You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Mar 16, 2021. It is now read-only.
The current clustered heat templates support two NICs. In a 2-NIC implementation, each BIG-IP VE has one interface used for management and data-plane traffic from the Internet, and the second interface connected into the Neutron networks where traffic is processed by the pool members.
The concerns on current deployment mode are:
If we use internet facing NIC as management, which means we have to open 22 and 443 port, there will be potential risk for brute force attack.
In case we move the management function to internal NIC, the central management system need to have access to all tenants’ VE through internal NIC. That will not fully matching the tenant isolation policy. VEs in different tenant can see each other via the central management system.
Would you please help to check if we can provide Heat Orchestration Template to launch an nNIC (multi NIC) cluster deployment, which has separate management NIC.
The current clustered heat templates support two NICs. In a 2-NIC implementation, each BIG-IP VE has one interface used for management and data-plane traffic from the Internet, and the second interface connected into the Neutron networks where traffic is processed by the pool members.
The concerns on current deployment mode are:
Would you please help to check if we can provide Heat Orchestration Template to launch an nNIC (multi NIC) cluster deployment, which has separate management NIC.