d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
c3d4c786fa73f26c0e4aebbcc2e1539f5f21e8aa
smom-dbis-138/docs/archive/status-reports/phase1/NSG_FIX_STATUS.md
defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration 
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.
2025-12-12 14:57:48 -08:00

2.1 KiB
Raw Blame History

NSG Fix Status Report

Configuration Changes

Terraform Configuration Updated

  1. Added subnet_nsg_enabled variable
  2. Added enable_besu_rules variable
  3. Made subnet NSG association conditional
  4. Made Besu rules conditional using dynamic blocks
  5. Updated networking_admin module configuration

Files Modified

  • terraform/modules/networking-vm/main.tf
  • terraform/modules/networking-vm/variables.tf
  • terraform/phases/phase1/phase1-main.tf

Deployment Status

Terraform Plan

  • Status: Needs ssh_public_key variable
  • Action: Run with -var-file=terraform.tfvars or provide variable

Terraform Apply

  • Status: Pending (requires plan to succeed first)
  • Expected Changes:
    • Destroy: module.networking_admin.azurerm_subnet_network_security_group_association.vm
    • Update: NSG rules (remove Besu rules if NSG still exists)

Current State

Subnet NSG

  • Status: ⚠️ Still attached (needs Terraform apply)
  • NSG: az-p-wst-proxy-vm-nsg
  • Rules: Has P2P/RPC/Metrics rules (wrong for Nginx)

NIC NSG

  • Status: Attached
  • NSG: az-p-wst-proxy-nginx-nsg
  • Rules: HTTP (80), HTTPS (443), SSH (22)

Required Actions

1. Complete Terraform Apply

cd terraform/phases/phase1
terraform plan -var-file=terraform.tfvars -out=tfplan
terraform apply tfplan

2. Verify Changes

  • Check subnet NSG is detached
  • Verify NIC NSG has correct rules
  • Test port accessibility

Expected Result After Apply

Subnet NSG

  • Detached from Nginx subnet
  • No longer affects Nginx proxy

NIC NSG

  • Remains attached
  • Has correct rules (HTTP/HTTPS/SSH)
  • No Besu-specific rules

Notes

  • The Terraform configuration is correct and ready
  • The apply needs to be completed to remove the subnet NSG association
  • Once applied, the subnet NSG will be detached and only NIC NSG will apply

Status: Configuration Complete, Apply Pending

The Terraform configuration has been updated correctly. The changes need to be applied via terraform apply to remove the subnet NSG association.

Reference in New Issue View Git Blame Copy Permalink