hello
few ideas first. vagrant is for development work, and development work only should be the focus. way vagrant have been develop, for non-development work, are other tools more suitable for the task, say terraform or any other tool that the goal is provision infrastructure to be run and share services from there. back to vagrant. To cover the use case to share/show dev work with outside world, vagrant have a command, vagrant share https://www.vagrantup.com/docs/share/ however this is not to keep it running for ever, i would say use terraform and create a VM similar to what will be in production, just call that infrastructure test, or qa, etc if you remove vagrant from the pic, and you create a VM, and give the ip 192.184.16.242 the sequence of steps that need to happen, are exactly the same you need to do for vagrant. is probably nothing to be done in vagrant, other than: - set an ip (this can be done by vagrant) - set a gateway (best have an script) - adjust gw/network orders, so traffic goes over the network you want to go (otherwise will go over nat) up to this point, 3 of 4 are non vagrant task, and are more suitable to be ask to the internal network/firewall people of the company. Once this is done, and the vm (managed by vagrant or no) is configred in the network, i would be very careful to start doing changes to make this VM exposed to the internet - check with network and firewall ppl if this is a good idea or not - check with network and firewall ppl if they use port forward, or load balancers - check with network and firewall ppl if they are comfortable having this VM managed by Vagrant inside the datacenter also, there is the security aspect - how do you know this VM is safe? - how do you know if new VM exposed to internet wont be hacked? is up to date? - what will happen if this VM gets hacked? from this VM can they jump to <internet name of senstive system> and a long etc as you can see, most of the question are non vagrant topics you may use vagrant, but is better do this top to bottom. - what service you need to share - whats the purpose of this new service - whats the best tool to accomplish this - whats the life cycle of this service - who is responsible of this service - who should be contacted if anything goes wrong with this service - how we will know the service goes wrong? (monitoring/logging) - how we will know our service has been compromised? - whats the break glass procedure here? - and finally, how we will know, we need to do break/glass procedure, say 2am on a weekend Those are my personal impressions, based on my past experience. Thanks Alvaro. On Sat, May 11, 2019 at 9:24 AM dijkstra <[email protected]> wrote: > Me and my colleague have been working on this for hours trying to see if > its possible but we're giving up hope as we've tried everything on google. > > I have a server running vagrant inside my data center with the following > IP's > > > ~# cat /etc/netplan/50-cloud-init.yaml > > # This file is generated from information provided by > > # the datasource. Changes to it will not persist across an instance. > > # To disable cloud-init's network configuration capabilities, write a file > > # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: > > # network: {config: disabled} > > network: > > ethernets: > > enp1s0f0: > > addresses: [192.184.16.92/24,192.184.16.242/32] > > gateway4: 192.184.14.1 > > nameservers: > > addresses: > > - 1.1.1.1 > > > Here is my VM config: > > > # cat Vagrantfile > > # -*- mode: ruby -*- > > # vi: set ft=ruby : > > > Vagrant.configure("2") do |config| > > > # /*===================================== > > # = FREE VERSION! = > > # =====================================*/ > > # This is the free (still awesome) version of Scotch Box. > > # Please go Pro to support the project and get more features. > > # Check out https://box.scotch.io to learn more. Thanks > > > config.vm.box = "scotch/box" > > config.vm.network "public_network", ip: "192.184.16.242" > > config.vm.hostname = "scotchbox" > > config.vm.synced_folder ".", "/var/www", :mount_options => > ["dmode=777", "fmode=666"] > > > # Optional NFS. Make sure to remove other synced_folder line too > > #config.vm.synced_folder ".", "/var/www", :nfs => { :mount_options => > ["dmode=777","fmode=666"] } > > > end > > #################### > > > > How in the world do I SSH to the 192.184.16.242 scotch box from the public > internet? > > > Is it even possible? > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/vagrant/issues > IRC: #vagrant on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Vagrant" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/vagrant-up/5eb85d1e-9df6-49d4-8853-f478a3f961f4%40googlegroups.com > <https://groups.google.com/d/msgid/vagrant-up/5eb85d1e-9df6-49d4-8853-f478a3f961f4%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Alvaro -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/vagrant/issues IRC: #vagrant on Freenode --- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/CAHqq0eyZ3nGKKvrq3CicCfw7LP2kkosdeB2ODvv9_dFpZ7T2Dw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
