Version 4 (modified by ibaldin, 8 years ago)


Using Shorewall DNAT proxy with ORCA


Support for Shorewall DNAT proxy is integrated into ORCA's EC2 handler that operates on Eucalyptus/NEuca installations. All configuration parameters are located in the file. Parts of that file relevant to Shorewall proxy are shown below.

Proxy configuration (Camano 3.0+)

The handler support configuring a proxy for the created instance for situations when instances are created within a private address space separated from the public Internet. Currently SHOREWALL-DNAT proxy is supported. The following properties are used by the handler (typically specified in, see below):

  • Whether proxy should be used at all (true|false)
  • The type of proxy (currently supported types: 'SHOREWALL-DNAT')
  • IP address of proxy host
  • Username on the proxy authorized to make configuration changes
  • Filename containing private SSH key of the authorized user (absolute path)
  • Path to shorewall scripts on proxy

Fore more details see NEuca handler and NEuca handler testing.