AWS Getting Started - Virtual IP Addresses
When planning your AWS instance, it is important to keep high availability in mind prior to creating your instance. The decision to create a highly available storage solution using Buurst's SoftNAS must be made early in order to allow you to prepare your build accordingly. One decision that needs to be made early is whether to use Instance, Elastic or Virtual IPs. Beyond choosing the type of IP address you wish, there are many configuration steps required to prepare for a high availability configuration. For complete coverage of high availability through SoftNAS, go to our High Availability Documentation
Amazon EC2 provides two types of IP addresses:
- Instance IP address: each instance is assigned a dynamic IP address, assigned by DHCP. These are on the internal, private network, assigned by DHCP. They will be different each time a SoftNAS instance is booted.
- Virtual IP addresses: Buurst's SoftNAS now supports the set up of highly available VPCs with private subnets using virtual IPs. If setting up SoftNAS SNAP HATM with virtual IPs, there is no need to create Elastic IPs at all. The IPs assigned statically or via DHCP at instance creation time can be retained.
Virtual IPs and High Availability
Setup and maintenance of Virtual IP addresses are covered in our High Availability Documentation. Virtual IP addresses are relatively simple to set up, requiring only that each VPC instance must have an IP in the same CIDR block. A third IP outside this CIDR block will be selected during the HA wizard setup. This will be the IP address you will use to access the highly available share, whichever instance is currently the primary.
There are multiple ways to configure secure administrative access to the SoftNAS SNAP HA™ storage controllers:
- VPN - this is the most secure stand-alone solution, and a recommended minimum best practice for limiting access to the private IPs of each SoftNAS® controller. In this case, use DNS to assign a common name to each controller (e.g., "nas01.localdomain.com", "nas02.localdomain.com"), making routing to each SoftNAS® controller convenient for administrators.
- Admin Desktop - an even more secure approach is to combine VPN access with an Administrator's desktop, (sometimes referred to as a jumpbox) typically running Windows and accessed via RDP. This secure admin desktop adds another layer of authentication, namely Active Directory (or local account) authentication.