I was trying to configure the CSS11503 to do backend SSL to the servers. What I noticed was that in order to add new backend server to the ssl-proxy-list, there seems to be a lenthy process to accomplish this task:
1. Deactive the ssl-proxy-list
2. Add the new backend-server entry
3. Deactivate all the services that use the ssl-proxy-list
4. Active the ssl-proxy-list
5. Re-activate all services that have been suspended from step 3.
I assume while performing this process, access to the site via ssl will be not be allowed. If this is the case, how can one provide high availability site?
I hope there is a better way to do this with out disrupting services that I'm not aware of.
Yes, I hate to have to de-activate 20+ servers just to add one server manually. So a script would be a must then. This is just insane how it works...
Eventhough with 2 units, the SSL will not fail-over seamlessly I assume. From onther post (SSL - ASR) Gilles was mentioning that "If the SSL offloader is the SSL module inside the CSS, then ASR does not work."
The unmanaged mode is also known as Network only switching, which is introduced in Brazos release. It adds the flexibility for customer to use only network automation for service appliance.
If a device is configured a...
Usually, we can access ESXi Shell by pressing Alt+F1 from ESXi DCUI (Direct Console User Interface).
But on HyperFlex system, it just shows black window.
This is expected behavior because HyperFlex redirects ESXi Shell output to SoL...
Configuring an Export Policy Using the GUI
This procedure explains how to configure an Export policy using the APIC GUI. Follow these steps to trigger a backup of your data:
On the menu bar, choose Admi...