[Container-tools] 10.1.2.2

Brian (bex) Exelbierd bex at pobox.com
Thu Feb 25 09:09:27 UTC 2016 

A fix for the hardcoded IP address will be in the next builds of the ADB 
and CDK.  You should be able to just change the IP in the Vagrantfile 
and everything else will react appropriately.

On 02/25/2016 05:28 AM, Rob Terzi wrote:
> For the vagrant box to be be accessible from the network, the
> Vagrantfile needs to specify public_network:
> - https://www.vagrantup.com/docs/networking/public_network.html
>
> Note: this will most likely mean DHCP, so that leads to the
> questions/tests that need to be done regarding the certificates and
> dynamic IP addresses.

Certs should already generate properly based on the IP of the box. 
Certs will not generate properly if the box is behind a NAT or other IP 
translation (such on AWS) where the box IP is not the same as the public IP.

> Also once the vagrant box is accessible on the network, the security
> needs to be tightened, changed the default passwords for vagrant & root,
> admin consoles, etc.
>
> Probably not a supported use case, but I can see people asking for it.

Production and Public IP use are not currently in scope, however fixes 
for security would be considered.  The box, other than password defaults 
should actually be pretty secure, but issues pointing out specific 
issues are welcome.

regards,

bex

>
> --Rob
>
>
> On 2/24/2016 8:00 PM, Burr Sutter wrote:
>> Thank you for this excellent explanation, it was what I was assuming
>> but someone asked me a question today during a presentation and it
>> made me wonder.
>>
>> Sounds like the 2 CDKs on 2 laptops, same corporate network will not
>> be a problem.
>>
>> The questioner was also wondering…what if I want a CDK on a laptop to
>> be shared with my co-workers, where they could hit my URLs and see the
>> apps I have running?
>>
>> Obviously, I have not thought about networking in many years :-)
>>
>>
>> On February 24, 2016 at 7:19:40 PM, Rob Terzi (rct at katavoltmedia.com
>> <mailto:rct at katavoltmedia.com>) wrote:
>>
>>> A downside of the fixed IP choice in the Vagrantfile is you can't
>>> have two boxes running simultaneously on the same machine.
>>>
>>> A few more details to what Scott said.
>>>
>>> The hypervisor (VirtualBox, etc.) on the host is doing NAT (network
>>> address translation) to create a private network on the host system.
>>>
>>> If you create a VM yourself under VirtualBox, that's the same as the
>>> NAT choice. The private network can't be reached from other systems,
>>> they won't know how to route to it, and the host system won't accept
>>> packets with that address because it doesn't have any physical
>>> adapters on that network.
>>>
>>> Note: You could run into problems if the (physical) network that the
>>> host system is on is using the same subnet (don't remember what the
>>> netmask is), so 10.1.2.x. This should be documented some place for
>>> troubleshooting.
>>>
>>> Note: Non-routable doesn't mean it can't be used and routed to as an
>>> internal network. It just means Internet routers/gateways shouldn't
>>> be routing any of the private reserved networks like 10.x.x.x,
>>> 192.168.x.x, 172.16-172.31.
>>>
>>> --Rob
>>>
>>>
>>>
>>> On 2/24/2016 6:33 PM, Scott McCarty wrote:
>>> > The 10.x.x.x is a private, non-routable ip, so you can have as many
>>> laptops with a CDK on it, as you want. The chlle ge is when you want
>>> two+ CDKs on the same laptop....
>>> >
>>> >
>>> >
>>> > Sent from my Verizon Wireless 4G LTE smartphone
>>> >
>>> > Scott McCarty, RHCA
>>> > Technical Product Marketing: Containers
>>> > Email: smccarty at redhat.com <mailto:smccarty at redhat.com>
>>> > Phone: 312-660-3535 <tel:312-660-3535>
>>> > Cell: 330-807-1043 <tel:330-807-1043>
>>> > Web: http://crunchtools.com
>>> >
>>> > Containerizing? Why does the user space matter? http://red.ht/1Kl0mpx
>>> >
>>> >
>>> > -------- Original message --------
>>> > From: Burr Sutter <bsutter at redhat.com>
>>> > Date: 2/24/2016 6:27 PM (GMT-05:00)
>>> > To: container-tools at redhat.com
>>> > Subject: [Container-tools] 10.1.2.2
>>> >
>>> >
>>> > Within the CDK, we have hardcoded it to 10.1.2.2 in the
>>> Vagrantfile, what if I boot up 2 CDKs on 2 laptops on the same
>>> corporate network?
>>> >
>>> > I assume there will be a conflict.
>>> >
>>> > Eventually, we will need to allow the end-user to tweak the IP
>>> address.
>>> >
>>> > Burr
>>> >
>>> >
>>> >
>>> > _______________________________________________
>>> > Container-tools mailing list
>>> > Container-tools at redhat.com
>>> > https://www.redhat.com/mailman/listinfo/container-tools
>>> >
>>>
>>> _______________________________________________
>>> Container-tools mailing list
>>> Container-tools at redhat.com
>>> https://www.redhat.com/mailman/listinfo/container-tools
>
>
>
> _______________________________________________
> Container-tools mailing list
> Container-tools at redhat.com
> https://www.redhat.com/mailman/listinfo/container-tools
>

More information about the Container-tools mailing list