cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stevenliang <>
Subject Re: [ANNOUNCE] Realhostip Service is Being Retired
Date Fri, 28 Mar 2014 16:32:36 GMT
Hi John,

How configure load balancer to point to console proxy?
You means hardware load balancer or cs software?
Can you also give a link?
Thank you.


On 25/03/14 10:54 AM, John Kinsella wrote:
> (Sorry folks - resend, with links at bottom)
> Realhostip Service is Being Retired
> Recently the Apache CloudStack PMC was informed that the<>
Dynamic DNS service that CloudStack currently uses as part of the console proxy will be disbanded
this summer. The realhostip service will be shut down June 30th, 2014, meaning users have
approximately 3 months to mitigate this.
> Prior to version 4.3, CloudStack used the<>
service by default. With the release of CloudStack version 4.3 the default communication method
with the console proxy is plaintext HTTP.
> Who is Affected
> CloudStack installations prior to version 4.3 that have not been reconfigured to use
a DNS domain other than<> for Console Proxy or
Secondary Storage must make changes to continue functioning past June 30th, 2014.
> Steps You Need to Take
> If you meet the criteria above, there are several options to prepare for realhostip retirement:
> • Set up wildcard SSL certificate and DNS entries: This method is already well supported
within prior versions of CloudStack.
> • Upgrade to CloudStack 4.3 and disable SSL: This is only recommended for development
installations, or private clouds that contain no information of importance.
> • Upgrade to CloudStack 4.3, set up static SSL certificate and configure load balancer
to point to the correct IP address: While this allows an administrator to skip setting up
the DNS entries from the previous option, it is a more advanced option as CloudStack 4.3 does
not support automatic load balancer configuration for the Console Proxy. It is hoped this
functionality will be available in future releases.
> For instructions on how to set up SSL encryption for use with CloudStack console proxy,
please read the console proxy section of the CloudStack administration guide[1].
> Additionally, if you will be using an SSL vendor who requires an intermediate CA chain
to be installed for proper SSL validation by web browsers, detailed instructions for configuring
the intermediate CA chain in CloudStack can be found at [2].
> The Apache CloudStack security team does not recommend running a production cloud with
either the<> SSL certificate, or with no SSL encryption
at all.
> 1:
> 2:

View raw message