So following on from my last post, the new SDN cluster is now coming into service based on a new Hetzner based Cloud Edge. i.e. the Hetzner server is running as a gateway to the office based Cloud and has one foot inside the private LAN address space used by the cluster.
Yeah? but so what?
So the current setup consists of around 50 machines and due to the historical and somewhat dis-jointed nature of the way the network has grown, there are many VPN’s, gateways, SSL certificate providers and reverse proxies all working together to provide a seamless front-end. Works great, but managing it can be problematic.
Now, at a container level, none of this is needed any more. I have one reverse proxy sitting in a container on the edge, which can directly address all of the containers … VPN’s are gone, Cloudflare tunnels are gone, multiple text based reverse proxies are gone. All I now have to worry about is this;
The difference …
- GUI based config, all the text based config files are gone
- SSL certificates, I can now provision real SSL certificate for everything, including private servers
- I no longer need to worry about location, it all appears to be one local network
… More to come as it goes live … 