shaba/one - one - Gitea: Git with a cup of tea

shaba/one

Fork 0

mirror of https://github.com/OpenNebula/one.git synced 2025-01-03 01:17:41 +03:00

Commit Graph

Author	SHA1	Message	Date
Michal Opala	b1ef4332e5	F OpenNebula/one#6641: Add the "string-phone" transparent proxy (#3221 ) This feature let's cloud admin to proxy VM connections to any service through the hypervisor. VMs uses a link local IP that is forwarded to a local proxy. This simplifies VM network requirements, e.g. to access gateway, vaults, configuration services etc... Implementation: - Use network namespaces to isolate VNET networking. ip netns command is executed through a wrapper to limit sudo access to commands. - Add tproxy.rb app to manage a group of daemons on HV nodes. - Use unix sockets for communication between proxy peers. "Inner" proxy runs in the netns without any network access. "Outer" proxy handles HV connections to services. - Use OpenNebulaNetwork.conf + 'onehost sync -f' for configuration. Proxy can be defined per network.	2024-09-26 18:19:48 +02:00
Christian González	0ceef20753	F #5260 : Add LVM permission to lxc nodes (#1218 )	2021-05-13 16:56:42 +02:00
Ruben S. Montero	6cadde8eef	F #5228 : LXC driver set co-authored-by: Christian González <cgonzalez@opennebula.io> co-authored-by: Daniel Clavijo Coca <dclavijo@opennebula.systems>	2021-03-04 21:07:50 +01:00

Author

SHA1

Message

Date

Michal Opala

b1ef4332e5

F OpenNebula/one#6641: Add the "string-phone" transparent proxy (#3221 )

This feature let's cloud admin to proxy VM connections to any service through the hypervisor. VMs uses a link local IP that is forwarded to a local proxy. This simplifies VM network requirements, e.g. to access gateway, vaults, configuration services etc...

Implementation:
- Use network namespaces to isolate VNET networking. ip netns command is executed through a wrapper to limit sudo access to commands.
- Add tproxy.rb app to manage a group of daemons on HV nodes.
- Use unix sockets for communication between proxy peers. "Inner" proxy runs in the netns without any network access. "Outer" proxy handles HV connections to services.
- Use OpenNebulaNetwork.conf + 'onehost sync -f' for configuration. Proxy can be defined per network.

2024-09-26 18:19:48 +02:00

Christian González

0ceef20753

F #5260 : Add LVM permission to lxc nodes (#1218 )

2021-05-13 16:56:42 +02:00

Ruben S. Montero

6cadde8eef

F #5228 : LXC driver set

co-authored-by: Christian González <cgonzalez@opennebula.io>
co-authored-by: Daniel Clavijo Coca <dclavijo@opennebula.systems>

2021-03-04 21:07:50 +01:00

3 Commits