Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-15501

Dynamic config `proxy_protocol_networks`

Details

    • Task
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 10.3.6
    • Server
    • None
    • 10.3.6-1

    Description

      Current Implication of proxy protocol is not very convenient,proxy_protocol_networks is read only, so when we need deploy a proxy which not belong to proxy_protocol_networks, then we need change the server's config and restart.

      And for the aspect of safety, we cannot config a big subnet, maybe just add proxy's ip to proxy_protocol_networks

      Attachments

        Issue Links

          blocks

          New Feature - A new feature of the product, which has yet to be developed. MXS-1551 Ip white list for proxy

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            wlad Vladislav Vaintroub added a comment - - edited

            proxy_protocol_networks are masks, not IP addresses, so you definitely can add a new IP as long as it is subnet conforming, and do so without a restart.

            You can always add any proxy, if the value is * (not recommended, obviously)

            wlad Vladislav Vaintroub added a comment - - edited proxy_protocol_networks are masks, not IP addresses, so you definitely can add a new IP as long as it is subnet conforming, and do so without a restart. You can always add any proxy, if the value is * (not recommended, obviously)
            wlad Vladislav Vaintroub added a comment -

            You do not have to have a big subnet either. You can have a small subnet too

            wlad Vladislav Vaintroub added a comment - You do not have to have a big subnet either. You can have a small subnet too
            dapeng dapeng huang added a comment -

            In some situation, we may add more node for proxy cluster, and cannot determine which subnet of new node in advance, so need dynamic config

            dapeng dapeng huang added a comment - In some situation, we may add more node for proxy cluster, and cannot determine which subnet of new node in advance, so need dynamic config

            People

              wlad Vladislav Vaintroub
              dapeng dapeng huang
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.