Re: HTTPS LB and x-forwarded-for

2017-11-17 Thread Nux!
lol good find.. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - > From: "Pierre-Luc Dion" > To: "Wido den Hollander" > Cc: "dev" , "users" > Sent: Friday, 17 November, 2017 13:56:11 &

Re: HTTPS LB and x-forwarded-for

2017-11-17 Thread Pierre-Luc Dion
> - Original Message ----- > > > > From: "Pierre-Luc Dion" > > > > To: "Wido den Hollander" > > > > Cc: "dev" , "Khosrow Moossavi" < > > > kmooss...@cloudops.com>, "Will Stevens" &g

Re: HTTPS LB and x-forwarded-for

2017-11-13 Thread Wido den Hollander
Cc: "dev" , "Khosrow Moossavi" < > > kmooss...@cloudops.com>, "Will Stevens" > > > , "Nux!" , "users" < > > users@cloudstack.apache.org> > > > Sent: Friday, 10 November, 2017 15:32:38 > > > Subject

Re: HTTPS LB and x-forwarded-for

2017-11-13 Thread Pierre-Luc Dion
Will Stevens" > > , "Nux!" , "users" < > users@cloudstack.apache.org> > > Sent: Friday, 10 November, 2017 15:32:38 > > Subject: Re: HTTPS LB and x-forwarded-for > > > Hi Wido, do you know if this would work for htt

Re: HTTPS LB and x-forwarded-for

2017-11-10 Thread Nux!
Luc Dion" > To: "Wido den Hollander" > Cc: "dev" , "Khosrow Moossavi" > , "Will Stevens" > , "Nux!" , "users" > > Sent: Friday, 10 November, 2017 15:32:38 > Subject: Re: HTTPS LB and x-forwarded-for > Hi Wi

Re: HTTPS LB and x-forwarded-for

2017-11-10 Thread Pierre-Luc Dion
so keep SSL processing off > the VR. > > > > > > > > -- > > > > Sent from the Delta quadrant using Borg technology! > > > > > > > > Nux! > > > > www.nux.ro > > > > > > > > - Original Message - &

Re: HTTPS LB and x-forwarded-for

2017-11-10 Thread Wido den Hollander
; > Sent from the Delta quadrant using Borg technology! > > > > > > Nux! > > > www.nux.ro > > > > > > - Original Message - > > > > From: "Andrija Panic" > > > > To: "users" > > > > Cc: &qu

Re: HTTPS LB and x-forwarded-for

2017-11-10 Thread Pierre-Luc Dion
tionality and would also keep SSL processing off the VR. > > > > -- > > Sent from the Delta quadrant using Borg technology! > > > > Nux! > > www.nux.ro > > > > - Original Message - > > > From: "Andrija Panic" > > > To:

Re: HTTPS LB and x-forwarded-for

2017-11-09 Thread Wido den Hollander
gt; > >> > CloudStack already have to code to handle SSL certs per projects and > >> > accounts if not mistaking because that code was added to support > >> NetScaler > >> > as Load-balancer in the past. so one less thing to think about :-) > >> >

Re: HTTPS LB and x-forwarded-for

2017-11-09 Thread Nux!
er in the past. so one less thing to think about :-) >> > >> > >> > [1] https://traefik.io/ >> > >> > >> > PL, >> > >> > >> > >> > On Mon, Nov 6, 2017 at 7:10 AM, Nux! wrote: >> > >> > > Thank

Re: HTTPS LB and x-forwarded-for

2017-11-09 Thread Andrija Panic
de ACS. > > > I guess as users we could maybe come up with a spec for an > improvement, at > > > least we'd have something the devs could look at whenever it is > possible. > > > > > > Regards, > > > Lucian > > > > > > -- >

Re: HTTPS LB and x-forwarded-for

2017-11-08 Thread Wido den Hollander
be > > outside ACS. > > I guess as users we could maybe come up with a spec for an improvement, at > > least we'd have something the devs could look at whenever it is possible. > > > > Regards, > > Lucian > > > > -- > > Sent from the Delta quadra

RE: HTTPS LB and x-forwarded-for

2017-11-08 Thread Paul Angus
ops.com; d...@cloudstack.apache.org; wstev...@cloudops.com Cc: users@cloudstack.apache.org Subject: RE: HTTPS LB and x-forwarded-for I'm assuming we would have the standard openssl version with Intel TLS offload though, right? RHEL ships their FIPS compliant version that strips all the acceleration out. The

RE: HTTPS LB and x-forwarded-for

2017-11-08 Thread Simon Weller
wstev...@cloudops.com] CC: users [users@cloudstack.apache.org] Subject: Re: HTTPS LB and x-forwarded-for Same challenge here too! Let's look at improving Load-balancing offering from cloudstack, I guest we should do a feature spec draft soon.., from my perspective, doing SSL offload on the V

Re: HTTPS LB and x-forwarded-for

2017-11-08 Thread Pierre-Luc Dion
Panic" > > To: "dev" > > Cc: "users" > > Sent: Thursday, 2 November, 2017 23:21:37 > > Subject: Re: HTTPS LB and x-forwarded-for > > > We used to make some special stuff for one of the clients, where all LB > > configuration work is done

Re: HTTPS LB and x-forwarded-for

2017-11-06 Thread Nux!
could look at whenever it is possible. Regards, Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - > From: "Andrija Panic" > To: "dev" > Cc: "users" > Sent: Thursday, 2 November, 2017 23:21:37 &g

Re: HTTPS LB and x-forwarded-for

2017-11-02 Thread Andrija Panic
We used to make some special stuff for one of the clients, where all LB configuration work is done from outside of the ACS, i.e. python script to feed/configure VR - install latest haproxy 1.5.x for transparent proxy, since client insisted on SSL termination done on backend web SSL servers Not

HTTPS LB and x-forwarded-for

2017-10-31 Thread Nux!
Hello, Of the people running an LB (VR) with https backends, how do you deal with the lack of x-forwarded-for since for port 443 there's just simple TCP balancing? Has anyone thought of terminating SSL in the VR instead? Ideas? Cheers -- Sent from the Delta quadrant using Borg technology! Nux