Upwards of 50% of Volt Active Data customers deploy in public and private clouds, so we get queries regularly on how to set up interfaces for cloud instances. One question that’s come up a few times is, ‘How do I configure Volt Active Data to be secure but still allow me to monitor through the web interface from my office?’
Volt Active Data allows this by letting you bind particular functions to network interfaces. In most deployments, most of the client traffic is also from within the cloud.
Volt Active Data users can set both an external interface and a public interface in their Volt Active Data network configuration. The difference between these, however, is confusing to some; external usually means public. In Volt Active Data, the public interface is useful for cloud systems where the address used from outside the cloud is not actually an interface that is visible within the instances. For example, with AWS, you get a public interface that you can’t bind to from the host. That is where you set a public interface.
This is helpful for a VMC which has a selector for switching between hosts in a cluster. Without it, the VMC will not know how to attach to the other servers.
To further illustrate, consider this system.
All addresses are internal to the cloud. The internal interfaces and their external counterparts are set to 10.0.1.x addresses and nothing is translated. If you ran ifconfig on the cluster nodes, they would not list 54.154.29.xxx, so you couldn’t bind to this if you wanted to, which is a problem.
Desktops outside the cloud address things through their 54.154.29.xxx address. The NAT handles routing and connects you to the requested node. If publicinterface was not set, this process would work fine. However, there is a slight issue, due to the way VMC gathers information about all the nodes from @Systeminformation OVERVIEW and makes a list of the other nodes.
If the public interface is not set, then a query from the VMC uses the external interface and gives 10.0.1.1:8080, which is not accessible outside the cloud. However, when the public interface is set, then the VMC gives 54.154.29.11:8080, which works.
To summarize:
- Do not make your Volt Active Data internal mesh go through VMC.
- If any application needs to find out how to connect to other nodes, set publicinterface.
- You can put your applications anywhere you want – inside with no NAT, or outside and going through the NAT. Volt Active Data doesn’t care about that system design choice.