Save the Planet, Use Fewer IPs

Yo dawg, float me some IPs – ah, how often do we hear that line around research labs and coding dens… Unfortunately, few of us realize that IPv4 address exhaustion, along with natural resources depletion and global warming, has long been recognized as one of the greatest existential threats facing humanity. Along with everybody else, the Chameleon testbed has a severely rationed number of public IP addresses that can be assigned to user instances. While we feel that our users generally deserve the stars and the moon, we find that those may often be easier to give than anything in the IPv4 space. 

However, the good news is that in most cases you can get by without this scarce and expensive commodity. To understand how, I sat down with Chameleon Ticketmaster and IP Environmentalist in Chief, Jake Colleran. According to Jake you can connect to all of your instances with just one floating IP address using a technique called “bastion host”. This allows the IPs to retreat to a bastion and defend themselves from overuse. 

Here is how it works. First, you create however many instances you need; they will be connected by default to a VLAN called sharednet1 (if you need more isolation you can create your own VLAN instead). “A bastion host is a gateway to all your instances on a network”, says Jake, “to create it, simply pick one of your nodes and associate a floating IP with your instance”. This makes that node accessible via ssh over public internet. Once you ssh into that one instance (using the public IP), you can ssh into any of your other nodes connected to its VLAN  (via their private IPs) like so:   

[local]

$ ssh-add /path/to/<keypair>.pem</keypair>

$ ssh -A cc@<floating_ip_address></floating_ip_address>

[remote]

$ ssh cc@<private_ip_address></private_ip_address>

But wait, there's more! Jake explains that what really makes it work is his favorite environmentally friendly shortcut using the -J option of the ssh command:
 

$ ssh-add /path/to/<keypair>.pem </keypair>

$ ssh -J cc@<floating_ip_address cc=""></floating_ip_address>

“This simple technique makes it as easy to use the bastion login with just one floating IP as assigning lots to every instance you can think of”, enthuses Jake, “This should keep us afloat in floating IPs for some time to come” 

All of this is so much writing to say: go green, use those floating IPs responsibly -- and whenever you can, please recycle. 

We have only one planet! 


Add a comment

No comments