You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/09/19 21:06:51 UTC

[GitHub] [cloudstack] luganofer opened a new issue #5467: L2 Guest Networks: exclusive VLAN range

luganofer opened a new issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467


   <!--
   Verify first that your issue/request is not already reported on GitHub.
   Also test if the latest release and main branch are affected too.
   Always add information AFTER of these HTML comments, but no need to delete the comments.
   -->
   
   ##### ISSUE TYPE
   <!-- Pick one below and delete the rest -->
    * Improvement Request
   ##### COMPONENT NAME
   <!--
   
   -->
   ~~~
   L2 Guest Network 
   ~~~
   
   ##### CLOUDSTACK VERSION
   <!--
   New line separated list of affected versions, commit ID for issues on main branch.
   -->
   
   ~~~
   Cloudstack 4.14 onwards
   ~~~
   
   ##### CONFIGURATION
   <!--
   Information about the configuration if relevant, e.g. basic network, advanced networking, etc.  N/A otherwise
   -->
    
   Enviroment with adcanced networking
   
   ##### OS / ENVIRONMENT
   <!--
   Information about the environment if relevant, N/A otherwise
   -->
   
   N/A
   
   ##### SUMMARY
   <!-- Explain the problem/feature briefly -->
   
   Currently, in an advanced network environment, L2 networks can only be specified a VLAN id by a root admin user (which makes a lot of sense).
   L2 type networks can be created by users only if they do not specify a VLAN.
   All good up to this point.
   However the L2 network that a user creates takes a VLAN id from the "VLAN/VNI Range (s)" assigned to guest traffic.
   It would be desirable that the L2 networks have a dedicated VLAN range (different than the guest VLAN range) and thus the L2 networks created by the users consume a VLAN id from this range.
   In this way, the VLANs assigned to this service could be planned and delimited, and this VLAN range could be pre-configured to physical equipment too, among other advantages.
   
   ##### STEPS TO REPRODUCE
   <!--
   For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate.
   
   For new features, show how the feature would be used.
   -->
   
   <!-- Paste example playbooks or commands between quotes below -->
   ~~~
   1) A root admin user creates a VLAN range dedicated to L2 networks.
   2) A user (with sufficient privileges to create a network) creates an L2 network and it consumes a VLAN id from this range.
   ~~~
   
   <!-- You can also paste gist.github.com links for larger files -->
   
   ##### EXPECTED RESULTS
   <!-- What did you expect to happen when running the steps above? -->
   
   ~~~
   The L2 network created by the user consumes a VLAN id from the pre-established and planned range.
   ~~~
   
   ##### ACTUAL RESULTS
   <!-- What actually happened? -->
   
   <!-- Paste verbatim command output between quotes below -->
   ~~~
   The L2 network created by the user takes a VLAN id from the range for guest traffic.
   ~~~
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] weizhouapache commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

weizhouapache commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-1046814831


   starting on this feature
   (1) add new column `vlan_for_l2` to `physical_network` table.
   (2) add/update physical networks with vlan for L2 networks. it contains a vlan id check, and overlap check with `vnet` and shared networks.
   (3) service layer changes: pick up vlan id when create a L2 network, and vlan id is released when remove a L2 network.
   
   @nvazquez any opinions ?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] nvazquez edited a comment on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

nvazquez edited a comment on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-1046891812


   @weizhouapache I mostly agree on 2 and 3, but instead of 1 I propose:
   
   - Add a new boolean parameter to the dedicateGuestVlanRange API (something like this):
   <img width="534" alt="Screen Shot 2022-02-21 at 10 37 17" src="https://user-images.githubusercontent.com/5295080/154965828-aa44a1c3-f4e0-41bc-b4ec-7106f899b5f1.png">
   
   - Add a column on the `op_dc_vnet_alloc` to indicate each VLAN on the range is dedicated to an L2 network
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] nvazquez commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

nvazquez commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-1046891812


   @weizhouapache I mostly agree on 2 and 3, but instead of 1 I propose:
   
   - Add a new boolean parameter to the dedicateGuestVlanRange API (something like this):
   <img width="534" alt="Screen Shot 2022-02-21 at 10 37 17" src="https://user-images.githubusercontent.com/5295080/154965828-aa44a1c3-f4e0-41bc-b4ec-7106f899b5f1.png">
   - Add a column on the `op_dc_vnet_alloc` to indicate each VLAN on the range is dedicated to an L2 network
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] rhtyd commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

rhtyd commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-925247996


   @luganofer CloudStack already supports feature to dedicate VLAN range to an account by root admin, have you tried that? (goto zone, phy net...) 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] luganofer commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

luganofer commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-939337796


   Hello @rhtyd,
   
   Thank you for your response and for always being well-disposed to help the ACS community.
   It is true, there is a similar function to dedicate a range of VLANs to accounts or domains.
   The function I propose here is very similar to this function, but instead of reserving a range of VLANs to a specific account/domain, a range of VLANs is used or reserved for this "network type" (L2 network) regardless of the account/domain using this network type.
   This way this range can be planned to be "presented" in advance to physical equipment for example.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] luganofer edited a comment on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

luganofer edited a comment on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-939337796


   Hello @rhtyd,
   
   Thank you for your response and for always being well-disposed to help the ACS community.
   It is true, there is a similar function to dedicate a range of VLANs to accounts or domains.
   The function I propose here is very similar to this function, but instead of reserving a range of VLANs to a specific account/domain, a range of VLANs is used or reserved for this "network type" (L2 network) regardless of the account/domain using this network type.
   This way this range can be planned to be "presented" in advance to physical equipment, for example, among other use cases.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] weizhouapache commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

weizhouapache commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-1041197183


   @luganofer 
   Do you want to support reserved vlan range for L2 network, in a global setting, zone setting, or physical network (this requires a new column in physical_network_traffic_types, but makes more sense) ?
   
   cc @nvazquez @rohityadavcloud 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [cloudstack] nvazquez commented on issue #5467: L2 Guest Networks: exclusive VLAN range

Posted by GitBox <gi...@apache.org>.

nvazquez commented on issue #5467:
URL: https://github.com/apache/cloudstack/issues/5467#issuecomment-1046975828


   As discussed offline with @weizhouapache it will still need proper definition, moving it to the next milestone


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org