Hello All, I'm quite new at Openstack and I'm stil trying to figure out how things works or are supposed to work.
This is the scenario. Let's imagine we've spun a new instance on a network which is not intended to reach or to be reached from an external network (absence of NAT support at L3 or for security/design reasons) This istance will be given a cloud-init configuration to upgrade the packages or the O.S. , but due the absence of external connectivity those operations will fail. What I'm wondering is if there's a way to give this instance a limited "out of band" access to an external http proxy, just to allow the instance to do regular maintenance or management stuff, like I said, upgrading packages connect to some management tool (puppet, chef, ansible...). Just like the way metadata-proxy works. I've successfully set up a nginx reverse proxy with listener in the tenant's networks namespace to do the task, but I cannot get rid of the "You're doing it wrong" feeling. :/ I mean I feel like I'm missing something important here, otherwise someone else would have had the same problem, which seems not to be the case, as I cannot find any web resources that raises the same question. Thanks in advance for any suggestion or direction, Andrea _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
