I made 3 Rocky Linux 9 one of the Cloud provider. the cloud provider assign 1 one public IP for each server and right now I have 3 public IP, these servers see each other.I want all requests from internet go to server 1 and from server 1 go to server 2 and server 3 and all responses from server 2 and server 3 go to server 1,
for better security and make cloud switch and assign private IP to each server, right now each servers can see each other with private IP, after assign Private IP, I remove public IP from server 2 and 3.
Is this good way?
For packages update for server 2 and 3 what I must do?
Client “talks” only with the Java program that runs on server 1. The Java program might connect to server 2 or 3 for something?
In other words, nothing from (outside) clients is forwarded (aka routed) through server 1 to the other servers, and the server 1 does not need ip_forwarding for that.
Servers 2 and 3 will be in private subnet. They won’t have public IP addresses.
For running dnf up they need to reach Rocky’s repos. There are about three ways:
Something (server 1) is set to act as gateway, router, through which servers 2 and 3 can connect to outside places
Server 1 is set as HTTP proxy; other servers talk to it and it talks to Rocky’s repos
Server 1 maintains a copy of Rocky’s repos that all three servers use
Thanks,
which one is safe and no have risk ?
if I want use server 1 as gateway and I want do this by firewalld How I can do this?
I have more that 10 docker images running on these three servers and specially server 1 and I want set server 1 as gateway does not break docker network connectivity and containers connectivity.