Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split UAA traffic to separate (new) routers #766

Merged
merged 13 commits into from
Aug 30, 2023
Merged

Split UAA traffic to separate (new) routers #766

merged 13 commits into from
Aug 30, 2023

Conversation

cweibel
Copy link
Contributor

@cweibel cweibel commented Aug 30, 2023

Changes proposed in this pull request:

  • This adds ops files and scaling changes to support adding a new instance group called router-main which are a functional duplicate of the existing router instance group
  • By leveraging a new vm_extension defined in the cloud-config the new router-main vms are added as load balancer targets to the already existing uaa load balancer
  • During roll out to CF (production and staging) the uaa load balancer will be active in both router vm_extensions. Post deployment of CF, the cg-provision jobs in concourse will be run for staging and production to roll out the changes to the list of load balancers defined in the vm_extensions and then a second deploy of BOSH/CF for each environment. This should prevent any sort of outage seen by customers attempting to hit UAA.

security considerations

This will allow additional WAF rules to be put in place in front of UAA that we cannot currently do because the apps are part of the same vm_extension used by the routers.

@cweibel cweibel requested a review from a team August 30, 2023 18:58
soutenniza
soutenniza approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@soutenniza soutenniza left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@cweibel cweibel merged commit 2e22c43 into main Aug 30, 2023
1 check passed
@cweibel cweibel deleted the uaa_split branch August 30, 2023 19:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@soutenniza soutenniza soutenniza approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cweibel @soutenniza