Changing IP address will be problem. If the Network agent running on a host is not able to communicate to the server with the IP address specified during start, networking will fail. You might want to try to delete and add the hosts with the changed IP information.
Rancher Server have static ip address and a host is behind a home nat router (dsl with dynamic ip address).
To be sure the host communication works fine I created openvpn tunnels from the hosts to the rancher server. Communication isn’t public and works without problems.
It also works without the openvpn, but it makes the api communication secure
All machines are KVM VMs running with RancherOS 0.4.5
First is the Rancher Server with a OpenSVPN server running as RancherOS os-service (system-docker). Rancher Server is listening at the tun device ip address.
Second host have also an static ip address and a openvpn-client as os-service.
Third host running at home (dyn ip, also with openvpn-client as os-service).
API communication only tunneled by openvpn.
OpenVPN server setup is forked and updated version from kylemanna/openvpn. OpenVPN Client ins a simple alpine openvpn image.
But there is a rancher server bug with load balancers running at the Rancher Server Host (stucks in “Initializing” state at that host only, but works since the last rancher server update anyway).
@pwFoo Could you explain a little more of exactly how you did that? I’m running a OpenVPN server container from kylemanna/openvpn, but I can’t get any clients to connect to it using .ovpn file other than TunnelBlick on my Mac, and that’s exclusively if I use the TCP option in the openvpn server container. What options did you use? Did you use dperson/openvpn-client as your client container and how did you get that working? I’m having a lot of trouble right now.
