Private networks
resource "hcloud_network" "pNet" {
name = "Private network"
ip_range = "10.0.0.0/8"
}
resource "hcloud_network_subnet" "pSubnet" {
network_id = hcloud_network.pNet.id
type = "cloud"
network_zone = "eu-central"
ip_range = "10.0.1.0/24"
}
resource "hcloud_network_route" "gateway"{
network_id = hcloud_network.pNet.id
destination = "0.0.0.0/0"
gateway = "10.0.1.20"
}
resource "hcloud_server" "web" {
....
network {
network_id = hcloud_network.pNet.id
ip = "10.0.1.20"
}
}
resource "hcloud_server" "web" {
....
public_net {
ipv4_enabled = false
ipv6_enabled = false
}
network {
network_id = hcloud_network.pNet.id
ip = "10.0.1.20"
}
}
No. 11
Creating a subnet
Q: |
Follow Figure 1017, “Private subnet overview ” creating two hosts being connected by a private subnet:
TipVariables of
|
-
Host “intern” does not have Internet access.
-
Consequences:
-
No package updates.
-
No package installs
-
...
-
-
-
Allow IP forwarding on gateway host
-
Configure NAT enabling gateway host as router
-
-
Use an application level gateway:
-
Problem: apt-cacher-ng installation requires time for service to become available.
-
Consequence: Package installs on host “intern” must be deferred.
-
Problem: No standard Terraform “service ready” dependency management hook.
#!/bin/bash
echo "Waiting for apt-cacher-ng to launch on port 3142 ..."
while ! nc -z ${frontendPrivatenetIp} 3142;
do
sleep 8 # wait for 8 second before polling again
echo apt-cacher-ng not yet ready ...
done
echo "apt-cacher-ng service ready"
|
|
No. 12
Adding an application level gateway
Q: |
This exercise is a follow-up to Creating a subnet . We add
an application level gateway providing HTTP
access to hosts residing in the private subnet
e.g. host
|