Bridging private network and "normal" network in Help

Im trying to set up a Kubernetes cluster using 3 different machines on the same location (newbie here).
I managed to get it working using a private network for inter-node communication as it is unmetered. The only problem I have is that the cluster doesn't have internet access and can't download any containers from internet registries.

I tried configuring a NAT rule with ufw and iptables but it didn't work. I used this guide https://help.ubuntu.com/lts/serverguide/firewall.html

Can I do this on Vultr?

I could just confugre a vpn to secure the cluster communication, but It's not clear to me if that traffic would count towards the limit per machine.

Comments

  • edited November 2017
    I'm not too sure what you mean. Are you saying that you have 3 VPS connected together. Each has an external internet address, but you can't seem to get it to work?

    Assuming this is so, you have a cluster of 3, and 3 internet IP addresses. Where do you want to assign them?

    For what it's worth, it's doable. I don't run linux but have 2 VPS linked together via private network, and as the slave server doesn't need an internet IP, I've bridged it so that all connections to/from that its public IP are routed over the private lan to the main machine - effectively giving the main machine an extra IP address.

    As for the second query, if you assign another vpn to 'front-end' your cluster, the traffic would be billed against this vpn, and no traffic would be billed against the cluster machines (assuming they are all connected to the front-end via private networking)

    In this case, your allocated traffic for the 3 private clustered machines is wasted. There's no way to pool the allocations, allocating them all to the front-end.
  • Hi Jamie.

    What I mean is I have 3 public IPs and 3 private IPs. My services run in the private network because they need to talk with each other, but also need to access the internet to download the docker containers.

    The problem is I couldn't make the private network get internet access, effectively making the setup useless.

    Does it make any sense?
  • @alvinbaena

    I think so.. So you simply want all three to have individual nternet access as normal in addition to their own private network between themselves?
Sign In or Register to comment.

Registration Required

A VULTR.com account is required to use the forum. Click here to sign in.

Quick Links