Hello!
Is it possible to deploy containers on a host that does not have a public but has only VPN IP address?
Make sure that IPSec networking works between the hosts (UDP 500 & 4500 must be open), and make sure when you add the new host to your cluster it communicates through the internal IP of your master.
This may answer some other questions: https://laszlo.cloud/Attack-your-cloud-bill Wrote it some time ago, with the exact purpose to test Rancher through VPN.
1 Like
@laszlocloud Thanks for reply.
I forgot to mention I was thinking about the case where I would want to deploy containers to servers that I could manage/host locally (not in cloud). I hope you answer is still valid here. 
The principles remain the same. The hosts must “see” each other on the given ports. The tools might be different, but in essence you have to craft your network in a way so that the nodes can communicate.
1 Like