[Openstack] Reverse proxy component
Jose Manuel Ferrer Mosteiro
jmferrer.paradigmatecnologico at gmail.com
Wed Oct 19 09:59:57 UTC 2016
You are right. This is the schema:
+--------------------------------------+
|
|
| OPENSTACK
|
+----------+ +---------------+ |
|
| | | | | +-------------+
|
| internet +----->+ reverse_proxy +------------>| floating_ip |
|
| | | | | +---+---------+
|
+----------+ +---------------+ | |
|
| |
|
| v
|
| +-------+
|
| |lb_vip |
|
| +----+--+
|
| |
|
| |
|
| v
|
| +--------+
|
| |servers |
|
| | |-+
|
| +--------+ |
|
| | |
|
| +--------+
|
+--------------------------------------+
A lot of enterprises use only a ip address to expose al the websites so
they use a reverse proxy as "router" using "virtualhosts".
lbaas works inside openstack very well. I want more or less the same
outside openstack.
With Designate and Heat I can create a register with the floating ip of
the balanced service vip:
webpage_record:
type: OS::Designate::Record
properties:
name: webpage.example.com.
type: A
domain: example.com.
data: { get_attr: [webpage_lb_vip_floating_ip,
floating_ip_address] }
I want to add a route in the reverse_proxy so I want something like:
webpage_reverse_proxy:
type: OS::ReverseProxy::VirtualHost
properties:
external_name: webpage.example.com.
internal_name: webpage.example.com.
external_protocol: HTTPS
internal_protocol: HTTP
Is there any way to do this?
Thank you,
Jose Manuel
El 2016-10-19 10:50, Federico M. Facca escribió:
> Let me add a bit,
> By default lbaas manage ha proxy instances in your openstack, but it's
> just a matter of creating a proper driver if not existing, to manage a
> physical lb or an external service providing that. But an external
> service to your network will need anyhow a public ip on your VMs. So it
> will be hard to not have external visibility and use, for example
> amazon lb.
>
> Federico
>
> Fede's mobile edition
>
> DR. FEDERICO MICHELE FACCA
> _Head of Martel Lab_
>
> MARTEL INNOVATE
> Dorfstrasse 73 - 3073 Gümligen [1] (Switzerland)
> 0041 78 807 58 38 [2]
> 0041 31 994 25 25 [3]
> martel-innovate.com [4]
>
> Il giorno 19 ott 2016, alle ore 10:40, Jose Manuel Ferrer Mosteiro
> <jmferrer.paradigmatecnologico at gmail.com> ha scritto:
>
> Hi,
>
> Yes, I can, but I want something with an api, integrated with keystone,
> ... an openstack component.
>
> Designate manages external DNS servers. I mean the same for managing
> external reverse proxy servers.
>
> Jose Manuel
>
> El 2016-10-19 08:21, Federico M. Facca escribió:
> Hi,
> You can use a load balancer for that, no?
>
> Federico
>
> Fede's mobile edition
>
> DR. FEDERICO MICHELE FACCA
> _Head of Martel Lab_
>
> MARTEL INNOVATE
> Dorfstrasse 73 - 3073 Gümligen [1] (Switzerland)
> 0041 78 807 58 38 [2]
> 0041 31 994 25 25 [3]
> martel-innovate.com [4]
>
> Il giorno 19 ott 2016, alle ore 07:49, Jose Manuel Ferrer Mosteiro
> <jmferrer.paradigmatecnologico at gmail.com> ha scritto:
>
> Hi
>
> I wonder if there is some kind of reverse proxy module for OpenStack.
>
> In some cases the OpenStack deployment is in an internal network
> without external visibility. When I want to expose a server to outside
> I use a nginx or an apache with this configuration:
>
> +++
>
> ProxyPass / http://webpage/ [5]
> ProxyPassReverse / http://webpage/ [5]
>
> +++
>
> It is more or less the same functionality that we would make with a F5,
> ceryx or the OpenShift router.
>
> Is there any "reverse proxy" component for OpenStack?
>
> I cannot find it.
>
> Thank you,
>
> Jose Manuel
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [6]
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [6]
Links:
------
[1] x-apple-data-detectors://1/0
[2] tel:0041%2078%20807%2058%2038
[3] tel:0041%2031%20994%2025%2025
[4] http://martel-innovate.com/
[5] http://webpage/
[6] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
More information about the Openstack
mailing list