tinc to create VPN between cluster nodes (at different datacenters) for High Availability

[John Griessen]

On 05/10/2017 12:54 PM, Guus Sliepen wrote:
> There are two ways to do high-availability with tinc. Assuming you want
> to have multiple distinct "exit nodes" on the VPN (that provide a
> default gateway for other nodes), then just assign Subnet = 0.0.0.0/0 to
> each of the exit nodes. The other nodes will then choose one of those
> that is online. So if they are using one that goes offline, they will
> switch to another one.

Thanks,

I will read more and study how to do that with coreOS.  I suppose the first thing
a node needs to be doing as it comes up is starting a firewall, since
a usual virtual server is open to the internet.  Then start tinc in a container
with a setup to connect with other nodes that are setup to be in the same VPN.

Or will it be necessary to rent virtual servers that come with an internal private network
provided by the hosting company, as well as IP addresses for the open internet?