[Openstack] How to reach your instances without public ip, without floating ip
Martinx - ジェームズ
thiagocmartinsc at gmail.com
Mon Sep 1 19:45:11 UTC 2014
Hi!
Why not disable NAT at the L3 router? And then, just create a tenant's
subnet with a public IPv4 addrs?
Or, just use IPv6... =P
On 1 September 2014 14:41, Don Waterloo <don.waterloo at gmail.com> wrote:
> I've written and here contribute for your hacking pleasure a couple of
> things I've found useful.
>
> The first is an ability to ssh to an arbitrary instance inside an
> OpenStack cloud, without having any public IP.
> https://github.com/donbowman/ssh-jump
>
> The second is an ability to vpn to an arbitrary instance instance inside
> an OpenStack cloud, also without public IP.
> https://github.com/donbowman/sstp-proxy
>
> These work properly with namespaces and with multiple compute/network
> nodes. For the 'ssh jump', I created a 'jump' user (which doesn't allow
> interactive login) on the l3 router node. This allows users to simply 'ssh
> me at myhost+cloud', and the +cloud does all the magic.
>
> For the 'sstp proxy', I parse the SSTP url to extract the
> tenant/user/host, and then proxy an SSTP session in to that host. I used
> softether on the host.
>
> I find the former (ssh) very useful for e.g. scp, port-forward, generally
> accessing my instances. The 2nd is nice because it allows an external host
> to become 'inside' your Heat stack.
>
> Enjoy and fork @ will.
>
> --don
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140901/210157dc/attachment.html>
More information about the Openstack
mailing list