Closed Bug 743713 Opened 13 years ago Closed 13 years ago

buildbot masters -> buildbot db VIPs

Categories

(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps: DC ACL Request
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dustin, Assigned: cransom)

References

Details

from: 10.12.48.18 (buildbot-master04.build.scl1.mozilla.com) 10.12.48.16 (buildbot-master06.build.scl1.mozilla.com) 10.2.71.132 (buildbot-master07.build.sjc1.mozilla.com) 10.2.71.133 (buildbot-master08.build.sjc1.mozilla.com) 10.2.71.134 (buildbot-master09.build.sjc1.mozilla.com) 10.2.71.142 (buildbot-master10.build.sjc1.mozilla.com) 10.2.71.142 (buildbot-master10.build.sjc1.mozilla.com) 10.12.49.11 (buildbot-master11.build.scl1.mozilla.com) 10.12.49.12 (buildbot-master12.build.scl1.mozilla.com) 10.12.49.13 (buildbot-master13.build.scl1.mozilla.com) 10.12.49.14 (buildbot-master14.build.scl1.mozilla.com) 10.12.49.15 (buildbot-master15.build.scl1.mozilla.com) 10.12.49.16 (buildbot-master16.build.scl1.mozilla.com) 10.12.49.17 (buildbot-master17.build.scl1.mozilla.com) 10.12.49.18 (buildbot-master18.build.scl1.mozilla.com) 10.250.48.237 (buildbot-master19.build.mtv1.mozilla.com) 10.250.48.238 (buildbot-master20.build.mtv1.mozilla.com) 10.12.49.19 (buildbot-master21.build.scl1.mozilla.com) 10.250.48.235 (buildbot-master22.build.mtv1.mozilla.com) 10.12.49.2 (buildbot-master23.build.scl1.mozilla.com) 10.12.49.3 (buildbot-master24.build.scl1.mozilla.com) 10.12.49.4 (buildbot-master25.build.scl1.mozilla.com) 10.2.71.144 (buildbot-master26.build.sjc1.mozilla.com) 10.2.71.141 (buildbot-master27.build.sjc1.mozilla.com) 10.26.48.17 (buildbot-master30.srv.releng.scl3.mozilla.com) 10.26.48.18 (buildbot-master31.srv.releng.scl3.mozilla.com) to buildbot-rw-vip.db.scl3.mozilla.com:tcp/3306 from 10.2.71.143 (cruncher.build.sjc1.mozilla.com) 10.12.48.22 (buildapi01.build.scl1.mozilla.com) to buildbot-rw-vip.db.scl3.mozilla.com:tcp/3306 (This is similar to the flows in bug 739194, just with different destination addresses. I suspect we will be able to remove those flows at the same time, but I'll let catlee make that call)
since 739194 already specifies the sources, it's basically no effort to add the -rw-vip destination and wait to remove the buildbot addresses later.
Assignee: network-operations → cransom
Status: NEW → ASSIGNED
12:04 < catlee-mtg> dustin: yeah, we can probably shut them off 12:04 < catlee-mtg> there's one thing that I know of that uses it 12:04 < catlee-mtg> but it's not in the critical path anywhere so yes, please replace the flows in bug 739194 with these flows. That will save one flow bug :)
Status: ASSIGNED → NEW
flows replaced, here's what's getting applied: [edit security policies from-zone dc to-zone db policy buildbot1-mysql match] - source-address [ tm-b01-master01 buildbot-master ]; - destination-address buildbot1; - application mysql; + source-address tm-b01-master01; + destination-address buildbot1; + application mysql; [edit security policies from-zone dc to-zone db] policy b1-db-mysql { ... } + /* 743713 */ + policy buildbot-rw-vip-mysql { + match { + source-address [ buildbot-master cruncher.build.sjc1 buildapi01.build.scl1 ]; + destination-address buildbot-rw-vip; + application mysql; + } + then { + permit; + } + } - /* 739194 */ - policy buildbot2-mysql { - match { - source-address [ cruncher.build.sjc1 buildapi01.build.scl1 ]; - destination-address buildbot2; - application mysql; - } - then { - permit; - } - }
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.