Not a solution in general but for mysql a really easy way to do it is to mount --bind the mysql unix socket directory into the vserver areas that are allowed access to the mysql server. then that vserver can access mysql via the unix socket instead of tcp/ip and your original mysql server doesn't have to do an ip bind at all if you don't want. It works great.On Wed, 2004-04-21 at 02:03, Micah Anderson wrote:
How can I make it so that the vserver is communicating with the private IP instead of the public one? I want to do this so I can allow some vservers the ability to access the mysql, but not others. I can simply add 212.112.147.194 to the tables to be able to connect, but then all the vservers would be able to connect, when I only want 192.168.0.1 to be able to connect, but not 192.168.0.3 for example.
example:
mysql server running in vserver mysql at /export/vservers/mysql
vserver quake needs access
in main server mount --bind /export/vservers/mysql/var/run/mysqld /export/vservers/quake/var/run/mysqld
you can have that automatically happen by adding it to your main server fstab
/export/vservers/mysql/var/run/mysqld /export/vservers/quake/var/run/mysqld none defaults,bind,auto 0 0
Eric
smime.p7s
Description: S/MIME Cryptographic Signature
