Lbaas Pool and Members from Different SubNets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Invalid
|
Undecided
|
Unassigned |
Bug Description
There is no definite mapping between Pool Subnet ID and Its Members.
It is possible to Assign another Subnet with different IP for Pool and its members.
For E.g
A pool is created with subnet 135.254.189.0/24, and its members from Instances assigned to Another Subnet (172.21.184.0/24).
Under the following reference,
https:/
For Create-Pool,
Request
POST /pools.json
{
'pool': {
'name': 'some name',
'protocol': 'HTTP',
}
}
Validation needs to be done such that the instances ( Members ) are created for the Pool of the same Subnet.
affects: | apt (Ubuntu) → neutron-lbaas (Ubuntu) |
affects: | neutron-lbaas (Ubuntu) → neutron |
Changed in neutron: | |
assignee: | nobody → ZongKai LI (lzklibj) |
It's simple to add some limitation to ensure VIP and members are from same subnet of pool. But I think it's not a good idea to do that.
I did a test, in my case, at first, I got VIP and some members from pool's subnet, later I created a new subnet, connect it with previous subnet by a router, and add members from the new subnet to pool. The client can get response from both from previous members and new members.
So I think to limit members must from the same subnet is not a good idea, and checking whether members' subnets are accessible to VIP will make things complex.