Hi. Currently, if I enable the private network in a node template using this node driver, the requirement is that both Rancher and all the clusters created with it using the node driver must be in the same Hetzner Cloud project because they need to share the same private network. My understanding is that this happens because with the private network enabled Rancher also connects to the nodes it creates using private IPs. Unfortunately, this is very limiting because it does not allow using the nice separation of clusters into projects.
I tested Rancher's built-in node driver for DigitalOcean and it does not have this issue. The private network is enabled and used for the communication between the nodes, but it seems that Rancher itself connects to the nodes using the public IPs, and the nodes connect to Rancher also using the public IP.
Would it be possible to change something in this node driver to fix this issue? Ideally, when enabling the private network in the node template Rancher should connect to the nodes using the public IPs. This way we could have Rancher and each cluster in their own project, which would be awesome.
Hi. Currently, if I enable the private network in a node template using this node driver, the requirement is that both Rancher and all the clusters created with it using the node driver must be in the same Hetzner Cloud project because they need to share the same private network. My understanding is that this happens because with the private network enabled Rancher also connects to the nodes it creates using private IPs. Unfortunately, this is very limiting because it does not allow using the nice separation of clusters into projects.
I tested Rancher's built-in node driver for DigitalOcean and it does not have this issue. The private network is enabled and used for the communication between the nodes, but it seems that Rancher itself connects to the nodes using the public IPs, and the nodes connect to Rancher also using the public IP.
Would it be possible to change something in this node driver to fix this issue? Ideally, when enabling the private network in the node template Rancher should connect to the nodes using the public IPs. This way we could have Rancher and each cluster in their own project, which would be awesome.
Thanks!
@mxschmitt @LKaemmerling