use1: 10.134.48.86/32
buildbot-master93.srv.releng.usw2: 10.132.50.156/32
buildbot-master92.srv.releng.use1: 10.134.49.214/32
buildbot-master91.srv.releng.usw2: 10.132.48.136/32
buildbot-master90.srv.releng.use1: 10.134.49.133/32
buildbot-master80.srv.releng.usw2: 10.132.49.150/32
buildbot-master79.srv.releng.usw2: 10.132.49.117/32
buildbot-master78.srv.releng.usw2: 10.132.49.158/32
buildbot-master77.srv.releng.use1: 10.134.49.77/32
buildbot-master76.srv.releng.use1: 10.134.48.40/32
buildbot-master75.srv.releng.use1: 10.134.48.7/32
buildbot-master74.srv.releng.usw2: 10.132.49.94/32
buildbot-master73.srv.releng.usw2: 10.132.49.181/32
buildbot-master72.srv.releng.usw2: 10.132.50.54/32
buildbot-master71.srv.releng.use1: 10.134.49.111/32
buildbot-master70.srv.releng.use1: 10.134.49.94/32
buildbot-master69.srv.releng.use1: 10.134.48.106/32
buildbot-master68.srv.releng.usw2: 10.132.50.89/32
buildbot-master67.srv.releng.use1: 10.134.49.70/32
buildbot-master66.srv.releng.usw2: 10.132.50.247/32
buildbot-master64.srv.releng.usw2: 10.132.50.44/32
buildbot-master63.srv.releng.use1: 10.134.48.196/32
buildbot-master62.srv.releng.use1: 10.134.48.236/32
buildbot-master61.srv.releng.use1: 10.134.49.62/32
buildbot-master60.srv.releng.usw2: 10.132.50.56/32
buildbot-master59.srv.releng.use1: 10.134.49.223/32
buildbot-master58.srv.releng.usw2: 10.132.49.125/32
buildbot-master57.srv.releng.use1: 10.134.48.228/32
buildbot-master56.srv.releng.usw2: 10.132.50.142/32
buildbot-master55.srv.releng.use1: 10.134.49.93/32
buildbot-master54.srv.releng.usw2: 10.132.50.240/32
buildbot-master53.srv.releng.usw2: 10.132.49.154/32
buildbot-master52.srv.releng.use1: 10.134.48.234/32
buildbot-master51.srv.releng.use1: 10.134.48.31/32
buildbot-master06.srv.releng.usw2: 10.132.48.18/32
buildbot-master05.srv.releng.usw2: 10.132.48.17/32
buildbot-master04.srv.releng.usw2: 10.132.48.16/32
buildbot-master03.srv.releng.use1: 10.134.48.10/32
buildbot-master02.srv.releng.use1: 10.134.48.9/32
buildbot-master01.srv.releng.use1: 10.134.48.8/32
Destination addresses:
releng-rabbitmq-zlb: 10.22.81.81/32
Application: amqp
IP protocol: tcp, ALG: 0, Inactivity timeout: 1800
Source port range: [0-0]
Destination port range: [5672-5672]
I won't bother including the mysql policy here, as that was already set up for all the bb-masters,
and I just had to add your new bb-masters to the list.
Anyway, please let me know if there are any problems?
Thanks -- DaveStatus: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
Reporter | |
Comment 3•10 years ago
|
||
Thanks Dave, will let you know if I see any issues :-)
|
||
Updated•2 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•