GitHub user rajujith added a comment to the discussion: VMware Instances not able to reach to management server
> @rajujith , Why do we want VMs be able to reach the MS? they could go through > the north net if needed. It does not seem like a good idea to route them > directly. I understand that it would be convenient for CKS nodes, but it does > not seem like a good idea to me. cc @weizhouapache @vishesh92 @DaanHoogland, consider the management server URL public/intranet. It is expected that all intended users, including guest instances, should be able to access it from their client devices. In this specific case, the client is CKS. If there is a use case to allow access only from the CKS nodes but not regular guest instances even that could be implemented. The traffic traversal is CKS node -> VR guest interface -> VR public interface -> other hopes in the path -> management server public interface directly or via LB. Since the guest instance traffic is not traversing the management networks I believe it is a regular traffic that can be allowed. GitHub link: https://github.com/apache/cloudstack/discussions/10258#discussioncomment-11930691 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
