[NTLUG:Discuss] Web-server Farm - Networking Question

David Stanaway david at stanaway.net
Tue Jan 1 19:01:36 CST 2008 

You could use squid or apache on the host system - we requests can be 
redirected to a host only private IP for the VM through a local 
directory based hosts file for instance (ldap or db backed host section 
in nsswitch).

SSH does not have an equivalent for the host header however. You would 
either need to set up a unique port and set up a nat tunnel through to 
each ssh service on the host system.

Alternately - you could set a chroot jailed shell that give the customer 
access to their VM.

EG: with bytemark.co.uk they give you SSH access to the host system for 
your VM with the shell set to a modified version of screen where you can 
access the console of your uml vm and send resets and set up your 
watchdog alerts - but no other shell utils or filesystem access on the host.

The above EG probably wont work for you as your customers are going to 
want FTP or SFTP access to their VM as well as console access so that 
they can update websites and other files to their VM.

The way bytemark for EG set up their VM systems is on their host systems 
they run BGP to handle internal to their DC routing of your virtual 
machines IP to your VM through the host system (They don't use bridged 
type interfaces - you can't sniff other machines traffic if your put 
your device in promisc mode).

Do you really need to conserve IPs at your datacenter? If you are an ISP 
it would be pretty easy to justify some IP blocks for all of your 
services and customer sites.


David Simmons wrote:
> 
> I know what I'm hoping to do....I need help in understanding which
> technology/buzz-word to research and RTFineM on.
> 
> Situation:
> 
> Physical CentOS server with a single, static IP address....with
> multiple virtual machines - each VM (also linux / CentOS based) set up for
> web-hosting (LAMP with ssh/ftp access).  Say VM1 hosts
> www.somesite.com.....say VM2 hosts www.anothersite.com.....and say VM3
> hosts www.finalsite.com
> 
> I'd like to setup DNS to point to the
> single 'real-world' address - but have the individual VM respond to the
> request.
> 
> What technology do I use so that all of the virtual
> machines are seen on the 'real' static IP address to the world?.....so
> that people on the internet can SSH into their own box (which is just a VM
> on the host).
> 
> I've been researching Multi-homing.....and Linux
> Virtual Server.....but some of the howto's/docs are ancient.
> 
> Any book / site / howto suggestions?
> 
> Thanks in advance - Dave
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list