admin/3engines_doc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a5b218a130d4745260f0426270df080b341d125
3engines_doc/site/kubernetes/Configuring-IP-Whitelisting-for-OpenStack-Load-Balancer-using-Terraform-on-3Engines-Cloud.html.html
govardhan 5a5b218a13 build site generated
2025-06-19 21:50:45 +05:30

132 lines
60 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Documentation for 3Engines services and products"><meta name=author content=3Engines><link rel=canonical href=https://docs.3Engines.com/kubernetes/Configuring-IP-Whitelisting-for-OpenStack-Load-Balancer-using-Terraform-on-3Engines-Cloud.html.html><link rel=icon href=../assets/favicon.ico><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.6.14"><title>Configuring IP Whitelisting for OpenStack Load Balancer using Terraform on 3Engines Cloud🔗 - 3Engines Documentation</title><link rel=stylesheet href=../assets/stylesheets/main.342714a4.min.css><link rel=stylesheet href=../assets/stylesheets/palette.06af60db.min.css><script src=https://unpkg.com/iframe-worker/shim></script><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../stylesheets/extra.css><script>__md_scope=new URL("..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script> <link href="../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
html.glightbox-open { overflow: initial; height: 100%; }
.gslide-title { margin-top: 0px; user-select: text; }
.gslide-desc { color: #666; user-select: text; }
.gslide-image img { background: white; }
.gscrollbar-fixer { padding-right: 15px; }
.gdesc-inner { font-size: 0.75rem; }
body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);}
body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);}
body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}</style> <script src="../assets/javascripts/glightbox.min.js"></script></head> <body dir=ltr data-md-color-scheme=default data-md-color-primary=blue-grey data-md-color-accent=indigo> <input class=md-toggle data-md-toggle=drawer type=checkbox id=__drawer autocomplete=off> <input class=md-toggle data-md-toggle=search type=checkbox id=__search autocomplete=off> <label class=md-overlay for=__drawer></label> <div data-md-component=skip> <a href=#configuring-ip-whitelisting-for-openstack-load-balancer-using-terraform-on-3engines-cloud class=md-skip> Skip to content </a> </div> <div data-md-component=announce> </div> <header class=md-header data-md-component=header> <nav class="md-header__inner md-grid" aria-label=Header> <a href=../index.html title="3Engines Documentation" class="md-header__button md-logo" aria-label="3Engines Documentation" data-md-component=logo> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54"/></svg> </a> <label class="md-header__button md-icon" for=__drawer> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M3 6h18v2H3zm0 5h18v2H3zm0 5h18v2H3z"/></svg> </label> <div class=md-header__title data-md-component=header-title> <div class=md-header__ellipsis> <div class=md-header__topic> <span class=md-ellipsis> 3Engines Documentation </span> </div> <div class=md-header__topic data-md-component=header-topic> <span class=md-ellipsis> Configuring IP Whitelisting for OpenStack Load Balancer using Terraform on 3Engines Cloud🔗 </span> </div> </div> </div> <form class=md-header__option data-md-component=palette> <input class=md-option data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme=default data-md-color-primary=blue-grey data-md-color-accent=indigo aria-label="Switch to dark mode" type=radio name=__palette id=__palette_0> <label class="md-header__button md-icon" title="Switch to dark mode" for=__palette_1 hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a4 4 0 0 0-4 4 4 4 0 0 0 4 4 4 4 0 0 0 4-4 4 4 0 0 0-4-4m0 10a6 6 0 0 1-6-6 6 6 0 0 1 6-6 6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg> </label> <input class=md-option data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme=slate data-md-color-primary=indigo data-md-color-accent=indigo aria-label="Switch to light mode" type=radio name=__palette id=__palette_1> <label class="md-header__button md-icon" title="Switch to light mode" for=__palette_0 hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 18c-.89 0-1.74-.2-2.5-.55C11.56 16.5 13 14.42 13 12s-1.44-4.5-3.5-5.45C10.26 6.2 11.11 6 12 6a6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg> </label> </form> <script>var palette=__md_get("__palette");if(palette&&palette.color){if("(prefers-color-scheme)"===palette.color.media){var media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']");palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent")}for(var[key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script> <label class="md-header__button md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg> </label> <div class=md-search data-md-component=search role=dialog> <label class=md-search__overlay for=__search></label> <div class=md-search__inner role=search> <form class=md-search__form name=search> <input type=text class=md-search__input name=query aria-label=Search placeholder=Search autocapitalize=off autocorrect=off autocomplete=off spellcheck=false data-md-component=search-query required> <label class="md-search__icon md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg> </label> <nav class=md-search__options aria-label=Search> <a href=javascript:void(0) class="md-search__icon md-icon" title=Share aria-label=Share data-clipboard data-clipboard-text data-md-component=search-share tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M18 16.08c-.76 0-1.44.3-1.96.77L8.91 12.7c.05-.23.09-.46.09-.7s-.04-.47-.09-.7l7.05-4.11c.54.5 1.25.81 2.04.81a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3c0 .24.04.47.09.7L8.04 9.81C7.5 9.31 6.79 9 6 9a3 3 0 0 0-3 3 3 3 0 0 0 3 3c.79 0 1.5-.31 2.04-.81l7.12 4.15c-.05.21-.08.43-.08.66 0 1.61 1.31 2.91 2.92 2.91s2.92-1.3 2.92-2.91A2.92 2.92 0 0 0 18 16.08"/></svg> </a> <button type=reset class="md-search__icon md-icon" title=Clear aria-label=Clear tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12z"/></svg> </button> </nav> <div class=md-search__suggest data-md-component=search-suggest></div> </form> <div class=md-search__output> <div class=md-search__scrollwrap tabindex=0 data-md-scrollfix> <div class=md-search-result data-md-component=search-result> <div class=md-search-result__meta> Initializing search </div> <ol class=md-search-result__list role=presentation></ol> </div> </div> </div> </div> </div> </nav> </header> <div class=md-container data-md-component=container> <nav class=md-tabs aria-label=Tabs data-md-component=tabs> <div class=md-grid> <ul class=md-tabs__list> <li class=md-tabs__item> <a href=../index.html class=md-tabs__link> Home </a> </li> <li class=md-tabs__item> <a href=../cloud/cloud.html.html class=md-tabs__link> Cloud </a> </li> <li class=md-tabs__item> <a href=../datavolume/datavolume.html.html class=md-tabs__link> Data Volume </a> </li> <li class=md-tabs__item> <a href=../networking/networking.html.html class=md-tabs__link> Networking </a> </li> <li class=md-tabs__item> <a href=../s3/s3.html.html class=md-tabs__link> S3 </a> </li> <li class=md-tabs__item> <a href=../windows/windows.html.html class=md-tabs__link> Windows </a> </li> </ul> </div> </nav> <main class=md-main data-md-component=main> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component=sidebar data-md-type=navigation> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--primary md-nav--lifted" aria-label=Navigation data-md-level=0> <label class=md-nav__title for=__drawer> <a href=../index.html title="3Engines Documentation" class="md-nav__button md-logo" aria-label="3Engines Documentation" data-md-component=logo> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54"/></svg> </a> 3Engines Documentation </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../index.html class=md-nav__link> <span class=md-ellipsis> Home </span> </a> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_2> <label class=md-nav__link for=__nav_2 id=__nav_2_label tabindex=0> <span class=md-ellipsis> Cloud </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_2_label aria-expanded=false> <label class=md-nav__title for=__nav_2> <span class="md-nav__icon md-icon"></span> Cloud </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../cloud/cloud.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Dashboard-Overview-Project-Quotas-And-Flavors-Limits-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Dashboard Overview Project Quotas And Flavors Limits on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-access-the-VM-from-OpenStack-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access the VM from OpenStack console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-clone-existing-and-configured-VMs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to clone existing and configured VMs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-fix-unresponsive-console-issue-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to fix unresponsive console issue on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-generate-ec2-credentials-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to generate and manage EC2 credentials on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-generate-or-use-Application-Credentials-via-CLI-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to generate or use Application Credentials via CLI on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-GUI-in-Linux-VM-on-3Engines-Cloud-and-access-it-from-local-Linux-computer.html.html class=md-nav__link> <span class=md-ellipsis> How to Use GUI in Linux VM on 3Engines Cloud and access it From Local Linux Computer </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-To-Create-a-New-Linux-VM-With-NVIDIA-Virtual-GPU-in-the-OpenStack-Dashboard-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How To Create a New Linux VM With NVIDIA Virtual GPU in the OpenStack Dashboard Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-Docker-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install and use Docker on Ubuntu 24.04 </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-Security-Groups-in-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to use Security Groups in Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-key-pair-in-OpenStack-Dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create key pair in OpenStack Dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-new-Linux-VM-in-OpenStack-Dashboard-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create new Linux VM in OpenStack Dashboard Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-install-Python-virtualenv-or-virtualenvwrapper-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install Python virtualenv or virtualenvwrapper on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-start-a-VM-from-a-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to start a VM from a snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Status-Power-State-and-dependences-in-billing-of-instances-VMs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Status Power State and dependencies in billing of instance VMs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-upload-your-custom-image-using-OpenStack-CLI-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to upload your custom image using OpenStack CLI on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/VM-created-with-option-Create-New-Volume-No-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> VM created with option Create New Volume No on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/VM-created-with-option-Create-New-Volume-Yes-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> VM created with option Create New Volume Yes on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-is-an-OpenStack-domain-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What is an OpenStack domain on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-is-an-OpenStack-project-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What is an OpenStack project on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-Linux-VM-and-access-it-from-Windows-desktop-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a Linux VM and access it from Windows desktop on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-Linux-VM-and-access-it-from-Linux-command-line-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a Linux VM and access it from Linux command line on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/DNS-as-a-Service-on-3Engines-Cloud-Hosting.html.html class=md-nav__link> <span class=md-ellipsis> DNS as a Service on 3Engines Cloud Hosting </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-Image-Formats-are-available-in-OpenStack-3Engines-Cloud-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What Image Formats are Available in OpenStack 3Engines Cloud cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-upload-custom-image-to-3Engines-Cloud-cloud-using-OpenStack-Horizon-dashboard.html.html class=md-nav__link> <span class=md-ellipsis> How to upload custom image to 3Engines Cloud cloud using OpenStack Horizon dashboard </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-Windows-VM-on-OpenStack-Horizon-and-access-it-via-web-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create Windows VM on OpenStack Horizon and access it via web console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-transfer-volumes-between-domains-and-projects-using-Horizon-dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to transfer volumes between domains and projects using Horizon dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Spot-instances-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Spot instances on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-instance-snapshot-using-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create instance snapshot using Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-start-a-VM-from-instance-snapshot-using-Horizon-dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to start a VM from instance snapshot using Horizon dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-VM-using-the-OpenStack-CLI-client-on-3Engines-Cloud-cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a VM using the OpenStack CLI client on 3Engines Cloud cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/OpenStack-user-roles-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> OpenStack User Roles on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Resizing-a-virtual-machine-using-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Resizing a virtual machine using OpenStack Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Block-storage-and-object-storage-performance-limits-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Block storage and object storage performance limits on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_3> <label class=md-nav__link for=__nav_3 id=__nav_3_label tabindex=0> <span class=md-ellipsis> Data Volume </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_3_label aria-expanded=false> <label class=md-nav__title for=__nav_3> <span class="md-nav__icon md-icon"></span> Data Volume </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../datavolume/datavolume.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-attach-a-volume-to-VM-less-than-2TB-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to attach a volume to VM less than 2TB on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-attach-a-volume-to-VM-more-than-2TB-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to attach a volume to VM more than 2TB on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Ephemeral-vs-Persistent-storage-option-Create-New-Volume-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Ephemeral vs Persistent storage option Create New Volume on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-export-a-volume-over-NFS-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to export a volume over NFS on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-export-a-volume-over-NFS-outside-of-a-project-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to export a volume over NFS outside of a project on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-extend-the-volume-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to extend the volume in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-mount-object-storage-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to mount object storage in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-move-data-volume-between-two-VMs-using-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to move data volume between two VMs using OpenStack Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-many-objects-can-I-put-into-Object-Storage-container-bucket-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How many objects can I put into Object Storage container bucket on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-create-volume-Snapshot-and-attach-as-Volume-on-Linux-or-Windows-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create volume Snapshot and attach as Volume on Linux or Windows on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Volume-snapshot-inheritance-and-its-consequences-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Volume snapshot inheritance and its consequences on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-To-Create-Backup-Of-Your-Volume-From-Windows-Machine-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create Backup of Your Volume From Windows Machine on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-To-Attach-Volume-To-Windows-VM-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How To Attach Volume To Windows VM On 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-create-or-delete-volume-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create or delete volume snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-restore-volume-from-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to restore volume from snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Bootable-versus-non-bootable-volumes-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Bootable versus non-bootable volumes on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_4> <label class=md-nav__link for=__nav_4 id=__nav_4_label tabindex=0> <span class=md-ellipsis> Networking </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_4_label aria-expanded=false> <label class=md-nav__title for=__nav_4> <span class="md-nav__icon md-icon"></span> Networking </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../networking/networking.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-can-I-access-my-VMs-using-names-instead-of-IP-addresses-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How can I access my VMs using names instead of IP addresses on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-Add-or-Remove-Floating-IPs-to-your-VM-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Add or Remove Floating IPs to your VM on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Cannot-access-VM-with-SSH-or-PING-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Cannot access VM with SSH or PING on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Cannot-ping-VM-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Cannot ping VM on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-connect-to-your-virtual-machine-via-SSH-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to connect to your virtual machine via SSH in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-create-a-network-with-router-in-Horizon-Dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a network with router in Horizon Dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-can-I-open-new-ports-port-80-for-http-for-my-service-or-instance-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How can I open new ports for http for my service or instance on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Generating-a-SSH-keypair-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Generating an SSH keypair in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-add-SSH-key-from-Horizon-web-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to add SSH key from Horizon web console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-is-my-VM-visible-in-the-internet-with-no-Floating-IP-attached-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How is my VM visible in the internet with no Floating IP attached on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-run-and-configure-Firewall-as-a-service-and-VPN-as-a-service-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to run and configure Firewall as a service and VPN as a service on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-Import-SSH-Public-Key-to-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to import SSH public key to OpenStack Horizon on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_5> <label class=md-nav__link for=__nav_5 id=__nav_5_label tabindex=0> <span class=md-ellipsis> S3 </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_5_label aria-expanded=false> <label class=md-nav__title for=__nav_5> <span class="md-nav__icon md-icon"></span> S3 </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../s3/s3.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-delete-large-S3-bucket-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Delete Large S3 Bucket on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-mount-object-storage-container-as-a-file-system-in-Linux-using-s3fs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Mount Object Storage Container as a File System in Linux Using s3fs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/Bucket-sharing-using-s3-bucket-policy-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Bucket sharing using s3 bucket policy on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-use-Object-Storage-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to use Object Storage on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-private-object-storage-using-S3cmd-or-boto3-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access private object storage using S3cmd or boto3 on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-To-Install-boto3-In-Windows-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Install Boto3 in Windows on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/Server-Side-Encryption-with-Customer-Managed-Keys-SSE-C-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Server-Side Encryption with Customer-Managed Keys (SSE-C) on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-mount-object-storage-container-from-3Engines-Cloud-as-file-system-on-local-Windows-computer.html.html class=md-nav__link> <span class=md-ellipsis> How to mount object storage container from 3Engines Cloud as file system on local Windows computer </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-install-s3cmd-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install s3cmd on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-object-storage-from-3Engines-Cloud-using-boto3.html.html class=md-nav__link> <span class=md-ellipsis> How to access object storage from 3Engines Cloud using boto3 </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-object-storage-from-3Engines-Cloud-using-s3cmd.html.html class=md-nav__link> <span class=md-ellipsis> How to access object storage from 3Engines Cloud using s3cmd </span> </a> </li> <li class=md-nav__item> <a href=../s3/Configuration-files-for-s3cmd-command-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Configuration files for s3cmd command on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/S3-bucket-object-versioning-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> S3 bucket object versioning on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_6> <label class=md-nav__link for=__nav_6 id=__nav_6_label tabindex=0> <span class=md-ellipsis> Windows </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_6_label aria-expanded=false> <label class=md-nav__title for=__nav_6> <span class="md-nav__icon md-icon"></span> Windows </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../windows/windows.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-to-access-a-VM-from-Windows-PuTTY-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access a VM from Windows PuTTY on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/Connecting-to-a-Windows-VM-via-RDP-through-a-Linux-bastion-host-port-forwarding-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Connecting to a Windows VM via RDP through a Linux bastion host port forwarding on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-to-connect-to-a-virtual-machine-via-SSH-from-Windows-10-Command-Prompt-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to connect to a virtual machine via SSH from Windows 10 Command Prompt on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-To-Create-SSH-Key-Pair-In-Windows-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create SSH Key Pair in Windows 10 On 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/Can-I-change-my-password-through-RDP-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Can I change my password through RDP on 3Engines Cloud? </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-To-Create-SSH-Key-Pair-In-Windows-11-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create SSH Key Pair in Windows 11 On 3Engines Cloud </span> </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component=sidebar data-md-type=toc> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--secondary" aria-label="On this page"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> On this page </label> <ul class=md-nav__list data-md-component=toc data-md-scrollfix> <li class=md-nav__item> <a href=#what-we-are-going-to-cover class=md-nav__link> <span class=md-ellipsis> What We Are Going To Cover🔗 </span> </a> </li> <li class=md-nav__item> <a href=#prerequisites class=md-nav__link> <span class=md-ellipsis> Prerequisites🔗 </span> </a> </li> <li class=md-nav__item> <a href=#prepare-your-environment class=md-nav__link> <span class=md-ellipsis> Prepare Your Environment🔗 </span> </a> </li> <li class=md-nav__item> <a href=#configure-terraform-for-whitelisting class=md-nav__link> <span class=md-ellipsis> Configure Terraform for whitelisting🔗 </span> </a> </li> <li class=md-nav__item> <a href=#import-existing-load-balancer-listener class=md-nav__link> <span class=md-ellipsis> Import Existing Load Balancer Listener🔗 </span> </a> </li> <li class=md-nav__item> <a href=#run-terraform class=md-nav__link> <span class=md-ellipsis> Run Terraform🔗 </span> </a> </li> <li class=md-nav__item> <a href=#tests class=md-nav__link> <span class=md-ellipsis> Tests🔗 </span> </a> </li> <li class=md-nav__item> <a href=#what-to-do-next class=md-nav__link> <span class=md-ellipsis> What To Do Next🔗 </span> </a> </li> </ul> </nav> </div> </div> </div> <div class=md-content data-md-component=content> <article class="md-content__inner md-typeset"> <h1 id=configuring-ip-whitelisting-for-openstack-load-balancer-using-terraform-on-3engines-cloud>Configuring IP Whitelisting for OpenStack Load Balancer using Terraform on 3Engines Cloud<a href=#configuring-ip-whitelisting-for-openstack-load-balancer-using-terraform-on-brand-name title="Permalink to this headline">🔗</a><a class=headerlink href=#configuring-ip-whitelisting-for-openstack-load-balancer-using-terraform-on-3engines-cloud title="Permanent link">&para;</a></h1> <p>This guide explains how to configure IP whitelisting (<strong>allowed_cidrs</strong>) on an existing OpenStack Load Balancer using Terraform. The configuration will limit access to your cluster through load balancer.</p> <h2 id=what-we-are-going-to-cover>What We Are Going To Cover<a href=#what-we-are-going-to-cover title="Permalink to this headline">🔗</a><a class=headerlink href=#what-we-are-going-to-cover title="Permanent link">&para;</a></h2> <blockquote> <ul> <li>Get necessary load balancer and cluster data from the Prerequisites</li> <li>Create the Terraform Configuration</li> <li>Import Existing Load Balancer Listener</li> <li>Run terraform</li> <li>Test and verify that protection of load balancer via whitelisting works</li> </ul> </blockquote> <h2 id=prerequisites>Prerequisites<a href=#prerequisites title="Permalink to this headline">🔗</a><a class=headerlink href=#prerequisites title="Permanent link">&para;</a></h2> <p>No. 1 <strong>Account</strong></p> <p>You need a 3Engines Cloud hosting account with access to the Horizon interface: <a href=https://horizon.3Engines.com>https://horizon.3Engines.com</a>.</p> <p>No. 2 <strong>Basic parameters already defined for whitelisting</strong></p> <p>See article <a href=Configuring-IP-Whitelisting-for-OpenStack-Load-Balancer-using-Horizon-and-CLI-on-3Engines-Cloud.html.html>Configuring IP Whitelisting for OpenStack Load Balancer using Horizon and CLI on 3Engines Cloud</a> for definition of basic notions and parameters.</p> <p>No. 3 <strong>Terraform installed</strong></p> <p>You will need version 1.50 or higher to be operational.</p> <p>For complete introduction and installation of Terrafom on OpenStack see article <a href=../openstackdev/Generating-and-authorizing-Terraform-using-Keycloak-user-on-3Engines-Cloud.html.html>Generating and authorizing Terraform using Keycloak user on 3Engines Cloud</a></p> <p>No. 4 <strong>Unrestricted application credentials</strong></p> <p>You need to have OpenStack application credentials with unrestricted checkbox. Check article <a href=../cloud/How-to-generate-or-use-Application-Credentials-via-CLI-on-3Engines-Cloud.html.html>How to generate or use Application Credentials via CLI on 3Engines Cloud</a></p> <p>The first part of that article describes how to have installed OpenStack client and connect it to the cloud. With that provision, the quickest way to create an unrestricted application credential is to apply the command like this:</p> <div class=highlight><pre><span></span><code><span id=__span-0-1><a id=__codelineno-0-1 name=__codelineno-0-1 href=#__codelineno-0-1></a>openstack application credential create cred_unrestricted --unrestricted
</span></code></pre></div> <p>That would create an unrestricted credential called <strong>cred_unrestricted</strong>.</p> <p>You can also use Horizon commands <strong>Identity</strong> &gt; <strong>Application Credentials</strong> &gt; <strong>Create Application Credential</strong> and check the appropriate box on:</p> <p><a class=glightbox href=../_images/whitelisting-loadbalancer-1.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting-loadbalancer-1.png src=../_images/whitelisting-loadbalancer-1.png></a></p> <p>Log in to your account using this unrestricted credential.</p> <h2 id=prepare-your-environment>Prepare Your Environment<a href=#prepare-your-environment title="Permalink to this headline">🔗</a><a class=headerlink href=#prepare-your-environment title="Permanent link">&para;</a></h2> <p>Work through article in Prerequisite No. 2 from which we will derive all the input parameters, using Horizon and CLI commands.</p> <p>Also, authenticate through application credential you got from Prerequisite No. 4.</p> <h2 id=configure-terraform-for-whitelisting>Configure Terraform for whitelisting<a href=#configure-terraform-for-whitelisting title="Permalink to this headline">🔗</a><a class=headerlink href=#configure-terraform-for-whitelisting title="Permanent link">&para;</a></h2> <p>Instead of performing the whitelisting procedure manually, we can use Terraform and store the procedure in the remote repo.</p> <p>Create file <strong>openstack_auth.sh</strong></p> <div class=highlight><pre><span></span><code><span id=__span-1-1><a id=__codelineno-1-1 name=__codelineno-1-1 href=#__codelineno-1-1></a>export OS_AUTH_URL=&quot;https://your-openstack-url:5000/v3&quot;
</span><span id=__span-1-2><a id=__codelineno-1-2 name=__codelineno-1-2 href=#__codelineno-1-2></a>export OS_PROJECT_NAME=&quot;your-project&quot;
</span><span id=__span-1-3><a id=__codelineno-1-3 name=__codelineno-1-3 href=#__codelineno-1-3></a>export OS_USERNAME=&quot;your-username&quot;
</span><span id=__span-1-4><a id=__codelineno-1-4 name=__codelineno-1-4 href=#__codelineno-1-4></a>export OS_PASSWORD=&quot;your-password&quot;
</span><span id=__span-1-5><a id=__codelineno-1-5 name=__codelineno-1-5 href=#__codelineno-1-5></a>export OS_REGION_NAME=&quot;your-region&quot;
</span></code></pre></div> <p>Create a new directory for your Terraform configuration and create the following files:</p> <p>Note</p> <p>This example is created for brand new Magnum cluster. You might have to adjust it a bit to suit your needs.</p> <p>Create Terraform file:</p> <p><strong>main.tf</strong></p> <div class=highlight><pre><span></span><code><span id=__span-2-1><a id=__codelineno-2-1 name=__codelineno-2-1 href=#__codelineno-2-1></a>terraform {
</span><span id=__span-2-2><a id=__codelineno-2-2 name=__codelineno-2-2 href=#__codelineno-2-2></a> required_providers {
</span><span id=__span-2-3><a id=__codelineno-2-3 name=__codelineno-2-3 href=#__codelineno-2-3></a> openstack = {
</span><span id=__span-2-4><a id=__codelineno-2-4 name=__codelineno-2-4 href=#__codelineno-2-4></a> source = &quot;terraform-provider-openstack/openstack&quot;
</span><span id=__span-2-5><a id=__codelineno-2-5 name=__codelineno-2-5 href=#__codelineno-2-5></a> version = &quot;1.47.0&quot;
</span><span id=__span-2-6><a id=__codelineno-2-6 name=__codelineno-2-6 href=#__codelineno-2-6></a> }
</span><span id=__span-2-7><a id=__codelineno-2-7 name=__codelineno-2-7 href=#__codelineno-2-7></a> }
</span><span id=__span-2-8><a id=__codelineno-2-8 name=__codelineno-2-8 href=#__codelineno-2-8></a>}
</span><span id=__span-2-9><a id=__codelineno-2-9 name=__codelineno-2-9 href=#__codelineno-2-9></a>
</span><span id=__span-2-10><a id=__codelineno-2-10 name=__codelineno-2-10 href=#__codelineno-2-10></a>provider &quot;openstack&quot; {
</span><span id=__span-2-11><a id=__codelineno-2-11 name=__codelineno-2-11 href=#__codelineno-2-11></a> use_octavia = true # Required for Load Balancer v2 API
</span><span id=__span-2-12><a id=__codelineno-2-12 name=__codelineno-2-12 href=#__codelineno-2-12></a>}
</span></code></pre></div> <p><strong>variables.tf</strong></p> <div class=highlight><pre><span></span><code><span id=__span-3-1><a id=__codelineno-3-1 name=__codelineno-3-1 href=#__codelineno-3-1></a>variable &quot;ID_OF_LOADBALANCER&quot; {
</span><span id=__span-3-2><a id=__codelineno-3-2 name=__codelineno-3-2 href=#__codelineno-3-2></a> type = string
</span><span id=__span-3-3><a id=__codelineno-3-3 name=__codelineno-3-3 href=#__codelineno-3-3></a> description = &quot;ID of the existing OpenStack Load Balancer&quot;
</span><span id=__span-3-4><a id=__codelineno-3-4 name=__codelineno-3-4 href=#__codelineno-3-4></a>}
</span><span id=__span-3-5><a id=__codelineno-3-5 name=__codelineno-3-5 href=#__codelineno-3-5></a>
</span><span id=__span-3-6><a id=__codelineno-3-6 name=__codelineno-3-6 href=#__codelineno-3-6></a>variable &quot;allowed_cidrs&quot; {
</span><span id=__span-3-7><a id=__codelineno-3-7 name=__codelineno-3-7 href=#__codelineno-3-7></a> type = list(string)
</span><span id=__span-3-8><a id=__codelineno-3-8 name=__codelineno-3-8 href=#__codelineno-3-8></a> description = &quot;List of IP ranges in CIDR format to whitelist&quot;
</span><span id=__span-3-9><a id=__codelineno-3-9 name=__codelineno-3-9 href=#__codelineno-3-9></a>}
</span></code></pre></div> <p><strong>terraform.tfvars</strong></p> <div class=highlight><pre><span></span><code><span id=__span-4-1><a id=__codelineno-4-1 name=__codelineno-4-1 href=#__codelineno-4-1></a>ID_OF_LOADBALANCER = &quot;your-lb-id&quot;
</span><span id=__span-4-2><a id=__codelineno-4-2 name=__codelineno-4-2 href=#__codelineno-4-2></a>allowed_cidrs = [
</span><span id=__span-4-3><a id=__codelineno-4-3 name=__codelineno-4-3 href=#__codelineno-4-3></a> &quot;10.0.0.1/32&quot;, # Single IP address
</span><span id=__span-4-4><a id=__codelineno-4-4 name=__codelineno-4-4 href=#__codelineno-4-4></a> &quot;192.168.1.0/24&quot;, # IP range
</span><span id=__span-4-5><a id=__codelineno-4-5 name=__codelineno-4-5 href=#__codelineno-4-5></a> &quot;172.16.0.0/16&quot; # Larger subnet
</span><span id=__span-4-6><a id=__codelineno-4-6 name=__codelineno-4-6 href=#__codelineno-4-6></a>]
</span></code></pre></div> <p><strong>lb.tf</strong></p> <div class=highlight><pre><span></span><code><span id=__span-5-1><a id=__codelineno-5-1 name=__codelineno-5-1 href=#__codelineno-5-1></a>resource &quot;openstack_lb_listener_v2&quot; &quot;k8s_api_listener&quot; {
</span><span id=__span-5-2><a id=__codelineno-5-2 name=__codelineno-5-2 href=#__codelineno-5-2></a> loadbalancer_id = var.ID_OF_LOADBALANCER
</span><span id=__span-5-3><a id=__codelineno-5-3 name=__codelineno-5-3 href=#__codelineno-5-3></a> allowed_cidrs = var.allowed_cidrs
</span><span id=__span-5-4><a id=__codelineno-5-4 name=__codelineno-5-4 href=#__codelineno-5-4></a> protocol_port = &quot;6443&quot;
</span><span id=__span-5-5><a id=__codelineno-5-5 name=__codelineno-5-5 href=#__codelineno-5-5></a> protocol = &quot;TCP&quot;
</span><span id=__span-5-6><a id=__codelineno-5-6 name=__codelineno-5-6 href=#__codelineno-5-6></a>}
</span></code></pre></div> <h2 id=import-existing-load-balancer-listener>Import Existing Load Balancer Listener<a href=#import-existing-load-balancer-listener title="Permalink to this headline">🔗</a><a class=headerlink href=#import-existing-load-balancer-listener title="Permanent link">&para;</a></h2> <p>Since Terraform 1.5 can import your resource in declarative way.</p> <p><strong>import.tf</strong></p> <div class=highlight><pre><span></span><code><span id=__span-6-1><a id=__codelineno-6-1 name=__codelineno-6-1 href=#__codelineno-6-1></a>import {
</span><span id=__span-6-2><a id=__codelineno-6-2 name=__codelineno-6-2 href=#__codelineno-6-2></a> to = openstack_lb_listener_v2.k8s_api_listener
</span><span id=__span-6-3><a id=__codelineno-6-3 name=__codelineno-6-3 href=#__codelineno-6-3></a> id = &quot;your-listener-id&quot;
</span><span id=__span-6-4><a id=__codelineno-6-4 name=__codelineno-6-4 href=#__codelineno-6-4></a>}
</span></code></pre></div> <p>Or you can do it in an imperative way:</p> <div class=highlight><pre><span></span><code><span id=__span-7-1><a id=__codelineno-7-1 name=__codelineno-7-1 href=#__codelineno-7-1></a>terraform import openstack_lb_listener_v2.k8s_api_listener &quot;&lt;your-listener-id&gt;&quot;
</span></code></pre></div> <h2 id=run-terraform>Run Terraform<a href=#run-terraform title="Permalink to this headline">🔗</a><a class=headerlink href=#run-terraform title="Permanent link">&para;</a></h2> <p><strong>Terraform Execute</strong></p> <div class=highlight><pre><span></span><code><span id=__span-8-1><a id=__codelineno-8-1 name=__codelineno-8-1 href=#__codelineno-8-1></a>terraform init
</span><span id=__span-8-2><a id=__codelineno-8-2 name=__codelineno-8-2 href=#__codelineno-8-2></a>terraform plan -out=generated_listener.tf
</span><span id=__span-8-3><a id=__codelineno-8-3 name=__codelineno-8-3 href=#__codelineno-8-3></a>terraform apply generated_listener.tf
</span></code></pre></div> <p><strong>Example output:</strong></p> <p><strong>teraform output</strong></p> <div class=highlight><pre><span></span><code><span id=__span-9-1><a id=__codelineno-9-1 name=__codelineno-9-1 href=#__codelineno-9-1></a>Terraform apply generated_listener.tf
</span><span id=__span-9-2><a id=__codelineno-9-2 name=__codelineno-9-2 href=#__codelineno-9-2></a>openstack_lb_listener_v2.k8s_api_listener: Preparing import... [id=bbf39f1c-6936-4344-9957-7517d4a979b6]
</span><span id=__span-9-3><a id=__codelineno-9-3 name=__codelineno-9-3 href=#__codelineno-9-3></a>openstack_lb_listener_v2.k8s_api_listener: Refreshing state... [id=bbf39f1c-6936-4344-9957-7517d4a979b6]
</span><span id=__span-9-4><a id=__codelineno-9-4 name=__codelineno-9-4 href=#__codelineno-9-4></a>
</span><span id=__span-9-5><a id=__codelineno-9-5 name=__codelineno-9-5 href=#__codelineno-9-5></a>Terraform used the selected providers to generate the following execution
</span><span id=__span-9-6><a id=__codelineno-9-6 name=__codelineno-9-6 href=#__codelineno-9-6></a>plan. Resource actions are indicated with the following symbols:
</span><span id=__span-9-7><a id=__codelineno-9-7 name=__codelineno-9-7 href=#__codelineno-9-7></a> ~ update in-place
</span><span id=__span-9-8><a id=__codelineno-9-8 name=__codelineno-9-8 href=#__codelineno-9-8></a>
</span><span id=__span-9-9><a id=__codelineno-9-9 name=__codelineno-9-9 href=#__codelineno-9-9></a>Terraform will perform the following actions:
</span><span id=__span-9-10><a id=__codelineno-9-10 name=__codelineno-9-10 href=#__codelineno-9-10></a>
</span><span id=__span-9-11><a id=__codelineno-9-11 name=__codelineno-9-11 href=#__codelineno-9-11></a> # openstack_lb_listener_v2.k8s_api_listener will be updated in-place
</span><span id=__span-9-12><a id=__codelineno-9-12 name=__codelineno-9-12 href=#__codelineno-9-12></a> # (imported from &quot;bbf39f1c-6936-4344-9957-7517d4a979b6&quot;)
</span><span id=__span-9-13><a id=__codelineno-9-13 name=__codelineno-9-13 href=#__codelineno-9-13></a> ~ resource &quot;openstack_lb_listener_v2&quot; &quot;k8s_api_listener&quot; {
</span><span id=__span-9-14><a id=__codelineno-9-14 name=__codelineno-9-14 href=#__codelineno-9-14></a> admin_state_up = true
</span><span id=__span-9-15><a id=__codelineno-9-15 name=__codelineno-9-15 href=#__codelineno-9-15></a> ~ allowed_cidrs = [
</span><span id=__span-9-16><a id=__codelineno-9-16 name=__codelineno-9-16 href=#__codelineno-9-16></a> + &quot;10.0.0.1/32&quot;,
</span><span id=__span-9-17><a id=__codelineno-9-17 name=__codelineno-9-17 href=#__codelineno-9-17></a> ]
</span><span id=__span-9-18><a id=__codelineno-9-18 name=__codelineno-9-18 href=#__codelineno-9-18></a> connection_limit = -1
</span><span id=__span-9-19><a id=__codelineno-9-19 name=__codelineno-9-19 href=#__codelineno-9-19></a> default_pool_id = &quot;5991eacc-5869-4205-a646-d27646ccb216&quot;
</span><span id=__span-9-20><a id=__codelineno-9-20 name=__codelineno-9-20 href=#__codelineno-9-20></a> default_tls_container_ref = null
</span><span id=__span-9-21><a id=__codelineno-9-21 name=__codelineno-9-21 href=#__codelineno-9-21></a> description = null
</span><span id=__span-9-22><a id=__codelineno-9-22 name=__codelineno-9-22 href=#__codelineno-9-22></a> id = &quot;bbf39f1c-6936-4344-9957-7517d4a979b6&quot;
</span><span id=__span-9-23><a id=__codelineno-9-23 name=__codelineno-9-23 href=#__codelineno-9-23></a> insert_headers = {}
</span><span id=__span-9-24><a id=__codelineno-9-24 name=__codelineno-9-24 href=#__codelineno-9-24></a> loadbalancer_id = &quot;2d6b335f-fb05-4496-8593-887f7e2c49cf&quot;
</span><span id=__span-9-25><a id=__codelineno-9-25 name=__codelineno-9-25 href=#__codelineno-9-25></a> name = &quot;lb-testing-ih347dstxyl2-api_lb_fixed-w2im3obvdv2p-listener-t36tocd4onxk&quot;
</span><span id=__span-9-26><a id=__codelineno-9-26 name=__codelineno-9-26 href=#__codelineno-9-26></a> protocol = &quot;TCP&quot;
</span><span id=__span-9-27><a id=__codelineno-9-27 name=__codelineno-9-27 href=#__codelineno-9-27></a> protocol_port = 6443
</span><span id=__span-9-28><a id=__codelineno-9-28 name=__codelineno-9-28 href=#__codelineno-9-28></a> region = &quot;&lt;concealed by 1Password&gt;&quot;
</span><span id=__span-9-29><a id=__codelineno-9-29 name=__codelineno-9-29 href=#__codelineno-9-29></a> sni_container_refs = []
</span><span id=__span-9-30><a id=__codelineno-9-30 name=__codelineno-9-30 href=#__codelineno-9-30></a> tenant_id = &quot;&lt;concealed by 1Password&gt;&quot;
</span><span id=__span-9-31><a id=__codelineno-9-31 name=__codelineno-9-31 href=#__codelineno-9-31></a> timeout_client_data = 50000
</span><span id=__span-9-32><a id=__codelineno-9-32 name=__codelineno-9-32 href=#__codelineno-9-32></a> timeout_member_connect = 5000
</span><span id=__span-9-33><a id=__codelineno-9-33 name=__codelineno-9-33 href=#__codelineno-9-33></a> timeout_member_data = 50000
</span><span id=__span-9-34><a id=__codelineno-9-34 name=__codelineno-9-34 href=#__codelineno-9-34></a> timeout_tcp_inspect = 0
</span><span id=__span-9-35><a id=__codelineno-9-35 name=__codelineno-9-35 href=#__codelineno-9-35></a>
</span><span id=__span-9-36><a id=__codelineno-9-36 name=__codelineno-9-36 href=#__codelineno-9-36></a> - timeouts {}
</span><span id=__span-9-37><a id=__codelineno-9-37 name=__codelineno-9-37 href=#__codelineno-9-37></a> }
</span><span id=__span-9-38><a id=__codelineno-9-38 name=__codelineno-9-38 href=#__codelineno-9-38></a>
</span><span id=__span-9-39><a id=__codelineno-9-39 name=__codelineno-9-39 href=#__codelineno-9-39></a>Plan: 1 to import, 0 to add, 1 to change, 0 to destroy.
</span></code></pre></div> <h2 id=tests>Tests<a href=#tests title="Permalink to this headline">🔗</a><a class=headerlink href=#tests title="Permanent link">&para;</a></h2> <p>By default, Magnum LB does not have any access restrictions.</p> <p>Before changes:</p> <div class=highlight><pre><span></span><code><span id=__span-10-1><a id=__codelineno-10-1 name=__codelineno-10-1 href=#__codelineno-10-1></a>curl -k https://&lt;KUBE_API_IP&gt;:6443/livez?verbose
</span><span id=__span-10-2><a id=__codelineno-10-2 name=__codelineno-10-2 href=#__codelineno-10-2></a>[+]ping ok
</span><span id=__span-10-3><a id=__codelineno-10-3 name=__codelineno-10-3 href=#__codelineno-10-3></a>[+]log ok
</span><span id=__span-10-4><a id=__codelineno-10-4 name=__codelineno-10-4 href=#__codelineno-10-4></a>[+]etcd ok
</span><span id=__span-10-5><a id=__codelineno-10-5 name=__codelineno-10-5 href=#__codelineno-10-5></a>[+]poststarthook/start-kube-apiserver-admission-initializer ok
</span><span id=__span-10-6><a id=__codelineno-10-6 name=__codelineno-10-6 href=#__codelineno-10-6></a>[+]poststarthook/generic-apiserver-start-informers ok
</span><span id=__span-10-7><a id=__codelineno-10-7 name=__codelineno-10-7 href=#__codelineno-10-7></a>[+]poststarthook/priority-and-fairness-config-consumer ok
</span><span id=__span-10-8><a id=__codelineno-10-8 name=__codelineno-10-8 href=#__codelineno-10-8></a>[+]poststarthook/priority-and-fairness-filter ok
</span><span id=__span-10-9><a id=__codelineno-10-9 name=__codelineno-10-9 href=#__codelineno-10-9></a>[+]poststarthook/storage-object-count-tracker-hook ok
</span><span id=__span-10-10><a id=__codelineno-10-10 name=__codelineno-10-10 href=#__codelineno-10-10></a>[+]poststarthook/start-apiextensions-informers ok
</span><span id=__span-10-11><a id=__codelineno-10-11 name=__codelineno-10-11 href=#__codelineno-10-11></a>[+]poststarthook/start-apiextensions-controllers ok
</span><span id=__span-10-12><a id=__codelineno-10-12 name=__codelineno-10-12 href=#__codelineno-10-12></a>[+]poststarthook/crd-informer-synced ok
</span><span id=__span-10-13><a id=__codelineno-10-13 name=__codelineno-10-13 href=#__codelineno-10-13></a>[+]poststarthook/start-system-namespaces-controller ok
</span><span id=__span-10-14><a id=__codelineno-10-14 name=__codelineno-10-14 href=#__codelineno-10-14></a>[+]poststarthook/bootstrap-controller ok
</span><span id=__span-10-15><a id=__codelineno-10-15 name=__codelineno-10-15 href=#__codelineno-10-15></a>[+]poststarthook/rbac/bootstrap-roles ok
</span><span id=__span-10-16><a id=__codelineno-10-16 name=__codelineno-10-16 href=#__codelineno-10-16></a>[+]poststarthook/scheduling/bootstrap-system-priority-classes ok
</span><span id=__span-10-17><a id=__codelineno-10-17 name=__codelineno-10-17 href=#__codelineno-10-17></a>[+]poststarthook/priority-and-fairness-config-producer ok
</span><span id=__span-10-18><a id=__codelineno-10-18 name=__codelineno-10-18 href=#__codelineno-10-18></a>[+]poststarthook/start-cluster-authentication-info-controller ok
</span><span id=__span-10-19><a id=__codelineno-10-19 name=__codelineno-10-19 href=#__codelineno-10-19></a>[+]poststarthook/start-kube-apiserver-identity-lease-controller ok
</span><span id=__span-10-20><a id=__codelineno-10-20 name=__codelineno-10-20 href=#__codelineno-10-20></a>[+]poststarthook/start-deprecated-kube-apiserver-identity-lease-garbage-collector ok
</span><span id=__span-10-21><a id=__codelineno-10-21 name=__codelineno-10-21 href=#__codelineno-10-21></a>[+]poststarthook/start-kube-apiserver-identity-lease-garbage-collector ok
</span><span id=__span-10-22><a id=__codelineno-10-22 name=__codelineno-10-22 href=#__codelineno-10-22></a>[+]poststarthook/start-legacy-token-tracking-controller ok
</span><span id=__span-10-23><a id=__codelineno-10-23 name=__codelineno-10-23 href=#__codelineno-10-23></a>[+]poststarthook/aggregator-reload-proxy-client-cert ok
</span><span id=__span-10-24><a id=__codelineno-10-24 name=__codelineno-10-24 href=#__codelineno-10-24></a>[+]poststarthook/start-kube-aggregator-informers ok
</span><span id=__span-10-25><a id=__codelineno-10-25 name=__codelineno-10-25 href=#__codelineno-10-25></a>[+]poststarthook/apiservice-registration-controller ok
</span><span id=__span-10-26><a id=__codelineno-10-26 name=__codelineno-10-26 href=#__codelineno-10-26></a>[+]poststarthook/apiservice-status-available-controller ok
</span><span id=__span-10-27><a id=__codelineno-10-27 name=__codelineno-10-27 href=#__codelineno-10-27></a>[+]poststarthook/kube-apiserver-autoregistration ok
</span><span id=__span-10-28><a id=__codelineno-10-28 name=__codelineno-10-28 href=#__codelineno-10-28></a>[+]autoregister-completion ok
</span><span id=__span-10-29><a id=__codelineno-10-29 name=__codelineno-10-29 href=#__codelineno-10-29></a>[+]poststarthook/apiservice-openapi-controller ok
</span><span id=__span-10-30><a id=__codelineno-10-30 name=__codelineno-10-30 href=#__codelineno-10-30></a>[+]poststarthook/apiservice-openapiv3-controller ok
</span><span id=__span-10-31><a id=__codelineno-10-31 name=__codelineno-10-31 href=#__codelineno-10-31></a>[+]poststarthook/apiservice-discovery-controller ok
</span><span id=__span-10-32><a id=__codelineno-10-32 name=__codelineno-10-32 href=#__codelineno-10-32></a>livez check passed
</span></code></pre></div> <p><strong>After:</strong></p> <div class=highlight><pre><span></span><code><span id=__span-11-1><a id=__codelineno-11-1 name=__codelineno-11-1 href=#__codelineno-11-1></a>curl -k https://&lt;KUBE_API_IP&gt;:6443/livez?verbose -m 5
</span><span id=__span-11-2><a id=__codelineno-11-2 name=__codelineno-11-2 href=#__codelineno-11-2></a>curl: (28) Connection timed out after 5000 milliseconds
</span></code></pre></div> <h2 id=what-to-do-next>What To Do Next<a href=#what-to-do-next title="Permalink to this headline">🔗</a><a class=headerlink href=#what-to-do-next title="Permanent link">&para;</a></h2> <p>Compare with <a href=Implementing-IP-Whitelisting-for-Load-Balancers-with-Security-Groups-on-3Engines-Cloud.html.html>Implementing IP Whitelisting for Load Balancers with Security Groups on 3Engines Cloud</a></p> </article> </div> <script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script> </div> <button type=button class="md-top md-icon" data-md-component=top hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8z"/></svg> Back to top </button> </main> <footer class=md-footer> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a> </div> </div> </div> </footer> </div> <div class=md-dialog data-md-component=dialog> <div class="md-dialog__inner md-typeset"></div> </div> <script id=__config type=application/json>{"base": "..", "features": ["content.code.annotate", "content.code.copy", "content.tooltips", "navigation.tabs", "navigation.sections", "navigation.footer", "navigation.indexes", "navigation.sections", "navigation.top", "navigation.tracking", "search.highlight", "search.share", "search.suggest", "toc.follow"], "search": "../assets/javascripts/workers/search.d50fe291.min.js", "tags": null, "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": null}</script> <script src=../assets/javascripts/bundle.13a4f30d.min.js></script> <script id="init-glightbox">const lightbox = GLightbox({"touchNavigation": false, "loop": false, "zoomable": true, "draggable": true, "openEffect": "zoom", "closeEffect": "zoom", "slideEffect": "slide"});
document$.subscribe(() => { lightbox.reload() });
</script></body> </html>
Reference in New Issue View Git Blame Copy Permalink