Hello, I have 2 baremetal ovh dedicated server with 2 public ip address, with NAS nfs storage for VM and backups.
I have 2 vm with apache2, corosync, pacemaker and virtual ip for apache active-passive cluster; at the moment apache work as reverse proxy. The rest of vm have a webapp listen on local port.
Here my /etc/network/interfaces of node1 and node 2
NODE1:
auto lo
iface lo inet loopback
iface ens22f0np0 inet manual
iface ens22f1np1 inet manual
iface ens33f0np0 inet manual
iface ens33f1np1 inet manual
iface enx8ae58b8320c3 inet manual
auto vmbr0
iface vmbr0 inet static
address 162.x.x.x/32
gateway x.x.x.x
bridge-ports ens22f0np0
bridge-stp off
bridge-fd 0
hwaddress A0:88:C2:48:EB:6E
iface vmbr0 inet6 static
address 2001:41d0:244:e700::/56
gateway fe80::1
auto vmbr1
iface vmbr1 inet static
address 192.168.0.254/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
source /etc/network/interfaces.d/*
-----------------------------------------------------------------------
NODE 2:
auto lo
iface lo inet loopback
iface ens22f0np0 inet manual
iface ens22f1np1 inet manual
iface ens33f0np0 inet manual
iface ens33f1np1 inet manual
iface enx8ae58b8320c3 inet manual
auto vmbr0
iface vmbr0 inet static
address 162.x.x.x/32
gateway x.x.x.x
bridge-ports ens22f0np0
bridge-stp off
bridge-fd 0
hwaddress A0:88:C2:51:9F:6A
iface vmbr0 inet6 static
address 2001:41d0:247:6100::/56
gateway fe80::1
auto vmbr1
iface vmbr1 inet static
address 192.168.0.254/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
source /etc/network/interfaces.d/*
--------------------------------------------------------------------------------
my domains point to public ip to apache reverse proxy virtual ip 192.168.0.253 : app1.domains.com --->ProxmoxPublicIP ---> 192.168.0.253 ---> ReverseProxy+SSL ---> ip webapp on VM
Everything works fine up to here, but I would like to create a vlan or something similar for VM communication between nodes, pariculary for apache cluster to guarantee a failover mechanism.
I've tried to configure sdn with vxlan but without success.
I need a comunication beetween all VM in all 2 nodes and I need an outbound Internet comunication on each VM as well.
Can someone help me? I've been working on it for almost a month without success! I am going crazy!
Thanks
I have 2 vm with apache2, corosync, pacemaker and virtual ip for apache active-passive cluster; at the moment apache work as reverse proxy. The rest of vm have a webapp listen on local port.
Here my /etc/network/interfaces of node1 and node 2
NODE1:
auto lo
iface lo inet loopback
iface ens22f0np0 inet manual
iface ens22f1np1 inet manual
iface ens33f0np0 inet manual
iface ens33f1np1 inet manual
iface enx8ae58b8320c3 inet manual
auto vmbr0
iface vmbr0 inet static
address 162.x.x.x/32
gateway x.x.x.x
bridge-ports ens22f0np0
bridge-stp off
bridge-fd 0
hwaddress A0:88:C2:48:EB:6E
iface vmbr0 inet6 static
address 2001:41d0:244:e700::/56
gateway fe80::1
auto vmbr1
iface vmbr1 inet static
address 192.168.0.254/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
source /etc/network/interfaces.d/*
-----------------------------------------------------------------------
NODE 2:
auto lo
iface lo inet loopback
iface ens22f0np0 inet manual
iface ens22f1np1 inet manual
iface ens33f0np0 inet manual
iface ens33f1np1 inet manual
iface enx8ae58b8320c3 inet manual
auto vmbr0
iface vmbr0 inet static
address 162.x.x.x/32
gateway x.x.x.x
bridge-ports ens22f0np0
bridge-stp off
bridge-fd 0
hwaddress A0:88:C2:51:9F:6A
iface vmbr0 inet6 static
address 2001:41d0:247:6100::/56
gateway fe80::1
auto vmbr1
iface vmbr1 inet static
address 192.168.0.254/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.0.253:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 192.168.0.253:443
source /etc/network/interfaces.d/*
--------------------------------------------------------------------------------
my domains point to public ip to apache reverse proxy virtual ip 192.168.0.253 : app1.domains.com --->ProxmoxPublicIP ---> 192.168.0.253 ---> ReverseProxy+SSL ---> ip webapp on VM
Everything works fine up to here, but I would like to create a vlan or something similar for VM communication between nodes, pariculary for apache cluster to guarantee a failover mechanism.
I've tried to configure sdn with vxlan but without success.
I need a comunication beetween all VM in all 2 nodes and I need an outbound Internet comunication on each VM as well.
Can someone help me? I've been working on it for almost a month without success! I am going crazy!
Thanks