Versions Compared

Old Version 4

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version 5

changes.mady.by.user Sarabjeet Kaur

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Rule to allow Google health check to the Virtual Machine.

    1. Target: Service Account which is used by Kyvos VMs

    2. Source IP Ranges: 35.191.0.0/16, 130.211.0.0/22

    3. Protocol: tcp -> ports 8443,9443<>

      image-20240125-130949.pngImage Added

  2. Rule to allow access to selected ports from load balancer to Virtual Machine Target:

    1. Service Account which is used by Kyvos VMs

    2. Source IP Ranges: CIDR of the Proxy only Subnet

    3. Protocol: tcp -> 8443, 9443<>

      image-20240125-131100.pngImage Added
Panel
panelIconIdatlassian-note
panelIcon:note:
bgColor#DEEBFF

Note:

Without source filter as Proxy-only subnet you will get the upstream request timeout while browsing the Application Load Balancer URL.

...

  1. On the page, provide the following details:

    1. Type a Name to your instance group. For example, kyvos-instancegroup.

    2. From the Network and Instances list, select the Networks shared with me option.

    3. From the shared subnetwork list, select the required option.

    4. From the VM Instances list, select the VMs on which you want to use this backend service.
      You must select the VMs used for the Kyvos Webserver node.

    5. In the Port Mapping area,

      1. Port name as km-https and Port number as 9443

      2. Port name as kyvos-https and Port number as 8443

        Image Removedimage-20240125-125028.pngImage Added

  2. Click Create.

Creating a load balancer

...

  1. Click Frontend Configuration.

  2. On the page, enter details as:

    1. Provide a name to the frontend configuration, such as frontendwebserverhttps.

    2. In the Protocol list,select the HTTPS option.

    3. From the Certificate list, select the appropriateoption.

    4. Click Done.

      image-20240125-094418.pngImage Removedimage-20240125-125203.pngImage Addedimage-20240125-125725.pngImage Added

Configuring backend services

  1. Switch to the Backend tab. The Backend configuration section is displayed. 

  2. Click Create a Backend Service.

    1. For Kyvos Manager: Provide a Name to create a backend service—for example, backendservicekmhttps.

      1. Backend Type: Instance Group

      2. Protocol: HTTPS

      3. Named Port: km-https

        image-20240125-125857.pngImage Added

    2. For Kyvos: Provide a Name to create a backend service—for example, backendservicekyvoshttps.

      1. Backend Type: Instance Group

      2. Protocol: HTTPS

      3. Named Port: kyvos-https

        image-20240125-125950.pngImage Added

  3. In the Health check section, click the Create a Health Check option.

    1. For Kyvos Manager: Provide a Name, such as kyvosmanagerhealthcheck.

      1. Path: /kyvosmanager/

      2. Protocol: HTTPS

      3. Port: 9443

        image-20240125-130057.pngImage Addedimage-20240125-130152.pngImage Added

    2. For Kyvos: Provide a Name, such as kyvoshealthcheck.

      1. Path: /kyvos/

      2. Protocol: HTTPS

      3. Port: 8443

        image-20240125-130321.pngImage Added

  4. Click the Save button.

  5. Scroll down and expand the Advanced Configurations section, and then select the Client IP option from the Session Affinity list and click Create

    image-20240125-130415.pngImage Added

  6. Provide a Name, such as httpskyvoswebserver.

  7. Enter Host and Path rules. <>

    image-20240125-130720.pngImage Added

  8. Click Create Update.

    image-20240125-130804.pngImage Added

    The load balancer is created with requisite configurations.

...