Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Allow GCE VMs to be reached by private IP address if specified #1124
I plan on setting up such an infrastructure shortly and I'll share the details here.
Currently I just tested for the expected failure (can provision, but not reach GCE vm at private IP address when running nixops from my laptop).
My proposed setup for testing for success is to build a VPN endpoint in GCE, connect it to a VPN endpoint on-prem (I spoofed a small on-prem in Azure for the time being), and then provision a GCE vm with no public IP address- if all goes well, connection to the GCE vm should succeed using a private IP from an "on-prem" network VPN'd to GCE
Okay- I changed around the git history for clarity's sake.
Had to correct known_hosts accommodations in a number of places and get the correct order of operations in the many 'if' statements under GCEState::create_node(), but I think this works.
My test infrastructure (built out by-hand, prior to testing if private-IP-space works):
From here, you can specify options as you see fit and get expected behavior
One cautionary note:
Thank you for this PR.
In the past several months, some major changes have taken place in
This is all accumulating in to what I hope will be a NixOps 2.0
My hope is that by adding types and more thorough automated testing,
However, because of the major changes, it has become likely that this
If you would like to see this merge, please bring it up to date with
Thank you again for the work you've done here, I am sorry to be