EVE topology Node as proxy to physical node/vm

Features you'd like to see in the upcoming version of EVE-NG

Moderator: mike

Post Reply
ymeillier
Posts: 4
Joined: Mon Feb 03, 2020 1:30 am

EVE topology Node as proxy to physical node/vm

Post by ymeillier » Wed Apr 01, 2020 4:12 pm

Hi.
In order to avoid having too many levels of virtualization/nesting and running into performance issues, i use eve for my network topology and my esxi hypervisors are VMs sitting at the same level as the eve VM itself. I just use the cloud bridges to bridge my traffic to the eve routers in my topo.

I was wondering if it would be possible to create nodes in eve for those esxi servers so that we get to see all of them connected as expected, but double clicking on those would open a session to the VM itself (we have connectivity to it after all via the Cloud bridges). I like the html5 client vs native by the way. (more practical)

see for example attached pic. The nodes that are turned off are the VMs (they are not eve nodes)

Is it possible or something that could be added as a feature?
You do not have the required permissions to view the files attached to this post.

Uldis (UD)
Posts: 3354
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: EVE topology Node as proxy to physical node/vm

Post by Uldis (UD) » Wed Apr 01, 2020 7:40 pm

honestly, it is very related how powerful is your server with EVE. CPU model, cores and fast HDD, SSD
For example such esxi EVE VM easy run nested ESXi node inside

Dual E5-2650v4, 128GB Ram, 2TB SSD

ymeillier
Posts: 4
Joined: Mon Feb 03, 2020 1:30 am

Re: EVE topology Node as proxy to physical node/vm

Post by ymeillier » Fri Apr 03, 2020 12:48 am

Hi Thanks for your response.

I don't think i explained my question properly.

In the above picture, the greyout ESXi server acutally is just a placeholder for me to vizualise my esxi VM as if it was deployed by VM.
But it isn't deployed by eve. It is an esxi VM sitting on my lan just like the eve server/appliance is.
What i would like is build my topology on eve, but for node that woudl not run well nested inside eve, run them outside (i already do that and those aer bridge to internal eve nodes via the cloud interface).
What i want is the ability to put that place holder esxi eve node on the the opology so that i have a full representation of what nodes i have, and when i double click on that greyed out server, it would no open a console to the eve node itself, but instead open the console to the ESXi VM sitting out side of eve topology. See what i mean? a proxy node just there so that you know have a full view of all your nodes, eve nodes and nodes bridged via cloud interfaces.....

thanks!

ehinkle27
Posts: 3
Joined: Fri Apr 26, 2019 10:39 pm

Re: EVE topology Node as proxy to physical node/vm

Post by ehinkle27 » Mon May 11, 2020 6:19 pm

I was just looking for the same thing. Something similar to how GNS3 currently allows you to do that. They let you add a cloud node and then rename the node, change the image, and specify the protocol to connect to the device. See the below video for example. How did you get you images added like you did, that is a start?

https://www.youtube.com/watch?v=rgxeyCbm15Y

ddfamily
Posts: 3
Joined: Fri May 15, 2020 9:56 pm

Re: EVE topology Node as proxy to physical node/vm

Post by ddfamily » Fri May 15, 2020 10:02 pm

Hey guys!

I'm struggling to achieve exactly that for months.
I'm sure there is not a great deal of development to have this feature available using the embedded Guacamole server.
If I was skilled enough, I would do it. I'm certain it's not that hard...

It's pretty cool it's possible to do that in GNS3, but the GUI in EVE is much more better, and GNS3 only support telnet and vnc, not ssh and rdp.

Hope the devs can hear us screaming for this feature :)

ddfamily
Posts: 3
Joined: Fri May 15, 2020 9:56 pm

Re: EVE topology Node as proxy to physical node/vm

Post by ddfamily » Tue May 19, 2020 10:59 pm

Hello guys,

Just a little update about this feature request.

I found a temporary workaround for this feature. It requires an external Guacamole server:
- add pictures to the topology using 11.1.4 in Pro Cookbook
- create an HTTP link for the picture using 11.1.5 steps
=> the HTTP link will redirect to the guacamole url for the device you want to reach. It supports RDP and SSH which should cover most of the setup.
The only limitation is that it opens the session in a new tab in the browser, and not the nice embedded Guacamole inside a frame we have when using node connection.

A little tip that could maybe help the developpers to make this request available easily...
I tried to play with the Guacamole server running in EVE Pro:
- I created a node, let's call it "Node1" with RDP connection
- I connected to the Guacamole SQL DB in EVE
- I found the entry for Node1 in the Guacamole DB
- I changed the values in the table "connection_parameters" (if I remember correctly...), with IP of a physical device outside of EVE
- I tried to launch the console view in EVE WebUI
=> I couldn't make it work, and RDP connection to physical host never worked. Same thing with SSH to a physical switch.

In the end, I believe it didn't work for two reasons:
- Guacamole in EVE is running in a container, using 172.17.0.0/16 subnet, so Guacamole doesn't have access to the external network
- Entries in Guacamole DB are created dynamically by EVE each time a node is booted. This means each time a node reboots, entry ID changes in the DB

In order to have the capability to add external nodes in EVE, it would be a matter of:
- Allowing Guacamole to access the external network (NAT using pnet0 maybe?)
- Create a new type of node (external_node or something like that) where we can customize IP, port, and connection type (RDP / SSH) that would create a SQL entry in Guacamole DB

To the EVE Team: does that make sense? Is that something that is feasible?

I would be more than happy to help if you consider this request worthy :)

ddfamily
Posts: 3
Joined: Fri May 15, 2020 9:56 pm

Re: EVE topology Node as proxy to physical node/vm

Post by ddfamily » Tue May 19, 2020 11:06 pm

Below a small screenshot of the workaround attached.
Each icon is clickable and opens a URL to a Guacamole server mapped to a SSH or RDP connection, or WebUI of a physical device.
2020-05-20_01h02_08.png
You do not have the required permissions to view the files attached to this post.

Post Reply