roamato
commented
5 years ago Message sent
Date: Tue, 18 Dec 2018 13:51:15 +0000
To: Anton Khodak <ak27@sanger.ac.uk>,
Vladimir Kiselev <vk6@sanger.ac.uk>
Cc: Krzysztof Kluczynski <kkluczynski@gmail.com>,
Alistair Miles <alimanfoo@googlemail.com>Hey Anton, I’m writing to e-ntroduce you to Krzysztof, our sysadmin who is curating the deployment of a JupyerHub instance for our team. We would like to make the instance public and, based on your experience, the earlier we start the process the better. One issue that you pointed out in the OpenStack meeting is making sure that the VM visible from the outside keeps the same IP, as updating the firewall is unpractical. I spoke with Paul Bevan and he mentioned that you solved the problem by adding a node to your topology that serves as a lightweight proxy (or bastion?) and then managed to assign it a static IP. Would you mind sharing a bit more details? What does the node do and how did you configure the IP to be static? Is it deployed via Terraform like the rest of the k8s cluster? I assume we’ll also have to ask Systems to do/authorise something, but who should we ask and for what specifically? Any help is appreciated.
slejdops
Because they will have to add exceptions to the firewall, it’s crucial that the access node (proxy or bastion) maintain the same IP address. Cellgeni has found a workaround for this and @roamato will put @slejdops in touch with ak27 to get details of their topology and set up.