Enabling VPN for Containers
Virtual Private Network (VPN) is a technology which allows you to establish a secure network connection even over an insecure public network. Setting up a VPN for a separate Container is possible via the TUN/TAP device. To allow a particular Container to use this device, the following steps are required:
-
Make sure the
tun.o
module is already loaded before Parallels Cloud Server is started:
# lsmod
-
Allow the Container to use the TUN/TAP device:
# prlctl set 101 --devices c:10:200:rw
Note:
Currently, the
--devices
option may not be supported by the
prlctl
utility. Use
vzctl
instead.
-
Create the corresponding device inside the Container and set the proper permissions:
# prlctl exec 101 mkdir -p /dev/net
# prlctl exec 101 mknod /dev/net/tun c 10 200
# prlctl exec 101 chmod 600 /dev/net/tun
Configuring the VPN properly is a common Linux administration task, which is out of the scope of this guide. Some popular Linux software for setting up a VPN over the TUN/TAP driver includes Virtual TUNnel <
http://vtun.sourceforge.net/
> and OpenVPN <
http://openvpn.sourceforge.net/
>.
|