[Openstack] How to reach your instances without public ip, without floating ip
Don Waterloo
don.waterloo at gmail.com
Mon Sep 1 17:41:26 UTC 2014
I've written and here contribute for your hacking pleasure a couple of
things I've found useful.
The first is an ability to ssh to an arbitrary instance inside an OpenStack
cloud, without having any public IP. https://github.com/donbowman/ssh-jump
The second is an ability to vpn to an arbitrary instance instance inside an
OpenStack cloud, also without public IP.
https://github.com/donbowman/sstp-proxy
These work properly with namespaces and with multiple compute/network
nodes. For the 'ssh jump', I created a 'jump' user (which doesn't allow
interactive login) on the l3 router node. This allows users to simply 'ssh
me at myhost+cloud', and the +cloud does all the magic.
For the 'sstp proxy', I parse the SSTP url to extract the tenant/user/host,
and then proxy an SSTP session in to that host. I used softether on the
host.
I find the former (ssh) very useful for e.g. scp, port-forward, generally
accessing my instances. The 2nd is nice because it allows an external host
to become 'inside' your Heat stack.
Enjoy and fork @ will.
--don
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140901/1b35dee3/attachment.html>
More information about the Openstack
mailing list