That setup sounds reasonable. Basically you want one nginx instance as the front door for all the other web applications, and it sounds like you've got that set up. So the web side is fine.
For ssh access to other VMs, on your router, just port-forward some non-standard port to port 22 on the machine you want, and run ssh ala 'ssh -p $PORT B.example.com' and you should be fine. You can set up your ~/.ssh/config so you don't have to type that every time, ala Host B.example.com User me Port 65222 I recently wrote a howto on a very similar setup, with the additional twist that all the webapp zones are on a private virtual networked firewalled through a single zone (meaning you'd need port forwarding on the router and also in the firewall zone): http://timboudreau.com/blog/smartos/ -Tim On Sun, Jan 11, 2015 at 1:19 AM, JJ Stiff via smartos-discuss < [email protected]> wrote: > The network topology is basic: > > Internet - Router (:80, :443, possibly:22) - SmartOS > > So I have one external IP to access the websites I am hosting in SmartOS. > > My DNS is hosted remotely. > The a records all point to the same external IP for my network. > Lets just say they are B C D and E. > > The router has 10.1.1.1 > The global zone has 10.1.1.2 > The nginx instance has 10.1.1.3 > I have the webserver instances at 10.1.1.11 (B), 10.1.1.12 (C), 10.1.1.13 > (D), and 10.1.1.14 (E) > > So, when I access B.example.com, the ngnix instance properly forwards my > http request to the instance running at 10.1.1.11, etc. > > Now, I want to ssh to B.example.com, etc, from outside my network. What > is the recommended procedure here? > > I am looking at sslh but it is not in the list for 'pkgin ls'. I would > prefer not to use a KVM instance, if I don't have to here. Or maybe I can > package up the latest sslh if that is the recommended best solution. > > Reference: > https://github.com/yrutschle/sslh > http://www.rutschle.net/tech/sslh.shtml > > An alternative might be to have the nginx or another instance receive the > ssh and then I can re-ssh to the machine I want by specifying the IP (for > B: 10.1.1.11). But then I would also like to use sshfs.. It seems like the > sshl solution would be more elegant. > > Any pointers? Is there something that I may have fundamentally wrong here > in my setup? > > Thank you for the help, I just am having a difficult time finding a great > reference on this topic. > > -JJ > > - [email protected] > - http://www.jjsland.com/ > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> > <https://www.listbox.com/member/archive/rss/184463/24549504-c4bff9d3> | > Modify > <https://www.listbox.com/member/?&;> > Your Subscription <http://www.listbox.com> > -- http://timboudreau.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
