[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

OpenShift deployment behind NAT firewall



Hi,

 

I have a problem installing OpenShift Origin Milestone 4 on a server behind a firewall that does some ip NATing.

The scenario is this:

I have a broker and a node inside a virtual network at a hosting provider, both have internal IP addresses and can reach each other.

Both servers have a public IP provided by the hoster.

The servers can reach each other via the public IP.

What is prevented by the hosting provider firewall due to security reasons, is that a machine can reach itself via its public ip.

I installed OpenShift and set PUBLIC_IP in node.conf to the real public IP of the node and this IP also matches to the DNS entry for the node, so the node can be reached from the outside.

The problem is that the Gears cannot reach each other via the public ip configured. I have a scaled App with a webserver and a database gear both on the same node (I have only one node). The webserver gear tries to reach the db via it GEAR_DNS entry which points to the node dns entry and the public ip. Due to the mentioned firewall restriction, the webserver cannot reach its DB via this IP. I also have a second application gear that should send to REST Request to my webserver Gear, which does not work either.  

I already tried to change network settings, hosts file entries etc. to map internal requests to the internal IP of the node, but without success.

My question is now, if anyone has experience in configuring OpenShift to use an internal IP address for internal node communication, but an external IP for accessing the apps from the outside?

Any ideas are welcome.

Thank You

Alexander


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]