Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

E2E: add multi-home networking to test infrastructure #16218

Merged
merged 1 commit into from
Feb 20, 2023
Merged

E2E: add multi-home networking to test infrastructure #16218

merged 1 commit into from
Feb 20, 2023

Conversation

tgross
Copy link
Member

@tgross tgross commented Feb 17, 2023
edited

Add an Elastic Network Interface (ENI) to each Linux host, on a secondary subnet we have provisioned in each AZ. Revise security groups as follows:

  • Split out client security groups from servers so that we can't have clients accidentally accessing serf addresses or other unexpected cross-talk.
  • Add new security groups for the secondary subnet that only allows communication within the security group so we can exercise behaviors with multiple IPs.
  • Drop inbound Consul/Vault access, as we're running those on HCP these days

This changeset doesn't include any Nomad configuration changes needed to take advantage of the extra network interface. I'll include those with testing for PR #16217. (And I've verified the cluster comes up normally with this change.)

@tgross
E2E: add multi-home networking to test infrastructure
2a0c73a 
Add an Elastic Network Interface (ENI) to each Linux host, on a secondary subnet
we have provisioned in each AZ. Revise security groups as follows:

* Split out client security groups from servers so that we can't have clients
  accidentally accessing serf addresses or other unexpected cross-talk.
* Add new security groups for the secondary subnet that only allows
  communication within the security group so we can exercise behaviors with
  multiple IPs.

This changeset doesn't include any Nomad configuration changes needed to take
advantage of the extra network interface. I'll include those with testing for
PR #16217.
@tgross tgross added the theme/testing Test related issues label Feb 17, 2023
shoenig
shoenig approved these changes Feb 17, 2023
View reviewed changes
Copy link
Member

@shoenig shoenig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@schmichael schmichael mentioned this pull request Feb 18, 2023
Merged
schmichael
schmichael approved these changes Feb 18, 2023
View reviewed changes
Copy link
Member

@schmichael schmichael left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worked for #16219

jrasell
jrasell approved these changes Feb 20, 2023
View reviewed changes
Copy link
Member

@jrasell jrasell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jrasell jrasell merged commit 517ad9c into main Feb 20, 2023
@jrasell jrasell deleted the e2e-addresses branch February 20, 2023 09:08
@tgross tgross mentioned this pull request Feb 28, 2023
Merged
This was referenced Mar 2, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@schmichael schmichael schmichael approved these changes

@shoenig shoenig shoenig approved these changes

@jrasell jrasell jrasell approved these changes

@pkazmierczak pkazmierczak Awaiting requested review from pkazmierczak

Assignees
No one assigned
Labels
theme/testing Test related issues
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tgross @schmichael @shoenig @jrasell