admin/3engines_doc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a5b218a130d4745260f0426270df080b341d125
3engines_doc/site/kubernetes/Implementing-IP-Whitelisting-for-Load-Balancers-with-Security-Groups-on-3Engines-Cloud.html.html
govardhan 5a5b218a13 build site generated
2025-06-19 21:50:45 +05:30

108 lines
64 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Documentation for 3Engines services and products"><meta name=author content=3Engines><link rel=canonical href=https://docs.3Engines.com/kubernetes/Implementing-IP-Whitelisting-for-Load-Balancers-with-Security-Groups-on-3Engines-Cloud.html.html><link rel=icon href=../assets/favicon.ico><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.6.14"><title>Implementing IP Whitelisting for Load Balancers with Security Groups on 3Engines Cloud🔗 - 3Engines Documentation</title><link rel=stylesheet href=../assets/stylesheets/main.342714a4.min.css><link rel=stylesheet href=../assets/stylesheets/palette.06af60db.min.css><script src=https://unpkg.com/iframe-worker/shim></script><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../stylesheets/extra.css><script>__md_scope=new URL("..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script> <link href="../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
html.glightbox-open { overflow: initial; height: 100%; }
.gslide-title { margin-top: 0px; user-select: text; }
.gslide-desc { color: #666; user-select: text; }
.gslide-image img { background: white; }
.gscrollbar-fixer { padding-right: 15px; }
.gdesc-inner { font-size: 0.75rem; }
body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);}
body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);}
body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}</style> <script src="../assets/javascripts/glightbox.min.js"></script></head> <body dir=ltr data-md-color-scheme=default data-md-color-primary=blue-grey data-md-color-accent=indigo> <input class=md-toggle data-md-toggle=drawer type=checkbox id=__drawer autocomplete=off> <input class=md-toggle data-md-toggle=search type=checkbox id=__search autocomplete=off> <label class=md-overlay for=__drawer></label> <div data-md-component=skip> <a href=#implementing-ip-whitelisting-for-load-balancers-with-security-groups-on-3engines-cloud class=md-skip> Skip to content </a> </div> <div data-md-component=announce> </div> <header class=md-header data-md-component=header> <nav class="md-header__inner md-grid" aria-label=Header> <a href=../index.html title="3Engines Documentation" class="md-header__button md-logo" aria-label="3Engines Documentation" data-md-component=logo> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54"/></svg> </a> <label class="md-header__button md-icon" for=__drawer> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M3 6h18v2H3zm0 5h18v2H3zm0 5h18v2H3z"/></svg> </label> <div class=md-header__title data-md-component=header-title> <div class=md-header__ellipsis> <div class=md-header__topic> <span class=md-ellipsis> 3Engines Documentation </span> </div> <div class=md-header__topic data-md-component=header-topic> <span class=md-ellipsis> Implementing IP Whitelisting for Load Balancers with Security Groups on 3Engines Cloud🔗 </span> </div> </div> </div> <form class=md-header__option data-md-component=palette> <input class=md-option data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme=default data-md-color-primary=blue-grey data-md-color-accent=indigo aria-label="Switch to dark mode" type=radio name=__palette id=__palette_0> <label class="md-header__button md-icon" title="Switch to dark mode" for=__palette_1 hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a4 4 0 0 0-4 4 4 4 0 0 0 4 4 4 4 0 0 0 4-4 4 4 0 0 0-4-4m0 10a6 6 0 0 1-6-6 6 6 0 0 1 6-6 6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg> </label> <input class=md-option data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme=slate data-md-color-primary=indigo data-md-color-accent=indigo aria-label="Switch to light mode" type=radio name=__palette id=__palette_1> <label class="md-header__button md-icon" title="Switch to light mode" for=__palette_0 hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 18c-.89 0-1.74-.2-2.5-.55C11.56 16.5 13 14.42 13 12s-1.44-4.5-3.5-5.45C10.26 6.2 11.11 6 12 6a6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg> </label> </form> <script>var palette=__md_get("__palette");if(palette&&palette.color){if("(prefers-color-scheme)"===palette.color.media){var media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']");palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent")}for(var[key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script> <label class="md-header__button md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg> </label> <div class=md-search data-md-component=search role=dialog> <label class=md-search__overlay for=__search></label> <div class=md-search__inner role=search> <form class=md-search__form name=search> <input type=text class=md-search__input name=query aria-label=Search placeholder=Search autocapitalize=off autocorrect=off autocomplete=off spellcheck=false data-md-component=search-query required> <label class="md-search__icon md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg> </label> <nav class=md-search__options aria-label=Search> <a href=javascript:void(0) class="md-search__icon md-icon" title=Share aria-label=Share data-clipboard data-clipboard-text data-md-component=search-share tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M18 16.08c-.76 0-1.44.3-1.96.77L8.91 12.7c.05-.23.09-.46.09-.7s-.04-.47-.09-.7l7.05-4.11c.54.5 1.25.81 2.04.81a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3c0 .24.04.47.09.7L8.04 9.81C7.5 9.31 6.79 9 6 9a3 3 0 0 0-3 3 3 3 0 0 0 3 3c.79 0 1.5-.31 2.04-.81l7.12 4.15c-.05.21-.08.43-.08.66 0 1.61 1.31 2.91 2.92 2.91s2.92-1.3 2.92-2.91A2.92 2.92 0 0 0 18 16.08"/></svg> </a> <button type=reset class="md-search__icon md-icon" title=Clear aria-label=Clear tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12z"/></svg> </button> </nav> <div class=md-search__suggest data-md-component=search-suggest></div> </form> <div class=md-search__output> <div class=md-search__scrollwrap tabindex=0 data-md-scrollfix> <div class=md-search-result data-md-component=search-result> <div class=md-search-result__meta> Initializing search </div> <ol class=md-search-result__list role=presentation></ol> </div> </div> </div> </div> </div> </nav> </header> <div class=md-container data-md-component=container> <nav class=md-tabs aria-label=Tabs data-md-component=tabs> <div class=md-grid> <ul class=md-tabs__list> <li class=md-tabs__item> <a href=../index.html class=md-tabs__link> Home </a> </li> <li class=md-tabs__item> <a href=../cloud/cloud.html.html class=md-tabs__link> Cloud </a> </li> <li class=md-tabs__item> <a href=../datavolume/datavolume.html.html class=md-tabs__link> Data Volume </a> </li> <li class=md-tabs__item> <a href=../networking/networking.html.html class=md-tabs__link> Networking </a> </li> <li class=md-tabs__item> <a href=../s3/s3.html.html class=md-tabs__link> S3 </a> </li> <li class=md-tabs__item> <a href=../windows/windows.html.html class=md-tabs__link> Windows </a> </li> </ul> </div> </nav> <main class=md-main data-md-component=main> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component=sidebar data-md-type=navigation> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--primary md-nav--lifted" aria-label=Navigation data-md-level=0> <label class=md-nav__title for=__drawer> <a href=../index.html title="3Engines Documentation" class="md-nav__button md-logo" aria-label="3Engines Documentation" data-md-component=logo> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54"/></svg> </a> 3Engines Documentation </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../index.html class=md-nav__link> <span class=md-ellipsis> Home </span> </a> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_2> <label class=md-nav__link for=__nav_2 id=__nav_2_label tabindex=0> <span class=md-ellipsis> Cloud </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_2_label aria-expanded=false> <label class=md-nav__title for=__nav_2> <span class="md-nav__icon md-icon"></span> Cloud </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../cloud/cloud.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Dashboard-Overview-Project-Quotas-And-Flavors-Limits-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Dashboard Overview Project Quotas And Flavors Limits on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-access-the-VM-from-OpenStack-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access the VM from OpenStack console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-clone-existing-and-configured-VMs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to clone existing and configured VMs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-fix-unresponsive-console-issue-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to fix unresponsive console issue on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-generate-ec2-credentials-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to generate and manage EC2 credentials on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-generate-or-use-Application-Credentials-via-CLI-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to generate or use Application Credentials via CLI on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-GUI-in-Linux-VM-on-3Engines-Cloud-and-access-it-from-local-Linux-computer.html.html class=md-nav__link> <span class=md-ellipsis> How to Use GUI in Linux VM on 3Engines Cloud and access it From Local Linux Computer </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-To-Create-a-New-Linux-VM-With-NVIDIA-Virtual-GPU-in-the-OpenStack-Dashboard-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How To Create a New Linux VM With NVIDIA Virtual GPU in the OpenStack Dashboard Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-Docker-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install and use Docker on Ubuntu 24.04 </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-use-Security-Groups-in-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to use Security Groups in Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-key-pair-in-OpenStack-Dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create key pair in OpenStack Dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-new-Linux-VM-in-OpenStack-Dashboard-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create new Linux VM in OpenStack Dashboard Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-install-Python-virtualenv-or-virtualenvwrapper-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install Python virtualenv or virtualenvwrapper on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-start-a-VM-from-a-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to start a VM from a snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Status-Power-State-and-dependences-in-billing-of-instances-VMs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Status Power State and dependencies in billing of instance VMs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-upload-your-custom-image-using-OpenStack-CLI-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to upload your custom image using OpenStack CLI on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/VM-created-with-option-Create-New-Volume-No-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> VM created with option Create New Volume No on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/VM-created-with-option-Create-New-Volume-Yes-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> VM created with option Create New Volume Yes on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-is-an-OpenStack-domain-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What is an OpenStack domain on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-is-an-OpenStack-project-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What is an OpenStack project on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-Linux-VM-and-access-it-from-Windows-desktop-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a Linux VM and access it from Windows desktop on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-Linux-VM-and-access-it-from-Linux-command-line-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a Linux VM and access it from Linux command line on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/DNS-as-a-Service-on-3Engines-Cloud-Hosting.html.html class=md-nav__link> <span class=md-ellipsis> DNS as a Service on 3Engines Cloud Hosting </span> </a> </li> <li class=md-nav__item> <a href=../cloud/What-Image-Formats-are-available-in-OpenStack-3Engines-Cloud-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> What Image Formats are Available in OpenStack 3Engines Cloud cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-upload-custom-image-to-3Engines-Cloud-cloud-using-OpenStack-Horizon-dashboard.html.html class=md-nav__link> <span class=md-ellipsis> How to upload custom image to 3Engines Cloud cloud using OpenStack Horizon dashboard </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-Windows-VM-on-OpenStack-Horizon-and-access-it-via-web-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create Windows VM on OpenStack Horizon and access it via web console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-transfer-volumes-between-domains-and-projects-using-Horizon-dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to transfer volumes between domains and projects using Horizon dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Spot-instances-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Spot instances on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-instance-snapshot-using-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create instance snapshot using Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-start-a-VM-from-instance-snapshot-using-Horizon-dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to start a VM from instance snapshot using Horizon dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/How-to-create-a-VM-using-the-OpenStack-CLI-client-on-3Engines-Cloud-cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a VM using the OpenStack CLI client on 3Engines Cloud cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/OpenStack-user-roles-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> OpenStack User Roles on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Resizing-a-virtual-machine-using-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Resizing a virtual machine using OpenStack Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../cloud/Block-storage-and-object-storage-performance-limits-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Block storage and object storage performance limits on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_3> <label class=md-nav__link for=__nav_3 id=__nav_3_label tabindex=0> <span class=md-ellipsis> Data Volume </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_3_label aria-expanded=false> <label class=md-nav__title for=__nav_3> <span class="md-nav__icon md-icon"></span> Data Volume </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../datavolume/datavolume.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-attach-a-volume-to-VM-less-than-2TB-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to attach a volume to VM less than 2TB on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-attach-a-volume-to-VM-more-than-2TB-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to attach a volume to VM more than 2TB on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Ephemeral-vs-Persistent-storage-option-Create-New-Volume-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Ephemeral vs Persistent storage option Create New Volume on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-export-a-volume-over-NFS-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to export a volume over NFS on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-export-a-volume-over-NFS-outside-of-a-project-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to export a volume over NFS outside of a project on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-extend-the-volume-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to extend the volume in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-mount-object-storage-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to mount object storage in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-move-data-volume-between-two-VMs-using-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to move data volume between two VMs using OpenStack Horizon on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-many-objects-can-I-put-into-Object-Storage-container-bucket-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How many objects can I put into Object Storage container bucket on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-create-volume-Snapshot-and-attach-as-Volume-on-Linux-or-Windows-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create volume Snapshot and attach as Volume on Linux or Windows on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Volume-snapshot-inheritance-and-its-consequences-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Volume snapshot inheritance and its consequences on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-To-Create-Backup-Of-Your-Volume-From-Windows-Machine-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create Backup of Your Volume From Windows Machine on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-To-Attach-Volume-To-Windows-VM-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How To Attach Volume To Windows VM On 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-create-or-delete-volume-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create or delete volume snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/How-to-restore-volume-from-snapshot-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to restore volume from snapshot on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../datavolume/Bootable-versus-non-bootable-volumes-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Bootable versus non-bootable volumes on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_4> <label class=md-nav__link for=__nav_4 id=__nav_4_label tabindex=0> <span class=md-ellipsis> Networking </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_4_label aria-expanded=false> <label class=md-nav__title for=__nav_4> <span class="md-nav__icon md-icon"></span> Networking </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../networking/networking.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-can-I-access-my-VMs-using-names-instead-of-IP-addresses-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How can I access my VMs using names instead of IP addresses on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-Add-or-Remove-Floating-IPs-to-your-VM-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Add or Remove Floating IPs to your VM on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Cannot-access-VM-with-SSH-or-PING-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Cannot access VM with SSH or PING on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Cannot-ping-VM-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Cannot ping VM on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-connect-to-your-virtual-machine-via-SSH-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to connect to your virtual machine via SSH in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-create-a-network-with-router-in-Horizon-Dashboard-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to create a network with router in Horizon Dashboard on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-can-I-open-new-ports-port-80-for-http-for-my-service-or-instance-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How can I open new ports for http for my service or instance on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/Generating-a-SSH-keypair-in-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Generating an SSH keypair in Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-add-SSH-key-from-Horizon-web-console-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to add SSH key from Horizon web console on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-is-my-VM-visible-in-the-internet-with-no-Floating-IP-attached-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How is my VM visible in the internet with no Floating IP attached on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-run-and-configure-Firewall-as-a-service-and-VPN-as-a-service-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to run and configure Firewall as a service and VPN as a service on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../networking/How-to-Import-SSH-Public-Key-to-OpenStack-Horizon-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to import SSH public key to OpenStack Horizon on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_5> <label class=md-nav__link for=__nav_5 id=__nav_5_label tabindex=0> <span class=md-ellipsis> S3 </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_5_label aria-expanded=false> <label class=md-nav__title for=__nav_5> <span class="md-nav__icon md-icon"></span> S3 </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../s3/s3.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-delete-large-S3-bucket-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Delete Large S3 Bucket on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-mount-object-storage-container-as-a-file-system-in-Linux-using-s3fs-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Mount Object Storage Container as a File System in Linux Using s3fs on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/Bucket-sharing-using-s3-bucket-policy-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Bucket sharing using s3 bucket policy on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-use-Object-Storage-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to use Object Storage on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-private-object-storage-using-S3cmd-or-boto3-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access private object storage using S3cmd or boto3 on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-To-Install-boto3-In-Windows-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Install Boto3 in Windows on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/Server-Side-Encryption-with-Customer-Managed-Keys-SSE-C-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Server-Side Encryption with Customer-Managed Keys (SSE-C) on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-mount-object-storage-container-from-3Engines-Cloud-as-file-system-on-local-Windows-computer.html.html class=md-nav__link> <span class=md-ellipsis> How to mount object storage container from 3Engines Cloud as file system on local Windows computer </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-install-s3cmd-on-Linux-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to install s3cmd on Linux on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-object-storage-from-3Engines-Cloud-using-boto3.html.html class=md-nav__link> <span class=md-ellipsis> How to access object storage from 3Engines Cloud using boto3 </span> </a> </li> <li class=md-nav__item> <a href=../s3/How-to-access-object-storage-from-3Engines-Cloud-using-s3cmd.html.html class=md-nav__link> <span class=md-ellipsis> How to access object storage from 3Engines Cloud using s3cmd </span> </a> </li> <li class=md-nav__item> <a href=../s3/Configuration-files-for-s3cmd-command-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Configuration files for s3cmd command on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../s3/S3-bucket-object-versioning-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> S3 bucket object versioning on 3Engines Cloud </span> </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " type=checkbox id=__nav_6> <label class=md-nav__link for=__nav_6 id=__nav_6_label tabindex=0> <span class=md-ellipsis> Windows </span> <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav data-md-level=1 aria-labelledby=__nav_6_label aria-expanded=false> <label class=md-nav__title for=__nav_6> <span class="md-nav__icon md-icon"></span> Windows </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../windows/windows.html.html class=md-nav__link> <span class=md-ellipsis> Overview </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-to-access-a-VM-from-Windows-PuTTY-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to access a VM from Windows PuTTY on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/Connecting-to-a-Windows-VM-via-RDP-through-a-Linux-bastion-host-port-forwarding-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Connecting to a Windows VM via RDP through a Linux bastion host port forwarding on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-to-connect-to-a-virtual-machine-via-SSH-from-Windows-10-Command-Prompt-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to connect to a virtual machine via SSH from Windows 10 Command Prompt on 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-To-Create-SSH-Key-Pair-In-Windows-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create SSH Key Pair in Windows 10 On 3Engines Cloud </span> </a> </li> <li class=md-nav__item> <a href=../windows/Can-I-change-my-password-through-RDP-on-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> Can I change my password through RDP on 3Engines Cloud? </span> </a> </li> <li class=md-nav__item> <a href=../windows/How-To-Create-SSH-Key-Pair-In-Windows-11-On-3Engines-Cloud.html.html class=md-nav__link> <span class=md-ellipsis> How to Create SSH Key Pair in Windows 11 On 3Engines Cloud </span> </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component=sidebar data-md-type=toc> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--secondary" aria-label="On this page"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> On this page </label> <ul class=md-nav__list data-md-component=toc data-md-scrollfix> <li class=md-nav__item> <a href=#what-are-we-going-to-do class=md-nav__link> <span class=md-ellipsis> What Are We Going To Do🔗 </span> </a> </li> <li class=md-nav__item> <a href=#introduction class=md-nav__link> <span class=md-ellipsis> Introduction🔗 </span> </a> </li> <li class=md-nav__item> <a href=#prerequisites class=md-nav__link> <span class=md-ellipsis> Prerequisites🔗 </span> </a> </li> <li class=md-nav__item> <a href=#horizon-whitelisting-load-balancers class=md-nav__link> <span class=md-ellipsis> Horizon: Whitelisting Load Balancers🔗 </span> </a> <nav class=md-nav aria-label="Horizon: Whitelisting Load Balancers🔗"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#verification class=md-nav__link> <span class=md-ellipsis> Verification🔗 </span> </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#cli-whitelisting-load-balancers class=md-nav__link> <span class=md-ellipsis> CLI: Whitelisting Load Balancers🔗 </span> </a> <nav class=md-nav aria-label="CLI: Whitelisting Load Balancers🔗"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#verification_1 class=md-nav__link> <span class=md-ellipsis> Verification🔗 </span> </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#terraform-whitelisting-load-balancers class=md-nav__link> <span class=md-ellipsis> Terraform: Whitelisting Load Balancers🔗 </span> </a> </li> <li class=md-nav__item> <a href=#state-of-security-before-and-after-whitelisting-the-balancers class=md-nav__link> <span class=md-ellipsis> State of Security: Before and after whitelisting the balancers🔗 </span> </a> <nav class=md-nav aria-label="State of Security: Before and after whitelisting the balancers🔗"> <ul class=md-nav__list> <li class=md-nav__item> <a href=#verification-tools class=md-nav__link> <span class=md-ellipsis> Verification Tools🔗 </span> </a> </li> <li class=md-nav__item> <a href=#testing-with-nmap class=md-nav__link> <span class=md-ellipsis> Testing with nmap🔗 </span> </a> </li> <li class=md-nav__item> <a href=#testing-with-http-and-curl class=md-nav__link> <span class=md-ellipsis> Testing with http and curl🔗 </span> </a> </li> <li class=md-nav__item> <a href=#testing-with-curl-and-livez class=md-nav__link> <span class=md-ellipsis> Testing with curl and livez🔗 </span> </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=#what-to-do-next class=md-nav__link> <span class=md-ellipsis> What To Do Next🔗 </span> </a> </li> </ul> </nav> </div> </div> </div> <div class=md-content data-md-component=content> <article class="md-content__inner md-typeset"> <h1 id=implementing-ip-whitelisting-for-load-balancers-with-security-groups-on-3engines-cloud>Implementing IP Whitelisting for Load Balancers with Security Groups on 3Engines Cloud<a href=#implementing-ip-whitelisting-for-load-balancers-with-security-groups-on-brand-name title="Permalink to this headline">🔗</a><a class=headerlink href=#implementing-ip-whitelisting-for-load-balancers-with-security-groups-on-3engines-cloud title="Permanent link">&para;</a></h1> <p>In this article we describe how to use commands in Horizon, CLI and Terraform to secure load balancers for Kubernetes clusters in OpenStack by implementing IP whitelisting.</p> <h2 id=what-are-we-going-to-do>What Are We Going To Do<a href=#what-are-we-going-to-do title="Permalink to this headline">🔗</a><a class=headerlink href=#what-are-we-going-to-do title="Permanent link">&para;</a></h2> <h2 id=introduction>Introduction<a href=#introduction title="Permalink to this headline">🔗</a><a class=headerlink href=#introduction title="Permanent link">&para;</a></h2> <p>Load balancers without proper restrictions are vulnerable to unauthorized access. By implementing IP whitelisting, only specified IP addresses are permitted to access the load balancer. You decide from which IP address it is possible to access the load balancers in particular and the Kubernetes cluster in general.</p> <h2 id=prerequisites>Prerequisites<a href=#prerequisites title="Permalink to this headline">🔗</a><a class=headerlink href=#prerequisites title="Permanent link">&para;</a></h2> <p>No. 1 <strong>Account</strong></p> <p>You need a 3Engines Cloud hosting account with access to the Horizon interface: <a href=https://horizon.3Engines.com>https://horizon.3Engines.com</a>.</p> <p>No. 2 <strong>List of IP addresses/ranges to whitelist</strong></p> <p>This is the list of IP addresses that you want the load balancer to be able to listen to.</p> <p>No. 3 <strong>A preconfigured load balancer</strong></p> <p>In OpenStack, each time you create a Kubernetes cluster, the corresponding load balancers are created automatically.</p> <p>See article <a href=How-to-Create-a-Kubernetes-Cluster-Using-3Engines-Cloud-OpenStack-Magnum.html.html>How to Create a Kubernetes Cluster Using 3Engines Cloud OpenStack Magnum</a></p> <p>No. 4 <strong>OpenStack command operational</strong></p> <p>This is a necessary for CLI procedures.</p> <p>This boils down to sourcing the proper RC file from Horizon. See <a href=How-To-Use-Command-Line-Interface-for-Kubernetes-Clusters-On-3Engines-Cloud-OpenStack-Magnum.html.html>How To Use Command Line Interface for Kubernetes Clusters On 3Engines Cloud OpenStack Magnum</a></p> <p>No. 5 <strong>Python Octavia Client</strong></p> <p>To operate Load Balancers with CLI, the Python Octavia Client (python-octaviaclient) is required. It is a command-line client for the OpenStack Load Balancing service. Install the load-balancer (Octavia) plugin with the following command from the Terminal window, on Ubuntu 22.04:</p> <div class=highlight><pre><span></span><code><span id=__span-0-1><a id=__codelineno-0-1 name=__codelineno-0-1 href=#__codelineno-0-1></a>pip install python-octaviaclient
</span></code></pre></div> <p>Or, if you have virtualenvwrapper installed:</p> <div class=highlight><pre><span></span><code><span id=__span-1-1><a id=__codelineno-1-1 name=__codelineno-1-1 href=#__codelineno-1-1></a>mkvirtualenv python-octaviaclient
</span><span id=__span-1-2><a id=__codelineno-1-2 name=__codelineno-1-2 href=#__codelineno-1-2></a>pip install python-octaviaclient
</span></code></pre></div> <p>Depending on the environment, you might need to use variants such as python3, pip3 and so on.</p> <p>No. 6 <strong>Terraform installed</strong></p> <p>You will need Terraform version 1.50 or higher to be operational.</p> <p>For complete introduction and installation of Terrafom on OpenStack see article <a href=../openstackdev/Generating-and-authorizing-Terraform-using-Keycloak-user-on-3Engines-Cloud.html.html>Generating and authorizing Terraform using Keycloak user on 3Engines Cloud</a></p> <p>To use Terraform in this capacity, you will need to authenticate to the cloud using application credentials with <strong>unrestricted</strong> access. Check article <a href=../cloud/How-to-generate-or-use-Application-Credentials-via-CLI-on-3Engines-Cloud.html.html>How to generate or use Application Credentials via CLI on 3Engines Cloud</a></p> <h2 id=horizon-whitelisting-load-balancers>Horizon: Whitelisting Load Balancers<a href=#horizon-whitelisting-load-balancers title="Permalink to this headline">🔗</a><a class=headerlink href=#horizon-whitelisting-load-balancers title="Permanent link">&para;</a></h2> <p>We will whitelist load balancers by restricting the relevant ports in their security groups. In Horizon, use command <strong>Network</strong> &gt; <strong>Load Balancers</strong> to see the list of load balancers:</p> <p><a class=glightbox href=../_images/whitelisting_again-4v2.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting_again-4v2.png src=../_images/whitelisting_again-4v2.png></a></p> <p>Let us use load balancer with the name starting with <strong>gitlab</strong>. There is no direct connect from load balancer to security groups, so we first have to identify an instance which corresponds to that load balancer. Use commands <strong>Project</strong> &gt; <strong>Compute</strong> &gt; <strong>Instances</strong> and search for instances containing <strong>gitlab</strong> in its name:</p> <p><a class=glightbox href=../_images/whitelisting_again-5v2.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting_again-5v2.png src=../_images/whitelisting_again-5v2.png></a></p> <p>Edit the security groups of those instances for each instance, go to the <strong>Actions</strong> menu and select <strong>Edit Security Groups</strong>.</p> <p><a class=glightbox href=../_images/whitelisting_again-7v2.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting_again-7v2.png src=../_images/whitelisting_again-7v2.png></a></p> <p>Filter by <strong>gitlab</strong>:</p> <p><a class=glightbox href=../_images/whitelisting_again-8v2.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting_again-8v2.png src=../_images/whitelisting_again-8v2.png></a></p> <p>Use commands <strong>Project</strong> &gt; <strong>Network</strong> &gt; <strong>Security Groups</strong> to list security groups with <strong>gitlab</strong> in its name:</p> <p><a class=glightbox href=../_images/whitelisting_again-9v2.png data-type=image data-width=100% data-height=auto data-desc-position=bottom><img alt=whitelisting_again-9v2.png src=../_images/whitelisting_again-9v2.png></a></p> <p>Choose which one you are going to edit; alternatively, you can create a new security group. Anyways, be sure to enter the following data:</p> <blockquote> <ul> <li><strong>Direction</strong>: Ingress</li> <li><strong>Ether Type</strong>: IPv4</li> <li><strong>Protocol</strong>: TCP</li> <li><strong>Port Range</strong>: Specify the port range used by your load balancer.</li> <li><strong>Remote IP Prefix</strong>: Enter the IP address or CIDR to whitelist.</li> </ul> </blockquote> <p>Save and apply the changes.</p> <h3 id=verification>Verification<a href=#verification title="Permalink to this headline">🔗</a><a class=headerlink href=#verification title="Permanent link">&para;</a></h3> <p>To confirm the configuration:</p> <ol> <li>Go to the <strong>Instances</strong> section in Horizon.</li> <li>View the security groups applied to the load balancers associated instances.</li> <li>Ensure the newly added rule is visible.</li> </ol> <h2 id=cli-whitelisting-load-balancers>CLI: Whitelisting Load Balancers<a href=#cli-whitelisting-load-balancers title="Permalink to this headline">🔗</a><a class=headerlink href=#cli-whitelisting-load-balancers title="Permanent link">&para;</a></h2> <p>The OpenStack CLI provides a command-line method for implementing IP whitelisting.</p> <p>Be sure to work through Prerequisites Nos 4 and 5 in order to have <strong>openstack</strong> command fully operational.</p> <p>List the security groups associated with the load balancer:</p> <div class=highlight><pre><span></span><code><span id=__span-2-1><a id=__codelineno-2-1 name=__codelineno-2-1 href=#__codelineno-2-1></a>openstack loadbalancer show &lt;LOAD_BALANCER_NAME_OR_ID&gt;
</span></code></pre></div> <p>Identify the pool associated with the load balancer:</p> <div class=highlight><pre><span></span><code><span id=__span-3-1><a id=__codelineno-3-1 name=__codelineno-3-1 href=#__codelineno-3-1></a>openstack loadbalancer pool list
</span></code></pre></div> <p>Show details of the pool to list its members:</p> <div class=highlight><pre><span></span><code><span id=__span-4-1><a id=__codelineno-4-1 name=__codelineno-4-1 href=#__codelineno-4-1></a>openstack loadbalancer pool show &lt;POOL_NAME_OR_ID&gt;
</span></code></pre></div> <p>Note the IP addresses of the pool members and identify the instances hosting them.</p> <p>Create a security group for IP whitelisting:</p> <div class=highlight><pre><span></span><code><span id=__span-5-1><a id=__codelineno-5-1 name=__codelineno-5-1 href=#__codelineno-5-1></a>openstack security group create &lt;SECURITY_GROUP_NAME&gt;
</span></code></pre></div> <p>Add rules to the security group:</p> <div class=highlight><pre><span></span><code><span id=__span-6-1><a id=__codelineno-6-1 name=__codelineno-6-1 href=#__codelineno-6-1></a>openstack security group rule create \
</span><span id=__span-6-2><a id=__codelineno-6-2 name=__codelineno-6-2 href=#__codelineno-6-2></a>--ingress \
</span><span id=__span-6-3><a id=__codelineno-6-3 name=__codelineno-6-3 href=#__codelineno-6-3></a>--ethertype IPv4 \
</span><span id=__span-6-4><a id=__codelineno-6-4 name=__codelineno-6-4 href=#__codelineno-6-4></a>--protocol tcp \
</span><span id=__span-6-5><a id=__codelineno-6-5 name=__codelineno-6-5 href=#__codelineno-6-5></a>--dst-port &lt;PORT_RANGE&gt; \
</span><span id=__span-6-6><a id=__codelineno-6-6 name=__codelineno-6-6 href=#__codelineno-6-6></a>--remote-ip &lt;IP_OR_CIDR&gt; \
</span><span id=__span-6-7><a id=__codelineno-6-7 name=__codelineno-6-7 href=#__codelineno-6-7></a>&lt;SECURITY_GROUP_ID&gt;
</span></code></pre></div> <p>Apply the security group to the instances hosting the pool members:</p> <div class=highlight><pre><span></span><code><span id=__span-7-1><a id=__codelineno-7-1 name=__codelineno-7-1 href=#__codelineno-7-1></a>openstack server add security group &lt;INSTANCE_ID&gt; &lt;SECURITY_GROUP_NAME&gt;
</span></code></pre></div> <h3 id=verification_1>Verification<a href=#id1 title="Permalink to this headline">🔗</a><a class=headerlink href=#verification_1 title="Permanent link">&para;</a></h3> <p>Verify the applied security group rules:</p> <div class=highlight><pre><span></span><code><span id=__span-8-1><a id=__codelineno-8-1 name=__codelineno-8-1 href=#__codelineno-8-1></a>openstack security group show &lt;SECURITY_GROUP_ID&gt;
</span></code></pre></div> <p>Confirm the security group is attached to the appropriate instances:</p> <div class=highlight><pre><span></span><code><span id=__span-9-1><a id=__codelineno-9-1 name=__codelineno-9-1 href=#__codelineno-9-1></a>openstack server show &lt;INSTANCE_ID&gt;
</span></code></pre></div> <h2 id=terraform-whitelisting-load-balancers>Terraform: Whitelisting Load Balancers<a href=#terraform-whitelisting-load-balancers title="Permalink to this headline">🔗</a><a class=headerlink href=#terraform-whitelisting-load-balancers title="Permanent link">&para;</a></h2> <p>Terraform is an Infrastructure as Code (IaC) tool that can automate the process of configuring IP whitelisting.</p> <p>Create a security group and whitelist rule in <strong>main.tf</strong>:</p> <div class=highlight><pre><span></span><code><span id=__span-10-1><a id=__codelineno-10-1 name=__codelineno-10-1 href=#__codelineno-10-1></a># main.tf
</span><span id=__span-10-2><a id=__codelineno-10-2 name=__codelineno-10-2 href=#__codelineno-10-2></a>
</span><span id=__span-10-3><a id=__codelineno-10-3 name=__codelineno-10-3 href=#__codelineno-10-3></a># Security Group to Whitelist IPs
</span><span id=__span-10-4><a id=__codelineno-10-4 name=__codelineno-10-4 href=#__codelineno-10-4></a>resource &quot;openstack_networking_secgroup_v2&quot; &quot;whitelist_secgroup&quot; {
</span><span id=__span-10-5><a id=__codelineno-10-5 name=__codelineno-10-5 href=#__codelineno-10-5></a> name = &quot;loadbalancer_whitelist&quot;
</span><span id=__span-10-6><a id=__codelineno-10-6 name=__codelineno-10-6 href=#__codelineno-10-6></a> description = &quot;Security group for load balancer IP whitelisting&quot;
</span><span id=__span-10-7><a id=__codelineno-10-7 name=__codelineno-10-7 href=#__codelineno-10-7></a>}
</span><span id=__span-10-8><a id=__codelineno-10-8 name=__codelineno-10-8 href=#__codelineno-10-8></a>
</span><span id=__span-10-9><a id=__codelineno-10-9 name=__codelineno-10-9 href=#__codelineno-10-9></a># Add Whitelist Rule for Specific IPs
</span><span id=__span-10-10><a id=__codelineno-10-10 name=__codelineno-10-10 href=#__codelineno-10-10></a>resource &quot;openstack_networking_secgroup_rule_v2&quot; &quot;allow_whitelist&quot; {
</span><span id=__span-10-11><a id=__codelineno-10-11 name=__codelineno-10-11 href=#__codelineno-10-11></a> direction = &quot;ingress&quot;
</span><span id=__span-10-12><a id=__codelineno-10-12 name=__codelineno-10-12 href=#__codelineno-10-12></a> ethertype = &quot;IPv4&quot;
</span><span id=__span-10-13><a id=__codelineno-10-13 name=__codelineno-10-13 href=#__codelineno-10-13></a> protocol = &quot;tcp&quot;
</span><span id=__span-10-14><a id=__codelineno-10-14 name=__codelineno-10-14 href=#__codelineno-10-14></a> port_range_min = 80 # Replace with actual port range
</span><span id=__span-10-15><a id=__codelineno-10-15 name=__codelineno-10-15 href=#__codelineno-10-15></a> port_range_max = 80
</span><span id=__span-10-16><a id=__codelineno-10-16 name=__codelineno-10-16 href=#__codelineno-10-16></a> remote_ip_prefix = &quot;192.168.1.0/24&quot; # Replace with actual CIDR
</span><span id=__span-10-17><a id=__codelineno-10-17 name=__codelineno-10-17 href=#__codelineno-10-17></a> security_group_id = openstack_networking_secgroup_v2.whitelist_secgroup.id
</span><span id=__span-10-18><a id=__codelineno-10-18 name=__codelineno-10-18 href=#__codelineno-10-18></a>}
</span><span id=__span-10-19><a id=__codelineno-10-19 name=__codelineno-10-19 href=#__codelineno-10-19></a>
</span><span id=__span-10-20><a id=__codelineno-10-20 name=__codelineno-10-20 href=#__codelineno-10-20></a># Existing Instances Associated with Pool Members
</span><span id=__span-10-21><a id=__codelineno-10-21 name=__codelineno-10-21 href=#__codelineno-10-21></a>resource &quot;openstack_compute_instance_v2&quot; &quot;instances&quot; {
</span><span id=__span-10-22><a id=__codelineno-10-22 name=__codelineno-10-22 href=#__codelineno-10-22></a> count = 2 # Adjust to the number of pool member instances
</span><span id=__span-10-23><a id=__codelineno-10-23 name=__codelineno-10-23 href=#__codelineno-10-23></a> name = &quot;pool_member_${count.index + 1}&quot;
</span><span id=__span-10-24><a id=__codelineno-10-24 name=__codelineno-10-24 href=#__codelineno-10-24></a> flavor_id = &quot;m1.small&quot; # Replace with an appropriate flavor
</span><span id=__span-10-25><a id=__codelineno-10-25 name=__codelineno-10-25 href=#__codelineno-10-25></a> image_id = &quot;image-id&quot; # Replace with a valid image ID
</span><span id=__span-10-26><a id=__codelineno-10-26 name=__codelineno-10-26 href=#__codelineno-10-26></a> key_pair = &quot;your-key-pair&quot;
</span><span id=__span-10-27><a id=__codelineno-10-27 name=__codelineno-10-27 href=#__codelineno-10-27></a> security_groups = [openstack_networking_secgroup_v2.whitelist_secgroup.name]
</span><span id=__span-10-28><a id=__codelineno-10-28 name=__codelineno-10-28 href=#__codelineno-10-28></a> network {
</span><span id=__span-10-29><a id=__codelineno-10-29 name=__codelineno-10-29 href=#__codelineno-10-29></a> uuid = &quot;network-uuid&quot; # Replace with the UUID of your network
</span><span id=__span-10-30><a id=__codelineno-10-30 name=__codelineno-10-30 href=#__codelineno-10-30></a> }
</span><span id=__span-10-31><a id=__codelineno-10-31 name=__codelineno-10-31 href=#__codelineno-10-31></a>}
</span><span id=__span-10-32><a id=__codelineno-10-32 name=__codelineno-10-32 href=#__codelineno-10-32></a>
</span><span id=__span-10-33><a id=__codelineno-10-33 name=__codelineno-10-33 href=#__codelineno-10-33></a># Associate the Load Balancer with Security Group via Instances
</span><span id=__span-10-34><a id=__codelineno-10-34 name=__codelineno-10-34 href=#__codelineno-10-34></a>resource &quot;openstack_lb_loadbalancer_v2&quot; &quot;loadbalancer&quot; {
</span><span id=__span-10-35><a id=__codelineno-10-35 name=__codelineno-10-35 href=#__codelineno-10-35></a> name = &quot;my_loadbalancer&quot;
</span><span id=__span-10-36><a id=__codelineno-10-36 name=__codelineno-10-36 href=#__codelineno-10-36></a> vip_subnet_id = &quot;subnet-id&quot; # Replace with the subnet ID
</span><span id=__span-10-37><a id=__codelineno-10-37 name=__codelineno-10-37 href=#__codelineno-10-37></a> depends_on = [openstack_compute_instance_v2.instances]
</span><span id=__span-10-38><a id=__codelineno-10-38 name=__codelineno-10-38 href=#__codelineno-10-38></a>}
</span></code></pre></div> <p>Initialize and apply the configuration:</p> <div class=highlight><pre><span></span><code><span id=__span-11-1><a id=__codelineno-11-1 name=__codelineno-11-1 href=#__codelineno-11-1></a>terraform init
</span><span id=__span-11-2><a id=__codelineno-11-2 name=__codelineno-11-2 href=#__codelineno-11-2></a>terraform apply
</span></code></pre></div> <p><strong>Verification</strong></p> <p>Use Terraform to review the applied state:</p> <div class=highlight><pre><span></span><code><span id=__span-12-1><a id=__codelineno-12-1 name=__codelineno-12-1 href=#__codelineno-12-1></a>terraform show
</span><span id=__span-12-2><a id=__codelineno-12-2 name=__codelineno-12-2 href=#__codelineno-12-2></a>openstack server show &lt;INSTANCE_ID&gt;
</span><span id=__span-12-3><a id=__codelineno-12-3 name=__codelineno-12-3 href=#__codelineno-12-3></a>openstack security group show &lt;SECURITY_GROUP_ID&gt;
</span></code></pre></div> <h2 id=state-of-security-before-and-after-whitelisting-the-balancers>State of Security: Before and after whitelisting the balancers<a href=#state-of-security-before-and-after-whitelisting-the-balancers title="Permalink to this headline">🔗</a><a class=headerlink href=#state-of-security-before-and-after-whitelisting-the-balancers title="Permanent link">&para;</a></h2> <p>Before implementing IP whitelisting, the load balancer accepts traffic from all sources. After completing the procedure:</p> <blockquote> <ul> <li>Only specified IPs can access the load balancer.</li> <li>Unauthorized access attempts are denied.</li> </ul> </blockquote> <h3 id=verification-tools>Verification Tools<a href=#verification-tools title="Permalink to this headline">🔗</a><a class=headerlink href=#verification-tools title="Permanent link">&para;</a></h3> <p>Various tools can ensure the protection is installed and active:</p> <dl> <dt>livez</dt> <dd>Kubernetes monitoring endpoint.</dd> <dt>nmap</dt> <dd>(free): For port scanning and access verification.</dd> <dt>curl</dt> <dd>(free): To confirm access control from specific IPs.</dd> <dt>Wireshark</dt> <dd>(free): For packet-level analysis.</dd> </dl> <h3 id=testing-with-nmap>Testing with nmap<a href=#testing-with-nmap title="Permalink to this headline">🔗</a><a class=headerlink href=#testing-with-nmap title="Permanent link">&para;</a></h3> <div class=highlight><pre><span></span><code><span id=__span-13-1><a id=__codelineno-13-1 name=__codelineno-13-1 href=#__codelineno-13-1></a>nmap -p &lt;PORT&gt; &lt;LOAD_BALANCER_IP&gt;
</span></code></pre></div> <h3 id=testing-with-http-and-curl>Testing with http and curl<a href=#testing-with-http-and-curl title="Permalink to this headline">🔗</a><a class=headerlink href=#testing-with-http-and-curl title="Permanent link">&para;</a></h3> <div class=highlight><pre><span></span><code><span id=__span-14-1><a id=__codelineno-14-1 name=__codelineno-14-1 href=#__codelineno-14-1></a>curl http://&lt;LOAD_BALANCER_IP&gt;
</span></code></pre></div> <h3 id=testing-with-curl-and-livez>Testing with curl and livez<a href=#testing-with-curl-and-livez title="Permalink to this headline">🔗</a><a class=headerlink href=#testing-with-curl-and-livez title="Permanent link">&para;</a></h3> <p>This would be a typical response before changes:</p> <div class=highlight><pre><span></span><code><span id=__span-15-1><a id=__codelineno-15-1 name=__codelineno-15-1 href=#__codelineno-15-1></a>curl -k https://&lt;KUBE_API_IP&gt;:6443/livez?verbose
</span><span id=__span-15-2><a id=__codelineno-15-2 name=__codelineno-15-2 href=#__codelineno-15-2></a>[+]ping ok
</span><span id=__span-15-3><a id=__codelineno-15-3 name=__codelineno-15-3 href=#__codelineno-15-3></a>[+]log ok
</span><span id=__span-15-4><a id=__codelineno-15-4 name=__codelineno-15-4 href=#__codelineno-15-4></a>[+]etcd ok
</span><span id=__span-15-5><a id=__codelineno-15-5 name=__codelineno-15-5 href=#__codelineno-15-5></a>[+]poststarthook/start-kube-apiserver-admission-initializer ok
</span><span id=__span-15-6><a id=__codelineno-15-6 name=__codelineno-15-6 href=#__codelineno-15-6></a>[+]poststarthook/generic-apiserver-start-informers ok
</span><span id=__span-15-7><a id=__codelineno-15-7 name=__codelineno-15-7 href=#__codelineno-15-7></a>[+]poststarthook/priority-and-fairness-config-consumer ok
</span><span id=__span-15-8><a id=__codelineno-15-8 name=__codelineno-15-8 href=#__codelineno-15-8></a>[+]poststarthook/priority-and-fairness-filter ok
</span><span id=__span-15-9><a id=__codelineno-15-9 name=__codelineno-15-9 href=#__codelineno-15-9></a>[+]poststarthook/storage-object-count-tracker-hook ok
</span><span id=__span-15-10><a id=__codelineno-15-10 name=__codelineno-15-10 href=#__codelineno-15-10></a>[+]poststarthook/start-apiextensions-informers ok
</span><span id=__span-15-11><a id=__codelineno-15-11 name=__codelineno-15-11 href=#__codelineno-15-11></a>[+]poststarthook/start-apiextensions-controllers ok
</span><span id=__span-15-12><a id=__codelineno-15-12 name=__codelineno-15-12 href=#__codelineno-15-12></a>[+]poststarthook/crd-informer-synced ok
</span><span id=__span-15-13><a id=__codelineno-15-13 name=__codelineno-15-13 href=#__codelineno-15-13></a>[+]poststarthook/start-system-namespaces-controller ok
</span><span id=__span-15-14><a id=__codelineno-15-14 name=__codelineno-15-14 href=#__codelineno-15-14></a>[+]poststarthook/bootstrap-controller ok
</span><span id=__span-15-15><a id=__codelineno-15-15 name=__codelineno-15-15 href=#__codelineno-15-15></a>[+]poststarthook/rbac/bootstrap-roles ok
</span><span id=__span-15-16><a id=__codelineno-15-16 name=__codelineno-15-16 href=#__codelineno-15-16></a>[+]poststarthook/scheduling/bootstrap-system-priority-classes ok
</span><span id=__span-15-17><a id=__codelineno-15-17 name=__codelineno-15-17 href=#__codelineno-15-17></a>[+]poststarthook/priority-and-fairness-config-producer ok
</span><span id=__span-15-18><a id=__codelineno-15-18 name=__codelineno-15-18 href=#__codelineno-15-18></a>[+]poststarthook/start-cluster-authentication-info-controller ok
</span><span id=__span-15-19><a id=__codelineno-15-19 name=__codelineno-15-19 href=#__codelineno-15-19></a>[+]poststarthook/start-kube-apiserver-identity-lease-controller ok
</span><span id=__span-15-20><a id=__codelineno-15-20 name=__codelineno-15-20 href=#__codelineno-15-20></a>[+]poststarthook/start-deprecated-kube-apiserver-identity-lease-garbage-collector ok
</span><span id=__span-15-21><a id=__codelineno-15-21 name=__codelineno-15-21 href=#__codelineno-15-21></a>[+]poststarthook/start-kube-apiserver-identity-lease-garbage-collector ok
</span><span id=__span-15-22><a id=__codelineno-15-22 name=__codelineno-15-22 href=#__codelineno-15-22></a>[+]poststarthook/start-legacy-token-tracking-controller ok
</span><span id=__span-15-23><a id=__codelineno-15-23 name=__codelineno-15-23 href=#__codelineno-15-23></a>[+]poststarthook/aggregator-reload-proxy-client-cert ok
</span><span id=__span-15-24><a id=__codelineno-15-24 name=__codelineno-15-24 href=#__codelineno-15-24></a>[+]poststarthook/start-kube-aggregator-informers ok
</span><span id=__span-15-25><a id=__codelineno-15-25 name=__codelineno-15-25 href=#__codelineno-15-25></a>[+]poststarthook/apiservice-registration-controller ok
</span><span id=__span-15-26><a id=__codelineno-15-26 name=__codelineno-15-26 href=#__codelineno-15-26></a>[+]poststarthook/apiservice-status-available-controller ok
</span><span id=__span-15-27><a id=__codelineno-15-27 name=__codelineno-15-27 href=#__codelineno-15-27></a>[+]poststarthook/kube-apiserver-autoregistration ok
</span><span id=__span-15-28><a id=__codelineno-15-28 name=__codelineno-15-28 href=#__codelineno-15-28></a>[+]autoregister-completion ok
</span><span id=__span-15-29><a id=__codelineno-15-29 name=__codelineno-15-29 href=#__codelineno-15-29></a>[+]poststarthook/apiservice-openapi-controller ok
</span><span id=__span-15-30><a id=__codelineno-15-30 name=__codelineno-15-30 href=#__codelineno-15-30></a>[+]poststarthook/apiservice-openapiv3-controller ok
</span><span id=__span-15-31><a id=__codelineno-15-31 name=__codelineno-15-31 href=#__codelineno-15-31></a>[+]poststarthook/apiservice-discovery-controller ok
</span><span id=__span-15-32><a id=__codelineno-15-32 name=__codelineno-15-32 href=#__codelineno-15-32></a>livez check passed
</span></code></pre></div> <p>And, this would be a typical response after the changes:</p> <div class=highlight><pre><span></span><code><span id=__span-16-1><a id=__codelineno-16-1 name=__codelineno-16-1 href=#__codelineno-16-1></a>curl -k https://&lt;KUBE_API_IP&gt;:6443/livez?verbose -m 5
</span><span id=__span-16-2><a id=__codelineno-16-2 name=__codelineno-16-2 href=#__codelineno-16-2></a>curl: (28) Connection timed out after 5000 milliseconds
</span></code></pre></div> <h2 id=what-to-do-next>What To Do Next<a href=#what-to-do-next title="Permalink to this headline">🔗</a><a class=headerlink href=#what-to-do-next title="Permanent link">&para;</a></h2> <p>Compare with articles:</p> <p><a href=Configuring-IP-Whitelisting-for-OpenStack-Load-Balancer-using-Horizon-and-CLI-on-3Engines-Cloud.html.html>Configuring IP Whitelisting for OpenStack Load Balancer using Horizon and CLI on 3Engines Cloud</a></p> <p><a href=Configuring-IP-Whitelisting-for-OpenStack-Load-Balancer-using-Terraform-on-3Engines-Cloud.html.html>Configuring IP Whitelisting for OpenStack Load Balancer using Terraform on 3Engines Cloud</a></p> </article> </div> <script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script> </div> <button type=button class="md-top md-icon" data-md-component=top hidden> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8z"/></svg> Back to top </button> </main> <footer class=md-footer> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a> </div> </div> </div> </footer> </div> <div class=md-dialog data-md-component=dialog> <div class="md-dialog__inner md-typeset"></div> </div> <script id=__config type=application/json>{"base": "..", "features": ["content.code.annotate", "content.code.copy", "content.tooltips", "navigation.tabs", "navigation.sections", "navigation.footer", "navigation.indexes", "navigation.sections", "navigation.top", "navigation.tracking", "search.highlight", "search.share", "search.suggest", "toc.follow"], "search": "../assets/javascripts/workers/search.d50fe291.min.js", "tags": null, "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": null}</script> <script src=../assets/javascripts/bundle.13a4f30d.min.js></script> <script id="init-glightbox">const lightbox = GLightbox({"touchNavigation": false, "loop": false, "zoomable": true, "draggable": true, "openEffect": "zoom", "closeEffect": "zoom", "slideEffect": "slide"});
document$.subscribe(() => { lightbox.reload() });
</script></body> </html>
Reference in New Issue View Git Blame Copy Permalink