cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafael del Valle <rva...@privaz.io.INVALID>
Subject Re: VPC and Public IP addresses
Date Tue, 18 Aug 2020 09:21:49 GMT
Andrija,

Thanks for the information. 

I have now tested isolated networks, and I can see how multiple IP usages become available
at the same time.

Actually I love the interface of the VPC, and the multi-tier nets, but the usage of public
IPs is a no-go for me.

One isolated network per customer/project is possibly the best thing to do for now, even thou
it will be only one network per customer. 

I have also created an enhancement issue: 

https://github.com/apache/cloudstack/issues/4270​

See if we can get this to work. I think it is a killer feature.
Rafael



I will try to understand both implementations and the 

On Tue, 2020-08-18 07:50 AM, Andrija Panic <andrija.panic@gmail.com> wrote:
> There is no pending work that I'm aware of. This is known as conserve mode
> afaik (or lack of it with VPC) - for regular Isolated networks (non-VPC
> Isolated networks) - this works, but I assume there was an architectural
> problem implementing the same with the VPC - feel free to contribute, of
> course.
> 
> Best,
> 
> On Tue, 18 Aug 2020 at 07:27, Rafael del Valle " target="_blank"><rvalle@privaz.io.invalid>
> wrote:
> 
> > Andrija,
> >
> > I guess Load Balancing can be done from a private IP. So, that
> > functionality is less critical.
> >
> > Then the main thing would be that SourceNat and Port Forwarding could be
> > used from the same public IP.
> >
> > I guess this can be seen as supporting multiple purposes per IP, or
> > perhaps  to create a new purpose for the combined functionality.
> >
> > I would be happy to contribute to make it possible.
> >
> > Do you think it would be an interesting feature? is anybody working on
> > something like this?
> >
> > Rafael
> >
> > On Mon, 2020-08-17 07:52 PM, Andrija Panic " target="_blank"><andrija.panic@gmail.com>
> > wrote:
> > > Yes, you would need 3 separate IPs.
> > >
> > > On Mon, 17 Aug 2020 at 16:17, Rafael del Valle "
> > target="_blank">" target="_blank"><rvalle@privaz.io.invalid>
> > > wrote:
> > >
> > > > Hi!
> > > >
> > > > I am experimenting with VPCs and it is very exciting, powerful and
> > easy to
> > > > manage.
> > > >
> > > > We want to implement a bunch of VPCs for independent
> > projects/customers.
> > > >
> > > > I will be great to have independent environment that each project can
> > > > manage without interference.
> > > >
> > > > Each of them typically implements Load Balancer for Provided Web
> > services,
> > > > perhaps a few ports forwarded, and some services being allowed to
> > access
> > > > internet (source nat), for example a Web Proxy.
> > > >
> > > > I am reviewing the documentation and testing and I see this:
> > > >
> > > > A public IP can be used for only one purpose at a time. If the IP is
> > > > a sourceNAT, it cannot be used for StaticNAT or port forwarding.​
> > > >
> > > > Port Forwarding, LBS and SourceNat we can typically do from the same
> > IP,
> > > > with some obvious limitations such as not LBSing and Forwarding the
> > same
> > > > port.
> > > >
> > > >
> > > >
> > > > Our Original plan is to dedicate 1 public ip per VPC/project.
> > > >
> > > >
> > > >
> > > > As it looks in the documentation we would need 3x IPs, is that correct?
> > > >
> > > >
> > > > Is there a way to workaround this?
> > > >
> > > > Rafael
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > > --
> > >
> > > Andrija Panić
> > >
> 
> 
> 
> --
> 
> Andrija Panić
> 
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message