cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: 4.14 Advanced networking: adding networks and providers
Date Mon, 17 Aug 2020 06:00:02 GMT
So, documentation needs a bit more reading (and polishing, why not...) -
i.e. there a few kinds of networks in CloudStack - and also, Network
Offerings are created based on the type of the network you want to offer to
your users:

There are:
- Shared networks (VR only used for DNS/DHCP/userdata/metadata) - only root
admin can create a Shared Network - and all tenants can use/share a
single/common Shared Network - i.e. you see a potential security problem
here, but in private clouds (or in Public CLouds with Security Groups
enabled in the Advanced Zone) this is OK mode - provides something similar
to old-fashion VPS (Virtual Private Server) that you certainly are familiar
with - i.e. each VM can be on a Public IP address (or private, depending on
the CIDR configured for that Shared network)
- Isolated networks (VR used to protect the network and it's VMs - like in
a real world) - the VR provides NAT, Port Forwarding, Remote VPN, Firewall
etc services to VMs on the network behind the VR (there can be only one
network behind the VR)
- Evolution of Isolated networks = VPC with it's Isolated networks (you
first create VPC< then one or more networks inside VPC) - the difference
being that you can  have more than one network behind the VR, and also a
few more network services exist (site-2-site VPN, Private Gateways, etc)
-most recent kind of networks added - L2 networks (no VR at all) - provides
a way for all VMs to be on a single vlan (like in all existing cases), but
there is no VR (IPAM provides by external devices usually)

You always will create networks via dedicated Network tab/menu (and then
from the dropdown menu you can choose Networks (L2, Shared, Isolated) or
you can choose VPC.

- quick cloud no services = Shared Network offering - you got this one
offered as you clicked on ''Add Guest Network"
- if you have chosen instead "Isolated network" you would get offered 2-3
Default Isolated network offerings
- For L2, again, there are a few default network offerings
- If you choose VPC< there are 1-2 default VPC offering, then when created,
you click on CONFIGURE (the VPC) and then you get to create a VPC Isolated
Network (you are offered here a few default network offerings for VPC
networks)

No need to configure providers etc, and (beside the ugly name), you can use
the network/vpc offerings that are created by default - they provide all
you would possibly use during "learning" CloudStack - but once you
understand the offerings and the services that are part of it - you can
create your own network offerings.

There you go :)

Best,


On Mon, 17 Aug 2020 at 06:11, <rvalle@privaz.io.invalid> wrote:

> Hi!​
>
>  I am deploying my first ACS cluster, debugging the installation procedure
> step by step.
> It is  ACS 4.14, Ubuntu 18, KVM, Advanced Networking, Local Primary
> Storage.
>
> I am trying now to get advanced networking going.
>
> I am guessing that the documentation has not yet catch up with the latest
> changes.
>
> I am trying to configure Providers to my zone.
>
> If I enter infrastructure/zone/myzone/physical guest net/providers
>
> I try to enable the Virtual Router, and it tells me it has to be
> configured first.
>
> According to the documentation there used to be a dedicated tab for it, by
> I am guessing that  I have to play with "Network Offerings" to configure
> them.
>
> It looks like it, at least I can select the available VR services, and the
> offering for the VR, etc.
>
> I have created a few of those, but non of them will be offered when I try
> to add Networks to networks.
>
> I try to create the network at:
>
> infrastructure/zone/physical guest net/network/add guest net, but I am not
> sure what the difference is if added from the networking dedicated tab.
>
> NO matter what I try, when I add a network I only see "offering for
> QuickCloud with no services".
>
> Can anybody point me in the right direction?
>
> Rafael
>
>
>
>

-- 

Andrija Panić

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message