Skip to content

Firewall Reconfiguration

We have been aware for some time that our firewall rules don't all use tagging. This is causing some issues with some webservers appearing as down in DO.

Proposed Plan

  1. Move mg-ub-web-004 into LB1, leaving LB2 empty
  2. Move mg-ub-web-002 and mg-ub-web-003 into LB2
  3. Tag mg-ub-web-002 and mg-ub-web-003 as 'MG Webserver'
  4. Review the firewall rules across all services, removing any reference to the public and private IP addresses of mg-ub-web-002 and mg-ub-web-003, as well as their host names, and replace with the tag 'MG Webserver'
  5. Update all configurations in: Firewall configuration
  6. Confirm both mg-ub-web-002 and mg-ub-web-003 are showing as 'up' in LB2
  7. Move mg and testmg subdomains to LB2, test for a week
  8. Change all subdomains to point to the public IP of LB2, effectively making LB2 our master LB
  9. Tag mg-ub-web-001 and mg-ub-web-004 as 'MG Webserver'
  10. Confirm both mg-ub-web-001 and mg-ub-web-004 are showing as 'up' in LB1
  11. Move mg-ub-web-002 back into LB1
  12. Move mg-ub-web-004 back into LB2
Last modified by: Unknown