The steps given below describe how to use SSH port forwarding through a bastion host located in a public subnet to allow client access to the GUI server running on a host located in a private subnet in a cloud environment.
Prerequisites
- LifeKeeper has been installed on a set of cluster nodes located in a private network in a cloud environment (i.e., the nodes do not have public IP addresses and are not accessible directly from the internet).
- A bastion host server exists in a public subnet and can access the private subnet(s) containing the LifeKeeper cluster nodes.
- The client PC can establish an SSH connection to the bastion host. Optionally, this connection may be established by using a private SSH key which is stored on the client PC.
- The bastion host can establish SSH connections to all LifeKeeper cluster nodes in the private subnet(s).
Steps
- To enable SSH port forwarding, run the following command from the client PC terminal:
ssh [-i <SSH Private Key Path>] -L 8085:<GUI Server Host IP Address or Hostname>:5110 -o ServerAliveInterval=60 <Bastion Host SSH Username>@<Bastion Host IP Address or Hostname>
This command forwards traffic on TCP port 8085 of the client PC to TCP port 5110 on the LifeKeeper node running the GUI server.
- Connect to the GUI by entering the following address in the address bar of a web browser on the client PC:
https://localhost:8085/lkgui/#
Post your comment on this topic.