Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

I've read the documents, but I can't seem to find anything about this even
after google searching.

Here is what I'm trying to accomplish: I'd like to have an external
hardware router handle the routing for certain networks. It's on VLAN10.

Here is what I'm seeing: Only one network offering is showing up under
"network offering" in create a network and for instances. It is "
DefaultIsolatedNetworkOfferingWithSourceNatService"


I've tried creating a new network offering with specify vlan and specify IP
addresses, but it doesn't seem to ever show up to be used. Additionally,
there is a system created one that looks like it could do it,
"DefaultIsolatedNetworkOffering" but it too doesn't show up.

If I create a network offering with the exact same options as as
DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up and can
be used.


I'm in advanced networking mode for the zone, and as far as I can tell
everything is working well as expected.

Does anyone have any place they can point me to for this or offer some
advice as to why at least the system DefaultIsolatedNetworkOffering can't
be used?

-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

RE: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Hi Nick,

Glad to hear you got it all sorted

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 06 September 2013 07:49
To: users@cloudstack.apache.org
Subject: Re: Some network offerings missing after creating them

Hi Geoff,

Mission successful! Thanks for all the help!


On Thu, Sep 5, 2013 at 10:10 AM, Geoff Higginbottom < geoff.higginbottom@shapeblue.com> wrote:

> Yes, just use CloudMonkey to create the networks, and then use it to
> deploy the VMs.
>
> CloudMonkey is a really cool tool, and once you master it, you will
> find you rarely use the GUI.
>
> We do large scale deployments and we only look at the GUI at the end,
> we do it all from Scripts.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 05 September 2013 12:35
> To: users@cloudstack.apache.org
> Subject: Re: Some network offerings missing after creating them
>
> Whoa. You mean it's not entirely my fault? :-)
>
> I should be able to use cloudmonkey to get around this bug, right?
>
> Thanks again for all your help!
>
>
> On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com> wrote:
>
> > Sorry just looked at screen shot and you do appear to running an
> > advanced zone.
> >
> > There have been a few GUI bugs creep in with 4.1.1 in relation to
> > networking, this looks like another I have not seen reported so
> > please raise it as an issue.
> >
> > CloudMonkey provides an easier way to use the API so yes you can
> > just use CloudMonkey
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om>
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om>>
> > wrote:
> >
> > Nick,
> >
> > Are you using an Advanced or Basic Zone?
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><ma...@shapeblue.com> | www.shapeblue.com<
> > http://www.shapeblue.com>
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com>> wrote:
> >
> > Hi Geoff,
> >
> > Thanks again for your reply and patience. I'm relieved to hear it's
> > possible with a little elbow grease!
> >
> > I have no problem starting again what-so-ever with anything. This is
> > preproduction. I've been doing regular 'drop database cloud's so
> > anything dangerous can easily be done.
> >
> > I think a large part of my problem is there is no "add guest network"
> > in Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ).
> > There are no "right click" options either. I'm running version
> > 4.1.1, if there is some kind of version thing happening here.
> >
> >
> > Regarding API, can I use cloudmonkey or do I have to start doing
> > research into the API calls?
> >
> >
> > On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><ma...@shapeblue.com>> wrote:
> >
> > Hi Nick
> >
> > What you are trying to do is achievable, but you need to start
> > again, as once you have created a network which has taken its VLAN
> > from the Default Guest VLAN range you cannot change the network
> > Offering to one which has the 'Specify VLAN' option set.
> >
> > Fortunately you can create the new networks you need using the
> > correct Network Offerings, then use the 'addNicToVirtualMachine' and
> > 'removeNicFromVirtualMachine' API commands to add the new Networks
> > to the VM, and remove the old ones.
> >
> >
> >
> > I would create two network offerings, I'll call them 'External' and
> > 'Internal'
> >
> > 'External' should not have any 'Services' as it does not need them,
> > that way no VR will be created for this Network. Assign a 'Name'&
> > 'Description', and check the 'Specify VLAN' option as you want to
> > manually set the VLAN ID so it can connect to your external physical
> > Router.  You do not need the 'Persistent' feature as there will be no VR.
> >
> > 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> > services enabled, all set to 'Virtual Router' You don't need the
> > 'Persistent' option as this simply keeps the VR running when you
> > have no VMs, and as you want to run a 'Intrusion Detection' VM you
> > will always have one running, and the VLAN is persistent even if do
> > shut all VMs down, as you used the 'Specify VLAN' option.
> >
> > To actually create the networks you cannot use the main 'Network'
> > tab, you must navigate to:
> >
> > Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab
> >
> > Then click 'Add Guest Network' and set the 'scope' to account, you
> > will now see the two new Network Offerings listed (as long as you
> enabled them).
> > Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> > set to the IP of the Physical Router connected to the Internet.  Set
> > the 'Guest Start IP' and 'Guest End IP' range so that it spans the
> > IP you want to allocate to the External interface of your VM.
> > Although you will be setting the IP on the VM manually, and even
> > though we did not assign the DHCP service to this Network,
> > CloudStack will still allocate an IP to this VM and this will appear
> > in the GUI.  To keep things neat I always use the API to allocate
> > the IP of the VM when I create it so that the CloudStack allocated
> > IP and my manually configured
> IP are the same.
> >
> > Repeat the process to create your 'Internal' network, setting the
> > 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to
> > allocate to the Internal Interface of your Intrusion Detection VM,
> > and setting 'Guest Start IP' and 'Guest End IP', ensuring they do
> > not overlap the
> Guest Gateway.
> > Note that the VR which gets created to handle the DHCP and DNS will
> > be allocated the 1st IP from the Guest Range.
> >
> > Now create your Intrusion Detection VM using the API and not the GUI
> > so you can specify the IPs for the External and Internal Interfaces,
> > and set the External as the Default.  Once created, you can add
> > additional VMs onto the Internal Network, and they will use the
> > 'Intrusion Detection VM' as their Gateway.
> >
> > Note that the VLANs you use for the External and Internal networks
> > must be outside of the default Guest VLAN Range.
> >
> > Regards
> >
> > Geoff Higginbottom
> >
> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><ma...@shapeblue.com>
> >
> > -----Original Message-----
> > From: Nick Burke [mailto:nick@nickburke.com]
> > Sent: 04 September 2013 18:56
> > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> > ><ma...@cloudstack.apache.org>
> > Subject: Re: Some network offerings missing after creating them
> >
> > Hello Geoff,
> >
> > Thank you for replying!
> >
> > I went there and tried to change it to the service offering I
> > wanted, but once again the only one available is
> > DefaultIsolatedNetworkOfferingWithSourceNatService. There is no
> > associated VM's with this network. I can't add anything on that
> > scree
> >
> > Here is a screenshot: http://imgur.com/ljrVYgP
> >
> >
> > I think I'm missing something dreadfully obvious or I'm not being
> > clear on what I'm trying to accomplish... or both! :-)
> >
> >
> > Here is my end goal:
> >
> > IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing)
> > -> Intrusion Prevention System (aka, a cloudstack VMserver running
> > linux)
> > ->
> > VLAN200  public/static 4.3.3.3/24
> >
> >
> > Both virtual nics are public IP addresses. One side is on one vlan,
> > the other side is on a different one. All traffic routed from the
> > internet must go through this virtual machine to reach the target
> > 4.3.3.3/24 network and vice versa.
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><ma...@shapeblue.com>> wrote:
> >
> > Nick,
> >
> > You need to go to Infrastructure / Zone / Phys Networks / Guest
> > Networks etc to use this type of network offering.
> >
> > The Networks Tab only shows network offerings which have the 'Source NAT'
> > service enabled
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><ma...@shapeblue.com><mailto:
> > geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.c
> > | om
> > | >
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com><mailto:
> > nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.
> > co
> > m>>>
> > wrote:
> >
> > Thank you for the reply!
> >
> > I am logged in through the GUI as the default admin user under the
> > ROOT domain. Just a quick clarification: I can see it under "Network
> > Offerings", but I can't actually use it/see it when I try to deploy
> > an instance and/or when creating a network.
> >
> > According to cloudmonkey, it's enabled (this is the default system
> > created one I'd like to use);
> >
> > CLOUD> list networkofferings
> > count = 8
> > networkoffering:
> > name = DefaultIsolatedNetworkOffering id =
> > 14b2f56b-b941-4495-a9e6-377a756bee70
> > availability = Optional
> > conservemode = True
> > displaytext = Offering for Isolated networks with no Source Nat
> > service forvpc = False guestiptype = Isolated isdefault = True
> > ispersistent = False networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > == ========== serviceofferingid =
> > d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> > This is the one I created myself:
> >
> > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> > count = 1
> > networkoffering:
> > name = test
> > id = e00234b0-9252-4541-9f82-7d575b8b131e
> > availability = Optional
> > conservemode = False
> > displaytext = test
> > forvpc = False
> > guestiptype = Isolated
> > isdefault = False
> > ispersistent = True
> > networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > == ========== serviceofferingid =
> > d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> > Chiradeep.Vittal@citrix.com<ma...@citrix.com><mailto:
> > Chiradeep.Vittal@citrix.com><ma...@citrix.com>> wrote:
> >
> > If the offering has 'specify VLAN', then only the admin should be
> > able to see it.
> > You can also use cloudmonkey to verify the offerings.
> >
> >
> > On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com><mailto:
> > nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.
> > co
> > m>>>
> > wrote:
> >
> > I've read the documents, but I can't seem to find anything about
> > this even after google searching.
> >
> > Here is what I'm trying to accomplish: I'd like to have an external
> > hardware router handle the routing for certain networks. It's on VLAN10.
> >
> > Here is what I'm seeing: Only one network offering is showing up
> > under "network offering" in create a network and for instances. It is "
> > DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> > I've tried creating a new network offering with specify vlan and
> > specify IP addresses, but it doesn't seem to ever show up to be used.
> > Additionally, there is a system created one that looks like it could
> > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> > If I create a network offering with the exact same options as as
> > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> > and can be used.
> >
> >
> > I'm in advanced networking mode for the zone, and as far as I can
> > tell everything is working well as expected.
> >
> > Does anyone have any place they can point me to for this or offer
> > some advice as to why at least the system
> > DefaultIsolatedNetworkOffering can't be used?
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens*
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> > This email and any attachments to it may be confidential and are
> > intended solely for the use of the individual to whom it is addressed.
> > Any views or opinions expressed are solely those of the author and
> > do not necessarily represent those of Shape Blue Ltd or related
> > companies. If you are not the intended recipient of this email, you
> > must neither take any action based upon its contents, nor copy or
> > show it to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is
> > operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
> >
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>



--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

Hi Geoff,

Mission successful! Thanks for all the help!


On Thu, Sep 5, 2013 at 10:10 AM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Yes, just use CloudMonkey to create the networks, and then use it to
> deploy the VMs.
>
> CloudMonkey is a really cool tool, and once you master it, you will find
> you rarely use the GUI.
>
> We do large scale deployments and we only look at the GUI at the end, we
> do it all from Scripts.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 05 September 2013 12:35
> To: users@cloudstack.apache.org
> Subject: Re: Some network offerings missing after creating them
>
> Whoa. You mean it's not entirely my fault? :-)
>
> I should be able to use cloudmonkey to get around this bug, right?
>
> Thanks again for all your help!
>
>
> On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com> wrote:
>
> > Sorry just looked at screen shot and you do appear to running an
> > advanced zone.
> >
> > There have been a few GUI bugs creep in with 4.1.1 in relation to
> > networking, this looks like another I have not seen reported so please
> > raise it as an issue.
> >
> > CloudMonkey provides an easier way to use the API so yes you can just
> > use CloudMonkey
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om>>
> > wrote:
> >
> > Nick,
> >
> > Are you using an Advanced or Basic Zone?
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><ma...@shapeblue.com> | www.shapeblue.com<
> > http://www.shapeblue.com>
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com>> wrote:
> >
> > Hi Geoff,
> >
> > Thanks again for your reply and patience. I'm relieved to hear it's
> > possible with a little elbow grease!
> >
> > I have no problem starting again what-so-ever with anything. This is
> > preproduction. I've been doing regular 'drop database cloud's so
> > anything dangerous can easily be done.
> >
> > I think a large part of my problem is there is no "add guest network"
> > in Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ).
> > There are no "right click" options either. I'm running version  4.1.1,
> > if there is some kind of version thing happening here.
> >
> >
> > Regarding API, can I use cloudmonkey or do I have to start doing
> > research into the API calls?
> >
> >
> > On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><ma...@shapeblue.com>> wrote:
> >
> > Hi Nick
> >
> > What you are trying to do is achievable, but you need to start again,
> > as once you have created a network which has taken its VLAN from the
> > Default Guest VLAN range you cannot change the network Offering to one
> > which has the 'Specify VLAN' option set.
> >
> > Fortunately you can create the new networks you need using the correct
> > Network Offerings, then use the 'addNicToVirtualMachine' and
> > 'removeNicFromVirtualMachine' API commands to add the new Networks to
> > the VM, and remove the old ones.
> >
> >
> >
> > I would create two network offerings, I'll call them 'External' and
> > 'Internal'
> >
> > 'External' should not have any 'Services' as it does not need them,
> > that way no VR will be created for this Network. Assign a 'Name'&
> > 'Description', and check the 'Specify VLAN' option as you want to
> > manually set the VLAN ID so it can connect to your external physical
> > Router.  You do not need the 'Persistent' feature as there will be no VR.
> >
> > 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> > services enabled, all set to 'Virtual Router' You don't need the
> > 'Persistent' option as this simply keeps the VR running when you have
> > no VMs, and as you want to run a 'Intrusion Detection' VM you will
> > always have one running, and the VLAN is persistent even if do shut
> > all VMs down, as you used the 'Specify VLAN' option.
> >
> > To actually create the networks you cannot use the main 'Network' tab,
> > you must navigate to:
> >
> > Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab
> >
> > Then click 'Add Guest Network' and set the 'scope' to account, you
> > will now see the two new Network Offerings listed (as long as you
> enabled them).
> > Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> > set to the IP of the Physical Router connected to the Internet.  Set
> > the 'Guest Start IP' and 'Guest End IP' range so that it spans the IP
> > you want to allocate to the External interface of your VM.  Although
> > you will be setting the IP on the VM manually, and even though we did
> > not assign the DHCP service to this Network, CloudStack will still
> > allocate an IP to this VM and this will appear in the GUI.  To keep
> > things neat I always use the API to allocate the IP of the VM when I
> > create it so that the CloudStack allocated IP and my manually configured
> IP are the same.
> >
> > Repeat the process to create your 'Internal' network, setting the
> > 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to allocate
> > to the Internal Interface of your Intrusion Detection VM, and setting
> > 'Guest Start IP' and 'Guest End IP', ensuring they do not overlap the
> Guest Gateway.
> > Note that the VR which gets created to handle the DHCP and DNS will be
> > allocated the 1st IP from the Guest Range.
> >
> > Now create your Intrusion Detection VM using the API and not the GUI
> > so you can specify the IPs for the External and Internal Interfaces,
> > and set the External as the Default.  Once created, you can add
> > additional VMs onto the Internal Network, and they will use the
> > 'Intrusion Detection VM' as their Gateway.
> >
> > Note that the VLANs you use for the External and Internal networks
> > must be outside of the default Guest VLAN Range.
> >
> > Regards
> >
> > Geoff Higginbottom
> >
> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><ma...@shapeblue.com>
> >
> > -----Original Message-----
> > From: Nick Burke [mailto:nick@nickburke.com]
> > Sent: 04 September 2013 18:56
> > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> > ><ma...@cloudstack.apache.org>
> > Subject: Re: Some network offerings missing after creating them
> >
> > Hello Geoff,
> >
> > Thank you for replying!
> >
> > I went there and tried to change it to the service offering I wanted,
> > but once again the only one available is
> > DefaultIsolatedNetworkOfferingWithSourceNatService. There is no
> > associated VM's with this network. I can't add anything on that scree
> >
> > Here is a screenshot: http://imgur.com/ljrVYgP
> >
> >
> > I think I'm missing something dreadfully obvious or I'm not being
> > clear on what I'm trying to accomplish... or both! :-)
> >
> >
> > Here is my end goal:
> >
> > IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
> > Intrusion Prevention System (aka, a cloudstack VMserver running linux)
> > ->
> > VLAN200  public/static 4.3.3.3/24
> >
> >
> > Both virtual nics are public IP addresses. One side is on one vlan,
> > the other side is on a different one. All traffic routed from the
> > internet must go through this virtual machine to reach the target
> > 4.3.3.3/24 network and vice versa.
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><ma...@shapeblue.com>> wrote:
> >
> > Nick,
> >
> > You need to go to Infrastructure / Zone / Phys Networks / Guest
> > Networks etc to use this type of network offering.
> >
> > The Networks Tab only shows network offerings which have the 'Source NAT'
> > service enabled
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><ma...@shapeblue.com><mailto:
> > geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com
> > | >
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com><mailto:
> > nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.co
> > m>>>
> > wrote:
> >
> > Thank you for the reply!
> >
> > I am logged in through the GUI as the default admin user under the
> > ROOT domain. Just a quick clarification: I can see it under "Network
> > Offerings", but I can't actually use it/see it when I try to deploy an
> > instance and/or when creating a network.
> >
> > According to cloudmonkey, it's enabled (this is the default system
> > created one I'd like to use);
> >
> > CLOUD> list networkofferings
> > count = 8
> > networkoffering:
> > name = DefaultIsolatedNetworkOffering
> > id = 14b2f56b-b941-4495-a9e6-377a756bee70
> > availability = Optional
> > conservemode = True
> > displaytext = Offering for Isolated networks with no Source Nat
> > service forvpc = False guestiptype = Isolated isdefault = True
> > ispersistent = False networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> > This is the one I created myself:
> >
> > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> > count = 1
> > networkoffering:
> > name = test
> > id = e00234b0-9252-4541-9f82-7d575b8b131e
> > availability = Optional
> > conservemode = False
> > displaytext = test
> > forvpc = False
> > guestiptype = Isolated
> > isdefault = False
> > ispersistent = True
> > networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> > Chiradeep.Vittal@citrix.com<ma...@citrix.com><mailto:
> > Chiradeep.Vittal@citrix.com><ma...@citrix.com>> wrote:
> >
> > If the offering has 'specify VLAN', then only the admin should be able
> > to see it.
> > You can also use cloudmonkey to verify the offerings.
> >
> >
> > On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><ma...@nickburke.com><mailto:
> > nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.co
> > m>>>
> > wrote:
> >
> > I've read the documents, but I can't seem to find anything about this
> > even after google searching.
> >
> > Here is what I'm trying to accomplish: I'd like to have an external
> > hardware router handle the routing for certain networks. It's on VLAN10.
> >
> > Here is what I'm seeing: Only one network offering is showing up under
> > "network offering" in create a network and for instances. It is "
> > DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> > I've tried creating a new network offering with specify vlan and
> > specify IP addresses, but it doesn't seem to ever show up to be used.
> > Additionally, there is a system created one that looks like it could
> > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> > If I create a network offering with the exact same options as as
> > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> > and can be used.
> >
> >
> > I'm in advanced networking mode for the zone, and as far as I can tell
> > everything is working well as expected.
> >
> > Does anyone have any place they can point me to for this or offer some
> > advice as to why at least the system DefaultIsolatedNetworkOffering
> > can't be used?
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens*
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> > This email and any attachments to it may be confidential and are
> > intended solely for the use of the individual to whom it is addressed.
> > Any views or opinions expressed are solely those of the author and do
> > not necessarily represent those of Shape Blue Ltd or related
> > companies. If you are not the intended recipient of this email, you
> > must neither take any action based upon its contents, nor copy or show
> > it to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company incorporated
> > in England & Wales. ShapeBlue Services India LLP is operated under
> > license from Shape Blue Ltd. ShapeBlue is a registered trademark.
> >
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>



-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

RE: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Yes, just use CloudMonkey to create the networks, and then use it to deploy the VMs.

CloudMonkey is a really cool tool, and once you master it, you will find you rarely use the GUI.

We do large scale deployments and we only look at the GUI at the end, we do it all from Scripts.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 05 September 2013 12:35
To: users@cloudstack.apache.org
Subject: Re: Some network offerings missing after creating them

Whoa. You mean it's not entirely my fault? :-)

I should be able to use cloudmonkey to get around this bug, right?

Thanks again for all your help!


On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom < geoff.higginbottom@shapeblue.com> wrote:

> Sorry just looked at screen shot and you do appear to running an
> advanced zone.
>
> There have been a few GUI bugs creep in with 4.1.1 in relation to
> networking, this looks like another I have not seen reported so please
> raise it as an issue.
>
> CloudMonkey provides an easier way to use the API so yes you can just
> use CloudMonkey
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om>
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om>>
> wrote:
>
> Nick,
>
> Are you using an Advanced or Basic Zone?
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om
> ><ma...@shapeblue.com> | www.shapeblue.com<
> http://www.shapeblue.com>
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com>> wrote:
>
> Hi Geoff,
>
> Thanks again for your reply and patience. I'm relieved to hear it's
> possible with a little elbow grease!
>
> I have no problem starting again what-so-ever with anything. This is
> preproduction. I've been doing regular 'drop database cloud's so
> anything dangerous can easily be done.
>
> I think a large part of my problem is there is no "add guest network"
> in Infrastructure / Zones / your-zone-name / Physical Network Tab /
> your-network-name (the one with Guest Traffic) / Guest-Configure /
> Network Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ).
> There are no "right click" options either. I'm running version  4.1.1,
> if there is some kind of version thing happening here.
>
>
> Regarding API, can I use cloudmonkey or do I have to start doing
> research into the API calls?
>
>
> On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om
> ><ma...@shapeblue.com>> wrote:
>
> Hi Nick
>
> What you are trying to do is achievable, but you need to start again,
> as once you have created a network which has taken its VLAN from the
> Default Guest VLAN range you cannot change the network Offering to one
> which has the 'Specify VLAN' option set.
>
> Fortunately you can create the new networks you need using the correct
> Network Offerings, then use the 'addNicToVirtualMachine' and
> 'removeNicFromVirtualMachine' API commands to add the new Networks to
> the VM, and remove the old ones.
>
>
>
> I would create two network offerings, I'll call them 'External' and
> 'Internal'
>
> 'External' should not have any 'Services' as it does not need them,
> that way no VR will be created for this Network. Assign a 'Name'&
> 'Description', and check the 'Specify VLAN' option as you want to
> manually set the VLAN ID so it can connect to your external physical
> Router.  You do not need the 'Persistent' feature as there will be no VR.
>
> 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> services enabled, all set to 'Virtual Router' You don't need the
> 'Persistent' option as this simply keeps the VR running when you have
> no VMs, and as you want to run a 'Intrusion Detection' VM you will
> always have one running, and the VLAN is persistent even if do shut
> all VMs down, as you used the 'Specify VLAN' option.
>
> To actually create the networks you cannot use the main 'Network' tab,
> you must navigate to:
>
> Infrastructure / Zones / your-zone-name / Physical Network Tab /
> your-network-name (the one with Guest Traffic) / Guest-Configure /
> Network Tab
>
> Then click 'Add Guest Network' and set the 'scope' to account, you
> will now see the two new Network Offerings listed (as long as you enabled them).
> Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> set to the IP of the Physical Router connected to the Internet.  Set
> the 'Guest Start IP' and 'Guest End IP' range so that it spans the IP
> you want to allocate to the External interface of your VM.  Although
> you will be setting the IP on the VM manually, and even though we did
> not assign the DHCP service to this Network, CloudStack will still
> allocate an IP to this VM and this will appear in the GUI.  To keep
> things neat I always use the API to allocate the IP of the VM when I
> create it so that the CloudStack allocated IP and my manually configured IP are the same.
>
> Repeat the process to create your 'Internal' network, setting the
> 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to allocate
> to the Internal Interface of your Intrusion Detection VM, and setting
> 'Guest Start IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.
> Note that the VR which gets created to handle the DHCP and DNS will be
> allocated the 1st IP from the Guest Range.
>
> Now create your Intrusion Detection VM using the API and not the GUI
> so you can specify the IPs for the External and Internal Interfaces,
> and set the External as the Default.  Once created, you can add
> additional VMs onto the Internal Network, and they will use the
> 'Intrusion Detection VM' as their Gateway.
>
> Note that the VLANs you use for the External and Internal networks
> must be outside of the default Guest VLAN Range.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om
> ><ma...@shapeblue.com>
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 04 September 2013 18:56
> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> ><ma...@cloudstack.apache.org>
> Subject: Re: Some network offerings missing after creating them
>
> Hello Geoff,
>
> Thank you for replying!
>
> I went there and tried to change it to the service offering I wanted,
> but once again the only one available is
> DefaultIsolatedNetworkOfferingWithSourceNatService. There is no
> associated VM's with this network. I can't add anything on that scree
>
> Here is a screenshot: http://imgur.com/ljrVYgP
>
>
> I think I'm missing something dreadfully obvious or I'm not being
> clear on what I'm trying to accomplish... or both! :-)
>
>
> Here is my end goal:
>
> IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
> Intrusion Prevention System (aka, a cloudstack VMserver running linux)
> ->
> VLAN200  public/static 4.3.3.3/24
>
>
> Both virtual nics are public IP addresses. One side is on one vlan,
> the other side is on a different one. All traffic routed from the
> internet must go through this virtual machine to reach the target
> 4.3.3.3/24 network and vice versa.
>
>
>
>
> On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om
> ><ma...@shapeblue.com>> wrote:
>
> Nick,
>
> You need to go to Infrastructure / Zone / Phys Networks / Guest
> Networks etc to use this type of network offering.
>
> The Networks Tab only shows network offerings which have the 'Source NAT'
> service enabled
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om
> ><ma...@shapeblue.com><mailto:
> geoff.higginbottom@shapeblue.c
> om>
> | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com
> | >
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com><mailto:
> nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.co
> m>>>
> wrote:
>
> Thank you for the reply!
>
> I am logged in through the GUI as the default admin user under the
> ROOT domain. Just a quick clarification: I can see it under "Network
> Offerings", but I can't actually use it/see it when I try to deploy an
> instance and/or when creating a network.
>
> According to cloudmonkey, it's enabled (this is the default system
> created one I'd like to use);
>
> CLOUD> list networkofferings
> count = 8
> networkoffering:
> name = DefaultIsolatedNetworkOffering
> id = 14b2f56b-b941-4495-a9e6-377a756bee70
> availability = Optional
> conservemode = True
> displaytext = Offering for Isolated networks with no Source Nat
> service forvpc = False guestiptype = Isolated isdefault = True
> ispersistent = False networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
> This is the one I created myself:
>
> CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> count = 1
> networkoffering:
> name = test
> id = e00234b0-9252-4541-9f82-7d575b8b131e
> availability = Optional
> conservemode = False
> displaytext = test
> forvpc = False
> guestiptype = Isolated
> isdefault = False
> ispersistent = True
> networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
>
>
> On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> Chiradeep.Vittal@citrix.com<ma...@citrix.com><mailto:
> Chiradeep.Vittal@citrix.com><ma...@citrix.com>> wrote:
>
> If the offering has 'specify VLAN', then only the admin should be able
> to see it.
> You can also use cloudmonkey to verify the offerings.
>
>
> On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com><mailto:
> nick@nickburke.com<ma...@nickburke.com><mailto:nick@nickburke.co
> m>>>
> wrote:
>
> I've read the documents, but I can't seem to find anything about this
> even after google searching.
>
> Here is what I'm trying to accomplish: I'd like to have an external
> hardware router handle the routing for certain networks. It's on VLAN10.
>
> Here is what I'm seeing: Only one network offering is showing up under
> "network offering" in create a network and for instances. It is "
> DefaultIsolatedNetworkOfferingWithSourceNatService"
>
>
> I've tried creating a new network offering with specify vlan and
> specify IP addresses, but it doesn't seem to ever show up to be used.
> Additionally, there is a system created one that looks like it could
> do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
>
> If I create a network offering with the exact same options as as
> DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> and can be used.
>
>
> I'm in advanced networking mode for the zone, and as far as I can tell
> everything is working well as expected.
>
> Does anyone have any place they can point me to for this or offer some
> advice as to why at least the system DefaultIsolatedNetworkOffering
> can't be used?
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
> This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is addressed.
> Any views or opinions expressed are solely those of the author and do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or show
> it to anyone. Please contact the sender if you believe you have
> received this email in error. Shape Blue Ltd is a company incorporated
> in England & Wales. ShapeBlue Services India LLP is operated under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>



--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

Whoa. You mean it's not entirely my fault? :-)

I should be able to use cloudmonkey to get around this bug, right?

Thanks again for all your help!


On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Sorry just looked at screen shot and you do appear to running an advanced
> zone.
>
> There have been a few GUI bugs creep in with 4.1.1 in relation to
> networking, this looks like another I have not seen reported so please
> raise it as an issue.
>
> CloudMonkey provides an easier way to use the API so yes you can just use
> CloudMonkey
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>>
> wrote:
>
> Nick,
>
> Are you using an Advanced or Basic Zone?
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com
> ><ma...@shapeblue.com> | www.shapeblue.com<
> http://www.shapeblue.com>
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com>> wrote:
>
> Hi Geoff,
>
> Thanks again for your reply and patience. I'm relieved to hear it's
> possible with a little elbow grease!
>
> I have no problem starting again what-so-ever with anything. This is
> preproduction. I've been doing regular 'drop database cloud's so anything
> dangerous can easily be done.
>
> I think a large part of my problem is there is no "add guest network" in
> Infrastructure / Zones / your-zone-name / Physical Network Tab /
> your-network-name (the one with Guest Traffic) / Guest-Configure / Network
> Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ). There are no
> "right click" options either. I'm running version  4.1.1, if there is some
> kind of version thing happening here.
>
>
> Regarding API, can I use cloudmonkey or do I have to start doing research
> into the API calls?
>
>
> On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com
> ><ma...@shapeblue.com>> wrote:
>
> Hi Nick
>
> What you are trying to do is achievable, but you need to start again, as
> once you have created a network which has taken its VLAN from the Default
> Guest VLAN range you cannot change the network Offering to one which has
> the 'Specify VLAN' option set.
>
> Fortunately you can create the new networks you need using the correct
> Network Offerings, then use the 'addNicToVirtualMachine' and
> 'removeNicFromVirtualMachine' API commands to add the new Networks to the
> VM, and remove the old ones.
>
>
>
> I would create two network offerings, I'll call them 'External' and
> 'Internal'
>
> 'External' should not have any 'Services' as it does not need them, that
> way no VR will be created for this Network. Assign a 'Name'& 'Description',
> and check the 'Specify VLAN' option as you want to manually set the VLAN ID
> so it can connect to your external physical Router.  You do not need the
> 'Persistent' feature as there will be no VR.
>
> 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> services enabled, all set to 'Virtual Router' You don't need the
> 'Persistent' option as this simply keeps the VR running when you have no
> VMs, and as you want to run a 'Intrusion Detection' VM you will always have
> one running, and the VLAN is persistent even if do shut all VMs down, as
> you used the 'Specify VLAN' option.
>
> To actually create the networks you cannot use the main 'Network' tab, you
> must navigate to:
>
> Infrastructure / Zones / your-zone-name / Physical Network Tab /
> your-network-name (the one with Guest Traffic) / Guest-Configure / Network
> Tab
>
> Then click 'Add Guest Network' and set the 'scope' to account, you will
> now see the two new Network Offerings listed (as long as you enabled them).
> Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> set to the IP of the Physical Router connected to the Internet.  Set the
> 'Guest Start IP' and 'Guest End IP' range so that it spans the IP you want
> to allocate to the External interface of your VM.  Although you will be
> setting the IP on the VM manually, and even though we did not assign the
> DHCP service to this Network, CloudStack will still allocate an IP to this
> VM and this will appear in the GUI.  To keep things neat I always use the
> API to allocate the IP of the VM when I create it so that the CloudStack
> allocated IP and my manually configured IP are the same.
>
> Repeat the process to create your 'Internal' network, setting the 'VLAN
> ID' to 100, the 'Guest Gateway' to the IP you intend to allocate to the
> Internal Interface of your Intrusion Detection VM, and setting 'Guest Start
> IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.
> Note that the VR which gets created to handle the DHCP and DNS will be
> allocated the 1st IP from the Guest Range.
>
> Now create your Intrusion Detection VM using the API and not the GUI so
> you can specify the IPs for the External and Internal Interfaces, and set
> the External as the Default.  Once created, you can add additional VMs onto
> the Internal Network, and they will use the 'Intrusion Detection VM' as
> their Gateway.
>
> Note that the VLANs you use for the External and Internal networks must be
> outside of the default Guest VLAN Range.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com
> ><ma...@shapeblue.com>
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 04 September 2013 18:56
> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> ><ma...@cloudstack.apache.org>
> Subject: Re: Some network offerings missing after creating them
>
> Hello Geoff,
>
> Thank you for replying!
>
> I went there and tried to change it to the service offering I wanted, but
> once again the only one available is
> DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated
> VM's with this network. I can't add anything on that scree
>
> Here is a screenshot: http://imgur.com/ljrVYgP
>
>
> I think I'm missing something dreadfully obvious or I'm not being clear on
> what I'm trying to accomplish... or both! :-)
>
>
> Here is my end goal:
>
> IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
> Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
> VLAN200  public/static 4.3.3.3/24
>
>
> Both virtual nics are public IP addresses. One side is on one vlan, the
> other side is on a different one. All traffic routed from the internet must
> go through this virtual machine to reach the target 4.3.3.3/24 network
> and vice versa.
>
>
>
>
> On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com
> ><ma...@shapeblue.com>> wrote:
>
> Nick,
>
> You need to go to Infrastructure / Zone / Phys Networks / Guest
> Networks etc to use this type of network offering.
>
> The Networks Tab only shows network offerings which have the 'Source NAT'
> service enabled
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com
> ><ma...@shapeblue.com><mailto:
> geoff.higginbottom@shapeblue.c
> om>
> | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com>
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com><mailto:
> nick@nickburke.com<ma...@nickburke.com>>>
> wrote:
>
> Thank you for the reply!
>
> I am logged in through the GUI as the default admin user under the
> ROOT domain. Just a quick clarification: I can see it under "Network
> Offerings", but I can't actually use it/see it when I try to deploy an
> instance and/or when creating a network.
>
> According to cloudmonkey, it's enabled (this is the default system
> created one I'd like to use);
>
> CLOUD> list networkofferings
> count = 8
> networkoffering:
> name = DefaultIsolatedNetworkOffering
> id = 14b2f56b-b941-4495-a9e6-377a756bee70
> availability = Optional
> conservemode = True
> displaytext = Offering for Isolated networks with no Source Nat
> service forvpc = False guestiptype = Isolated isdefault = True
> ispersistent = False networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
> This is the one I created myself:
>
> CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> count = 1
> networkoffering:
> name = test
> id = e00234b0-9252-4541-9f82-7d575b8b131e
> availability = Optional
> conservemode = False
> displaytext = test
> forvpc = False
> guestiptype = Isolated
> isdefault = False
> ispersistent = True
> networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
>
>
> On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> Chiradeep.Vittal@citrix.com<ma...@citrix.com><mailto:
> Chiradeep.Vittal@citrix.com><ma...@citrix.com>> wrote:
>
> If the offering has 'specify VLAN', then only the admin should be able
> to see it.
> You can also use cloudmonkey to verify the offerings.
>
>
> On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com><ma...@nickburke.com><mailto:
> nick@nickburke.com<ma...@nickburke.com>>>
> wrote:
>
> I've read the documents, but I can't seem to find anything about this
> even after google searching.
>
> Here is what I'm trying to accomplish: I'd like to have an external
> hardware router handle the routing for certain networks. It's on VLAN10.
>
> Here is what I'm seeing: Only one network offering is showing up under
> "network offering" in create a network and for instances. It is "
> DefaultIsolatedNetworkOfferingWithSourceNatService"
>
>
> I've tried creating a new network offering with specify vlan and
> specify IP addresses, but it doesn't seem to ever show up to be used.
> Additionally, there is a system created one that looks like it could
> do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
>
> If I create a network offering with the exact same options as as
> DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> and can be used.
>
>
> I'm in advanced networking mode for the zone, and as far as I can tell
> everything is working well as expected.
>
> Does anyone have any place they can point me to for this or offer some
> advice as to why at least the system DefaultIsolatedNetworkOffering
> can't be used?
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>



-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

Re: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Sorry just looked at screen shot and you do appear to running an advanced zone.

There have been a few GUI bugs creep in with 4.1.1 in relation to networking, this looks like another I have not seen reported so please raise it as an issue.

CloudMonkey provides an easier way to use the API so yes you can just use CloudMonkey

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <ge...@shapeblue.com>> wrote:

Nick,

Are you using an Advanced or Basic Zone?

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com>

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 5 Sep 2013, at 01:57, "Nick Burke" <ni...@nickburke.com>> wrote:

Hi Geoff,

Thanks again for your reply and patience. I'm relieved to hear it's
possible with a little elbow grease!

I have no problem starting again what-so-ever with anything. This is
preproduction. I've been doing regular 'drop database cloud's so anything
dangerous can easily be done.

I think a large part of my problem is there is no "add guest network" in
Infrastructure / Zones / your-zone-name / Physical Network Tab /
your-network-name (the one with Guest Traffic) / Guest-Configure / Network
Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ). There are no
"right click" options either. I'm running version  4.1.1, if there is some
kind of version thing happening here.


Regarding API, can I use cloudmonkey or do I have to start doing research
into the API calls?


On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>> wrote:

Hi Nick

What you are trying to do is achievable, but you need to start again, as
once you have created a network which has taken its VLAN from the Default
Guest VLAN range you cannot change the network Offering to one which has
the 'Specify VLAN' option set.

Fortunately you can create the new networks you need using the correct
Network Offerings, then use the 'addNicToVirtualMachine' and
'removeNicFromVirtualMachine' API commands to add the new Networks to the
VM, and remove the old ones.



I would create two network offerings, I'll call them 'External' and
'Internal'

'External' should not have any 'Services' as it does not need them, that
way no VR will be created for this Network. Assign a 'Name'& 'Description',
and check the 'Specify VLAN' option as you want to manually set the VLAN ID
so it can connect to your external physical Router.  You do not need the
'Persistent' feature as there will be no VR.

'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
services enabled, all set to 'Virtual Router' You don't need the
'Persistent' option as this simply keeps the VR running when you have no
VMs, and as you want to run a 'Intrusion Detection' VM you will always have
one running, and the VLAN is persistent even if do shut all VMs down, as
you used the 'Specify VLAN' option.

To actually create the networks you cannot use the main 'Network' tab, you
must navigate to:

Infrastructure / Zones / your-zone-name / Physical Network Tab /
your-network-name (the one with Guest Traffic) / Guest-Configure / Network
Tab

Then click 'Add Guest Network' and set the 'scope' to account, you will
now see the two new Network Offerings listed (as long as you enabled them).
Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
set to the IP of the Physical Router connected to the Internet.  Set the
'Guest Start IP' and 'Guest End IP' range so that it spans the IP you want
to allocate to the External interface of your VM.  Although you will be
setting the IP on the VM manually, and even though we did not assign the
DHCP service to this Network, CloudStack will still allocate an IP to this
VM and this will appear in the GUI.  To keep things neat I always use the
API to allocate the IP of the VM when I create it so that the CloudStack
allocated IP and my manually configured IP are the same.

Repeat the process to create your 'Internal' network, setting the 'VLAN
ID' to 100, the 'Guest Gateway' to the IP you intend to allocate to the
Internal Interface of your Intrusion Detection VM, and setting 'Guest Start
IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.
Note that the VR which gets created to handle the DHCP and DNS will be
allocated the 1st IP from the Guest Range.

Now create your Intrusion Detection VM using the API and not the GUI so
you can specify the IPs for the External and Internal Interfaces, and set
the External as the Default.  Once created, you can add additional VMs onto
the Internal Network, and they will use the 'Intrusion Detection VM' as
their Gateway.

Note that the VLANs you use for the External and Internal networks must be
outside of the default Guest VLAN Range.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 04 September 2013 18:56
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: Some network offerings missing after creating them

Hello Geoff,

Thank you for replying!

I went there and tried to change it to the service offering I wanted, but
once again the only one available is
DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated
VM's with this network. I can't add anything on that scree

Here is a screenshot: http://imgur.com/ljrVYgP


I think I'm missing something dreadfully obvious or I'm not being clear on
what I'm trying to accomplish... or both! :-)


Here is my end goal:

IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
VLAN200  public/static 4.3.3.3/24


Both virtual nics are public IP addresses. One side is on one vlan, the
other side is on a different one. All traffic routed from the internet must
go through this virtual machine to reach the target 4.3.3.3/24 network
and vice versa.




On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>> wrote:

Nick,

You need to go to Infrastructure / Zone / Phys Networks / Guest
Networks etc to use this type of network offering.

The Networks Tab only shows network offerings which have the 'Source NAT'
service enabled

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com><mailto:geoff.higginbottom@shapeblue.c
om>
| www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com>

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 4 Sep 2013, at 17:53, "Nick Burke" <ni...@nickburke.com><mailto:
nick@nickburke.com<ma...@nickburke.com>>> wrote:

Thank you for the reply!

I am logged in through the GUI as the default admin user under the
ROOT domain. Just a quick clarification: I can see it under "Network
Offerings", but I can't actually use it/see it when I try to deploy an
instance and/or when creating a network.

According to cloudmonkey, it's enabled (this is the default system
created one I'd like to use);

CLOUD> list networkofferings
count = 8
networkoffering:
name = DefaultIsolatedNetworkOffering
id = 14b2f56b-b941-4495-a9e6-377a756bee70
availability = Optional
conservemode = True
displaytext = Offering for Isolated networks with no Source Nat
service forvpc = False guestiptype = Isolated isdefault = True
ispersistent = False networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter

======================================================================
==========
name = UserData
provider:
name = VirtualRouter

======================================================================
==========
name = Dns
provider:
name = VirtualRouter

======================================================================
========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest


This is the one I created myself:

CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
count = 1
networkoffering:
name = test
id = e00234b0-9252-4541-9f82-7d575b8b131e
availability = Optional
conservemode = False
displaytext = test
forvpc = False
guestiptype = Isolated
isdefault = False
ispersistent = True
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter

======================================================================
==========
name = UserData
provider:
name = VirtualRouter

======================================================================
==========
name = Dns
provider:
name = VirtualRouter

======================================================================
========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest




On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:

If the offering has 'specify VLAN', then only the admin should be able
to see it.
You can also use cloudmonkey to verify the offerings.


On 9/4/13 12:00 PM, "Nick Burke" <ni...@nickburke.com><mailto:
nick@nickburke.com<ma...@nickburke.com>>> wrote:

I've read the documents, but I can't seem to find anything about this
even after google searching.

Here is what I'm trying to accomplish: I'd like to have an external
hardware router handle the routing for certain networks. It's on VLAN10.

Here is what I'm seeing: Only one network offering is showing up under
"network offering" in create a network and for instances. It is "
DefaultIsolatedNetworkOfferingWithSourceNatService"


I've tried creating a new network offering with specify vlan and
specify IP addresses, but it doesn't seem to ever show up to be used.
Additionally, there is a system created one that looks like it could
do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.

If I create a network offering with the exact same options as as
DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
and can be used.


I'm in advanced networking mode for the zone, and as far as I can tell
everything is working well as expected.

Does anyone have any place they can point me to for this or offer some
advice as to why at least the system DefaultIsolatedNetworkOffering
can't be used?

--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens* This email and any
attachments to it may be confidential and are intended solely for the
use of the individual to whom it is addressed. Any views or opinions
expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not
the intended recipient of this email, you must neither take any action
based upon its contents, nor copy or show it to anyone. Please contact
the sender if you believe you have received this email in error. Shape
Blue Ltd is a company incorporated in England & Wales. ShapeBlue
Services India LLP is operated under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Nick,

Are you using an Advanced or Basic Zone?

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 5 Sep 2013, at 01:57, "Nick Burke" <ni...@nickburke.com>> wrote:

Hi Geoff,

Thanks again for your reply and patience. I'm relieved to hear it's
possible with a little elbow grease!

I have no problem starting again what-so-ever with anything. This is
preproduction. I've been doing regular 'drop database cloud's so anything
dangerous can easily be done.

I think a large part of my problem is there is no "add guest network" in
Infrastructure / Zones / your-zone-name / Physical Network Tab /
your-network-name (the one with Guest Traffic) / Guest-Configure / Network
Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ). There are no
"right click" options either. I'm running version  4.1.1, if there is some
kind of version thing happening here.


Regarding API, can I use cloudmonkey or do I have to start doing research
into the API calls?


On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>> wrote:

Hi Nick

What you are trying to do is achievable, but you need to start again, as
once you have created a network which has taken its VLAN from the Default
Guest VLAN range you cannot change the network Offering to one which has
the 'Specify VLAN' option set.

Fortunately you can create the new networks you need using the correct
Network Offerings, then use the 'addNicToVirtualMachine' and
'removeNicFromVirtualMachine' API commands to add the new Networks to the
VM, and remove the old ones.



I would create two network offerings, I'll call them 'External' and
'Internal'

'External' should not have any 'Services' as it does not need them, that
way no VR will be created for this Network. Assign a 'Name'& 'Description',
and check the 'Specify VLAN' option as you want to manually set the VLAN ID
so it can connect to your external physical Router.  You do not need the
'Persistent' feature as there will be no VR.

'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
services enabled, all set to 'Virtual Router' You don't need the
'Persistent' option as this simply keeps the VR running when you have no
VMs, and as you want to run a 'Intrusion Detection' VM you will always have
one running, and the VLAN is persistent even if do shut all VMs down, as
you used the 'Specify VLAN' option.

To actually create the networks you cannot use the main 'Network' tab, you
must navigate to:

Infrastructure / Zones / your-zone-name / Physical Network Tab /
your-network-name (the one with Guest Traffic) / Guest-Configure / Network
Tab

Then click 'Add Guest Network' and set the 'scope' to account, you will
now see the two new Network Offerings listed (as long as you enabled them).
Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
set to the IP of the Physical Router connected to the Internet.  Set the
'Guest Start IP' and 'Guest End IP' range so that it spans the IP you want
to allocate to the External interface of your VM.  Although you will be
setting the IP on the VM manually, and even though we did not assign the
DHCP service to this Network, CloudStack will still allocate an IP to this
VM and this will appear in the GUI.  To keep things neat I always use the
API to allocate the IP of the VM when I create it so that the CloudStack
allocated IP and my manually configured IP are the same.

Repeat the process to create your 'Internal' network, setting the 'VLAN
ID' to 100, the 'Guest Gateway' to the IP you intend to allocate to the
Internal Interface of your Intrusion Detection VM, and setting 'Guest Start
IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.
Note that the VR which gets created to handle the DHCP and DNS will be
allocated the 1st IP from the Guest Range.

Now create your Intrusion Detection VM using the API and not the GUI so
you can specify the IPs for the External and Internal Interfaces, and set
the External as the Default.  Once created, you can add additional VMs onto
the Internal Network, and they will use the 'Intrusion Detection VM' as
their Gateway.

Note that the VLANs you use for the External and Internal networks must be
outside of the default Guest VLAN Range.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 04 September 2013 18:56
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: Some network offerings missing after creating them

Hello Geoff,

Thank you for replying!

I went there and tried to change it to the service offering I wanted, but
once again the only one available is
DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated
VM's with this network. I can't add anything on that scree

Here is a screenshot: http://imgur.com/ljrVYgP


I think I'm missing something dreadfully obvious or I'm not being clear on
what I'm trying to accomplish... or both! :-)


Here is my end goal:

IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
VLAN200  public/static 4.3.3.3/24


Both virtual nics are public IP addresses. One side is on one vlan, the
other side is on a different one. All traffic routed from the internet must
go through this virtual machine to reach the target 4.3.3.3/24 network
and vice versa.




On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>> wrote:

Nick,

You need to go to Infrastructure / Zone / Phys Networks / Guest
Networks etc to use this type of network offering.

The Networks Tab only shows network offerings which have the 'Source NAT'
service enabled

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com><mailto:geoff.higginbottom@shapeblue.c
om>
| www.shapeblue.com<http://www.shapeblue.com>

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 4 Sep 2013, at 17:53, "Nick Burke" <ni...@nickburke.com><mailto:
nick@nickburke.com<ma...@nickburke.com>>> wrote:

Thank you for the reply!

I am logged in through the GUI as the default admin user under the
ROOT domain. Just a quick clarification: I can see it under "Network
Offerings", but I can't actually use it/see it when I try to deploy an
instance and/or when creating a network.

According to cloudmonkey, it's enabled (this is the default system
created one I'd like to use);

CLOUD> list networkofferings
count = 8
networkoffering:
name = DefaultIsolatedNetworkOffering
id = 14b2f56b-b941-4495-a9e6-377a756bee70
availability = Optional
conservemode = True
displaytext = Offering for Isolated networks with no Source Nat
service forvpc = False guestiptype = Isolated isdefault = True
ispersistent = False networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter

======================================================================
==========
name = UserData
provider:
name = VirtualRouter

======================================================================
==========
name = Dns
provider:
name = VirtualRouter

======================================================================
========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest


This is the one I created myself:

CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
count = 1
networkoffering:
name = test
id = e00234b0-9252-4541-9f82-7d575b8b131e
availability = Optional
conservemode = False
displaytext = test
forvpc = False
guestiptype = Isolated
isdefault = False
ispersistent = True
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter

======================================================================
==========
name = UserData
provider:
name = VirtualRouter

======================================================================
==========
name = Dns
provider:
name = VirtualRouter

======================================================================
========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest




On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:

If the offering has 'specify VLAN', then only the admin should be able
to see it.
You can also use cloudmonkey to verify the offerings.


On 9/4/13 12:00 PM, "Nick Burke" <ni...@nickburke.com><mailto:
nick@nickburke.com<ma...@nickburke.com>>> wrote:

I've read the documents, but I can't seem to find anything about this
even after google searching.

Here is what I'm trying to accomplish: I'd like to have an external
hardware router handle the routing for certain networks. It's on VLAN10.

Here is what I'm seeing: Only one network offering is showing up under
"network offering" in create a network and for instances. It is "
DefaultIsolatedNetworkOfferingWithSourceNatService"


I've tried creating a new network offering with specify vlan and
specify IP addresses, but it doesn't seem to ever show up to be used.
Additionally, there is a system created one that looks like it could
do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.

If I create a network offering with the exact same options as as
DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
and can be used.


I'm in advanced networking mode for the zone, and as far as I can tell
everything is working well as expected.

Does anyone have any place they can point me to for this or offer some
advice as to why at least the system DefaultIsolatedNetworkOffering
can't be used?

--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens* This email and any
attachments to it may be confidential and are intended solely for the
use of the individual to whom it is addressed. Any views or opinions
expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not
the intended recipient of this email, you must neither take any action
based upon its contents, nor copy or show it to anyone. Please contact
the sender if you believe you have received this email in error. Shape
Blue Ltd is a company incorporated in England & Wales. ShapeBlue
Services India LLP is operated under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

Hi Geoff,

Thanks again for your reply and patience. I'm relieved to hear it's
possible with a little elbow grease!

I have no problem starting again what-so-ever with anything. This is
preproduction. I've been doing regular 'drop database cloud's so anything
dangerous can easily be done.

I think a large part of my problem is there is no "add guest network" in
Infrastructure / Zones / your-zone-name / Physical Network Tab /
your-network-name (the one with Guest Traffic) / Guest-Configure / Network
Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ). There are no
"right click" options either. I'm running version  4.1.1, if there is some
kind of version thing happening here.


Regarding API, can I use cloudmonkey or do I have to start doing research
into the API calls?


On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Hi Nick
>
> What you are trying to do is achievable, but you need to start again, as
> once you have created a network which has taken its VLAN from the Default
> Guest VLAN range you cannot change the network Offering to one which has
> the 'Specify VLAN' option set.
>
> Fortunately you can create the new networks you need using the correct
> Network Offerings, then use the 'addNicToVirtualMachine' and
> 'removeNicFromVirtualMachine' API commands to add the new Networks to the
> VM, and remove the old ones.
>
>
>
> I would create two network offerings, I'll call them 'External' and
> 'Internal'
>
> 'External' should not have any 'Services' as it does not need them, that
> way no VR will be created for this Network. Assign a 'Name'& 'Description',
> and check the 'Specify VLAN' option as you want to manually set the VLAN ID
> so it can connect to your external physical Router.  You do not need the
> 'Persistent' feature as there will be no VR.
>
> 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> services enabled, all set to 'Virtual Router' You don't need the
> 'Persistent' option as this simply keeps the VR running when you have no
> VMs, and as you want to run a 'Intrusion Detection' VM you will always have
> one running, and the VLAN is persistent even if do shut all VMs down, as
> you used the 'Specify VLAN' option.
>
> To actually create the networks you cannot use the main 'Network' tab, you
> must navigate to:
>
> Infrastructure / Zones / your-zone-name / Physical Network Tab /
> your-network-name (the one with Guest Traffic) / Guest-Configure / Network
> Tab
>
> Then click 'Add Guest Network' and set the 'scope' to account, you will
> now see the two new Network Offerings listed (as long as you enabled them).
>  Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> set to the IP of the Physical Router connected to the Internet.  Set the
> 'Guest Start IP' and 'Guest End IP' range so that it spans the IP you want
> to allocate to the External interface of your VM.  Although you will be
> setting the IP on the VM manually, and even though we did not assign the
> DHCP service to this Network, CloudStack will still allocate an IP to this
> VM and this will appear in the GUI.  To keep things neat I always use the
> API to allocate the IP of the VM when I create it so that the CloudStack
> allocated IP and my manually configured IP are the same.
>
> Repeat the process to create your 'Internal' network, setting the 'VLAN
> ID' to 100, the 'Guest Gateway' to the IP you intend to allocate to the
> Internal Interface of your Intrusion Detection VM, and setting 'Guest Start
> IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.
>  Note that the VR which gets created to handle the DHCP and DNS will be
> allocated the 1st IP from the Guest Range.
>
> Now create your Intrusion Detection VM using the API and not the GUI so
> you can specify the IPs for the External and Internal Interfaces, and set
> the External as the Default.  Once created, you can add additional VMs onto
> the Internal Network, and they will use the 'Intrusion Detection VM' as
> their Gateway.
>
> Note that the VLANs you use for the External and Internal networks must be
> outside of the default Guest VLAN Range.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 04 September 2013 18:56
> To: users@cloudstack.apache.org
> Subject: Re: Some network offerings missing after creating them
>
> Hello Geoff,
>
> Thank you for replying!
>
> I went there and tried to change it to the service offering I wanted, but
> once again the only one available is
> DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated
> VM's with this network. I can't add anything on that scree
>
> Here is a screenshot: http://imgur.com/ljrVYgP
>
>
> I think I'm missing something dreadfully obvious or I'm not being clear on
> what I'm trying to accomplish... or both! :-)
>
>
> Here is my end goal:
>
> IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
> Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
> VLAN200  public/static 4.3.3.3/24
>
>
> Both virtual nics are public IP addresses. One side is on one vlan, the
> other side is on a different one. All traffic routed from the internet must
> go through this virtual machine to reach the target 4.3.3.3/24 network
> and vice versa.
>
>
>
>
> On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com> wrote:
>
> > Nick,
> >
> > You need to go to Infrastructure / Zone / Phys Networks / Guest
> > Networks etc to use this type of network offering.
> >
> > The Networks Tab only shows network offerings which have the 'Source NAT'
> > service enabled
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com>> wrote:
> >
> > Thank you for the reply!
> >
> > I am logged in through the GUI as the default admin user under the
> > ROOT domain. Just a quick clarification: I can see it under "Network
> > Offerings", but I can't actually use it/see it when I try to deploy an
> > instance and/or when creating a network.
> >
> > According to cloudmonkey, it's enabled (this is the default system
> > created one I'd like to use);
> >
> > CLOUD> list networkofferings
> > count = 8
> > networkoffering:
> > name = DefaultIsolatedNetworkOffering
> > id = 14b2f56b-b941-4495-a9e6-377a756bee70
> > availability = Optional
> > conservemode = True
> > displaytext = Offering for Isolated networks with no Source Nat
> > service forvpc = False guestiptype = Isolated isdefault = True
> > ispersistent = False networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> > This is the one I created myself:
> >
> > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> > count = 1
> > networkoffering:
> > name = test
> > id = e00234b0-9252-4541-9f82-7d575b8b131e
> > availability = Optional
> > conservemode = False
> > displaytext = test
> > forvpc = False
> > guestiptype = Isolated
> > isdefault = False
> > ispersistent = True
> > networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> > Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:
> >
> > If the offering has 'specify VLAN', then only the admin should be able
> > to see it.
> > You can also use cloudmonkey to verify the offerings.
> >
> >
> > On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com>> wrote:
> >
> > I've read the documents, but I can't seem to find anything about this
> > even after google searching.
> >
> > Here is what I'm trying to accomplish: I'd like to have an external
> > hardware router handle the routing for certain networks. It's on VLAN10.
> >
> > Here is what I'm seeing: Only one network offering is showing up under
> > "network offering" in create a network and for instances. It is "
> > DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> > I've tried creating a new network offering with specify vlan and
> > specify IP addresses, but it doesn't seem to ever show up to be used.
> > Additionally, there is a system created one that looks like it could
> > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> > If I create a network offering with the exact same options as as
> > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> > and can be used.
> >
> >
> > I'm in advanced networking mode for the zone, and as far as I can tell
> > everything is working well as expected.
> >
> > Does anyone have any place they can point me to for this or offer some
> > advice as to why at least the system DefaultIsolatedNetworkOffering
> > can't be used?
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens*
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>



-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

RE: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Hi Nick

What you are trying to do is achievable, but you need to start again, as once you have created a network which has taken its VLAN from the Default Guest VLAN range you cannot change the network Offering to one which has the 'Specify VLAN' option set.

Fortunately you can create the new networks you need using the correct Network Offerings, then use the 'addNicToVirtualMachine' and 'removeNicFromVirtualMachine' API commands to add the new Networks to the VM, and remove the old ones.



I would create two network offerings, I'll call them 'External' and 'Internal'

'External' should not have any 'Services' as it does not need them, that way no VR will be created for this Network. Assign a 'Name'& 'Description', and check the 'Specify VLAN' option as you want to manually set the VLAN ID so it can connect to your external physical Router.  You do not need the 'Persistent' feature as there will be no VR.

'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS' services enabled, all set to 'Virtual Router' You don't need the 'Persistent' option as this simply keeps the VR running when you have no VMs, and as you want to run a 'Intrusion Detection' VM you will always have one running, and the VLAN is persistent even if do shut all VMs down, as you used the 'Specify VLAN' option.

To actually create the networks you cannot use the main 'Network' tab, you must navigate to:

Infrastructure / Zones / your-zone-name / Physical Network Tab / your-network-name (the one with Guest Traffic) / Guest-Configure / Network Tab

Then click 'Add Guest Network' and set the 'scope' to account, you will now see the two new Network Offerings listed (as long as you enabled them).  Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway' set to the IP of the Physical Router connected to the Internet.  Set the 'Guest Start IP' and 'Guest End IP' range so that it spans the IP you want to allocate to the External interface of your VM.  Although you will be setting the IP on the VM manually, and even though we did not assign the DHCP service to this Network, CloudStack will still allocate an IP to this VM and this will appear in the GUI.  To keep things neat I always use the API to allocate the IP of the VM when I create it so that the CloudStack allocated IP and my manually configured IP are the same.

Repeat the process to create your 'Internal' network, setting the 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to allocate to the Internal Interface of your Intrusion Detection VM, and setting 'Guest Start IP' and 'Guest End IP', ensuring they do not overlap the Guest Gateway.  Note that the VR which gets created to handle the DHCP and DNS will be allocated the 1st IP from the Guest Range.

Now create your Intrusion Detection VM using the API and not the GUI so you can specify the IPs for the External and Internal Interfaces, and set the External as the Default.  Once created, you can add additional VMs onto the Internal Network, and they will use the 'Intrusion Detection VM' as their Gateway.

Note that the VLANs you use for the External and Internal networks must be outside of the default Guest VLAN Range.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 04 September 2013 18:56
To: users@cloudstack.apache.org
Subject: Re: Some network offerings missing after creating them

Hello Geoff,

Thank you for replying!

I went there and tried to change it to the service offering I wanted, but once again the only one available is DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated VM's with this network. I can't add anything on that scree

Here is a screenshot: http://imgur.com/ljrVYgP


I think I'm missing something dreadfully obvious or I'm not being clear on what I'm trying to accomplish... or both! :-)


Here is my end goal:

IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) -> Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
VLAN200  public/static 4.3.3.3/24


Both virtual nics are public IP addresses. One side is on one vlan, the other side is on a different one. All traffic routed from the internet must go through this virtual machine to reach the target 4.3.3.3/24 network and vice versa.




On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom < geoff.higginbottom@shapeblue.com> wrote:

> Nick,
>
> You need to go to Infrastructure / Zone / Phys Networks / Guest
> Networks etc to use this type of network offering.
>
> The Networks Tab only shows network offerings which have the 'Source NAT'
> service enabled
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> om>
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com>> wrote:
>
> Thank you for the reply!
>
> I am logged in through the GUI as the default admin user under the
> ROOT domain. Just a quick clarification: I can see it under "Network
> Offerings", but I can't actually use it/see it when I try to deploy an
> instance and/or when creating a network.
>
> According to cloudmonkey, it's enabled (this is the default system
> created one I'd like to use);
>
> CLOUD> list networkofferings
> count = 8
> networkoffering:
> name = DefaultIsolatedNetworkOffering
> id = 14b2f56b-b941-4495-a9e6-377a756bee70
> availability = Optional
> conservemode = True
> displaytext = Offering for Isolated networks with no Source Nat
> service forvpc = False guestiptype = Isolated isdefault = True
> ispersistent = False networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
> This is the one I created myself:
>
> CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> count = 1
> networkoffering:
> name = test
> id = e00234b0-9252-4541-9f82-7d575b8b131e
> availability = Optional
> conservemode = False
> displaytext = test
> forvpc = False
> guestiptype = Isolated
> isdefault = False
> ispersistent = True
> networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = UserData
> provider:
> name = VirtualRouter
>
> ======================================================================
> ==========
> name = Dns
> provider:
> name = VirtualRouter
>
> ======================================================================
> ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
>
>
> On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:
>
> If the offering has 'specify VLAN', then only the admin should be able
> to see it.
> You can also use cloudmonkey to verify the offerings.
>
>
> On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com>> wrote:
>
> I've read the documents, but I can't seem to find anything about this
> even after google searching.
>
> Here is what I'm trying to accomplish: I'd like to have an external
> hardware router handle the routing for certain networks. It's on VLAN10.
>
> Here is what I'm seeing: Only one network offering is showing up under
> "network offering" in create a network and for instances. It is "
> DefaultIsolatedNetworkOfferingWithSourceNatService"
>
>
> I've tried creating a new network offering with specify vlan and
> specify IP addresses, but it doesn't seem to ever show up to be used.
> Additionally, there is a system created one that looks like it could
> do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
>
> If I create a network offering with the exact same options as as
> DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> and can be used.
>
>
> I'm in advanced networking mode for the zone, and as far as I can tell
> everything is working well as expected.
>
> Does anyone have any place they can point me to for this or offer some
> advice as to why at least the system DefaultIsolatedNetworkOffering
> can't be used?
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>



--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

Hello Geoff,

Thank you for replying!

I went there and tried to change it to the service offering I wanted, but
once again the only one available is
DefaultIsolatedNetworkOfferingWithSourceNatService. There is no associated
VM's with this network. I can't add anything on that scree

Here is a screenshot: http://imgur.com/ljrVYgP


I think I'm missing something dreadfully obvious or I'm not being clear on
what I'm trying to accomplish... or both! :-)


Here is my end goal:

IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
Intrusion Prevention System (aka, a cloudstack VMserver running linux) ->
VLAN200  public/static 4.3.3.3/24


Both virtual nics are public IP addresses. One side is on one vlan, the
other side is on a different one. All traffic routed from the internet must
go through this virtual machine to reach the target 4.3.3.3/24 network and
vice versa.




On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Nick,
>
> You need to go to Infrastructure / Zone / Phys Networks / Guest Networks
> etc to use this type of network offering.
>
> The Networks Tab only shows network offerings which have the 'Source NAT'
> service enabled
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<ma...@shapeblue.com>
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com>> wrote:
>
> Thank you for the reply!
>
> I am logged in through the GUI as the default admin user under the ROOT
> domain. Just a quick clarification: I can see it under "Network Offerings",
> but I can't actually use it/see it when I try to deploy an instance and/or
> when creating a network.
>
> According to cloudmonkey, it's enabled (this is the default system created
> one I'd like to use);
>
> CLOUD> list networkofferings
> count = 8
> networkoffering:
> name = DefaultIsolatedNetworkOffering
> id = 14b2f56b-b941-4495-a9e6-377a756bee70
> availability = Optional
> conservemode = True
> displaytext = Offering for Isolated networks with no Source Nat service
> forvpc = False
> guestiptype = Isolated
> isdefault = True
> ispersistent = False
> networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ================================================================================
> name = UserData
> provider:
> name = VirtualRouter
>
> ================================================================================
> name = Dns
> provider:
> name = VirtualRouter
>
> ================================================================================
> serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
> This is the one I created myself:
>
> CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> count = 1
> networkoffering:
> name = test
> id = e00234b0-9252-4541-9f82-7d575b8b131e
> availability = Optional
> conservemode = False
> displaytext = test
> forvpc = False
> guestiptype = Isolated
> isdefault = False
> ispersistent = True
> networkrate = 200
> service:
> name = Dhcp
> provider:
> name = VirtualRouter
>
> ================================================================================
> name = UserData
> provider:
> name = VirtualRouter
>
> ================================================================================
> name = Dns
> provider:
> name = VirtualRouter
>
> ================================================================================
> serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> specifyipranges = True
> specifyvlan = True
> state = Enabled
> traffictype = Guest
>
>
>
>
> On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:
>
> If the offering has 'specify VLAN', then only the admin should be able to
> see it.
> You can also use cloudmonkey to verify the offerings.
>
>
> On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> nick@nickburke.com>> wrote:
>
> I've read the documents, but I can't seem to find anything about this even
> after google searching.
>
> Here is what I'm trying to accomplish: I'd like to have an external
> hardware router handle the routing for certain networks. It's on VLAN10.
>
> Here is what I'm seeing: Only one network offering is showing up under
> "network offering" in create a network and for instances. It is "
> DefaultIsolatedNetworkOfferingWithSourceNatService"
>
>
> I've tried creating a new network offering with specify vlan and specify
> IP
> addresses, but it doesn't seem to ever show up to be used. Additionally,
> there is a system created one that looks like it could do it,
> "DefaultIsolatedNetworkOffering" but it too doesn't show up.
>
> If I create a network offering with the exact same options as as
> DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up and
> can
> be used.
>
>
> I'm in advanced networking mode for the zone, and as far as I can tell
> everything is working well as expected.
>
> Does anyone have any place they can point me to for this or offer some
> advice as to why at least the system DefaultIsolatedNetworkOffering can't
> be used?
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
>
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>



-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

Re: Some network offerings missing after creating them

[Geoff Higginbottom <ge...@shapeblue.com>]

Nick,

You need to go to Infrastructure / Zone / Phys Networks / Guest Networks etc to use this type of network offering.

The Networks Tab only shows network offerings which have the 'Source NAT' service enabled

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540> | M: +447968161581<tel:+447968161581>

geoff.higginbottom@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 4 Sep 2013, at 17:53, "Nick Burke" <ni...@nickburke.com>> wrote:

Thank you for the reply!

I am logged in through the GUI as the default admin user under the ROOT
domain. Just a quick clarification: I can see it under "Network Offerings",
but I can't actually use it/see it when I try to deploy an instance and/or
when creating a network.

According to cloudmonkey, it's enabled (this is the default system created
one I'd like to use);

CLOUD> list networkofferings
count = 8
networkoffering:
name = DefaultIsolatedNetworkOffering
id = 14b2f56b-b941-4495-a9e6-377a756bee70
availability = Optional
conservemode = True
displaytext = Offering for Isolated networks with no Source Nat service
forvpc = False
guestiptype = Isolated
isdefault = True
ispersistent = False
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter
================================================================================
name = UserData
provider:
name = VirtualRouter
================================================================================
name = Dns
provider:
name = VirtualRouter
================================================================================
serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest


This is the one I created myself:

CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
count = 1
networkoffering:
name = test
id = e00234b0-9252-4541-9f82-7d575b8b131e
availability = Optional
conservemode = False
displaytext = test
forvpc = False
guestiptype = Isolated
isdefault = False
ispersistent = True
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter
================================================================================
name = UserData
provider:
name = VirtualRouter
================================================================================
name = Dns
provider:
name = VirtualRouter
================================================================================
serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest




On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
Chiradeep.Vittal@citrix.com<ma...@citrix.com>> wrote:

If the offering has 'specify VLAN', then only the admin should be able to
see it.
You can also use cloudmonkey to verify the offerings.


On 9/4/13 12:00 PM, "Nick Burke" <ni...@nickburke.com>> wrote:

I've read the documents, but I can't seem to find anything about this even
after google searching.

Here is what I'm trying to accomplish: I'd like to have an external
hardware router handle the routing for certain networks. It's on VLAN10.

Here is what I'm seeing: Only one network offering is showing up under
"network offering" in create a network and for instances. It is "
DefaultIsolatedNetworkOfferingWithSourceNatService"


I've tried creating a new network offering with specify vlan and specify
IP
addresses, but it doesn't seem to ever show up to be used. Additionally,
there is a system created one that looks like it could do it,
"DefaultIsolatedNetworkOffering" but it too doesn't show up.

If I create a network offering with the exact same options as as
DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up and
can
be used.


I'm in advanced networking mode for the zone, and as far as I can tell
everything is working well as expected.

Does anyone have any place they can point me to for this or offer some
advice as to why at least the system DefaultIsolatedNetworkOffering can't
be used?

--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*




--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Some network offerings missing after creating them

[Nick Burke <ni...@nickburke.com>]

Thank you for the reply!

I am logged in through the GUI as the default admin user under the ROOT
domain. Just a quick clarification: I can see it under "Network Offerings",
but I can't actually use it/see it when I try to deploy an instance and/or
when creating a network.

According to cloudmonkey, it's enabled (this is the default system created
one I'd like to use);

CLOUD> list networkofferings
count = 8
networkoffering:
name = DefaultIsolatedNetworkOffering
id = 14b2f56b-b941-4495-a9e6-377a756bee70
availability = Optional
conservemode = True
displaytext = Offering for Isolated networks with no Source Nat service
forvpc = False
guestiptype = Isolated
isdefault = True
ispersistent = False
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter
================================================================================
name = UserData
provider:
name = VirtualRouter
================================================================================
name = Dns
provider:
name = VirtualRouter
================================================================================
serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest


This is the one I created myself:

CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
count = 1
networkoffering:
name = test
id = e00234b0-9252-4541-9f82-7d575b8b131e
availability = Optional
conservemode = False
displaytext = test
forvpc = False
guestiptype = Isolated
isdefault = False
ispersistent = True
networkrate = 200
service:
name = Dhcp
provider:
name = VirtualRouter
================================================================================
name = UserData
provider:
name = VirtualRouter
================================================================================
name = Dns
provider:
name = VirtualRouter
================================================================================
serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
specifyipranges = True
specifyvlan = True
state = Enabled
traffictype = Guest




On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
Chiradeep.Vittal@citrix.com> wrote:

> If the offering has 'specify VLAN', then only the admin should be able to
> see it.
> You can also use cloudmonkey to verify the offerings.
>
>
> On 9/4/13 12:00 PM, "Nick Burke" <ni...@nickburke.com> wrote:
>
> >I've read the documents, but I can't seem to find anything about this even
> >after google searching.
> >
> >Here is what I'm trying to accomplish: I'd like to have an external
> >hardware router handle the routing for certain networks. It's on VLAN10.
> >
> >Here is what I'm seeing: Only one network offering is showing up under
> >"network offering" in create a network and for instances. It is "
> >DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> >I've tried creating a new network offering with specify vlan and specify
> >IP
> >addresses, but it doesn't seem to ever show up to be used. Additionally,
> >there is a system created one that looks like it could do it,
> >"DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> >If I create a network offering with the exact same options as as
> >DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up and
> >can
> >be used.
> >
> >
> >I'm in advanced networking mode for the zone, and as far as I can tell
> >everything is working well as expected.
> >
> >Does anyone have any place they can point me to for this or offer some
> >advice as to why at least the system DefaultIsolatedNetworkOffering can't
> >be used?
> >
> >--
> >Nick
> >
> >*'What is a human being, then?'
> >'A seed'
> >'A... seed?'
> >'An acorn that is unafraid to destroy itself in growing into a tree.'
> >-David Zindell, A Requiem for Homo Sapiens*
>
>


-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

Re: Some network offerings missing after creating them

[Chiradeep Vittal <Ch...@citrix.com>]

If the offering has 'specify VLAN', then only the admin should be able to
see it.
You can also use cloudmonkey to verify the offerings.


On 9/4/13 12:00 PM, "Nick Burke" <ni...@nickburke.com> wrote:

>I've read the documents, but I can't seem to find anything about this even
>after google searching.
>
>Here is what I'm trying to accomplish: I'd like to have an external
>hardware router handle the routing for certain networks. It's on VLAN10.
>
>Here is what I'm seeing: Only one network offering is showing up under
>"network offering" in create a network and for instances. It is "
>DefaultIsolatedNetworkOfferingWithSourceNatService"
>
>
>I've tried creating a new network offering with specify vlan and specify
>IP
>addresses, but it doesn't seem to ever show up to be used. Additionally,
>there is a system created one that looks like it could do it,
>"DefaultIsolatedNetworkOffering" but it too doesn't show up.
>
>If I create a network offering with the exact same options as as
>DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up and
>can
>be used.
>
>
>I'm in advanced networking mode for the zone, and as far as I can tell
>everything is working well as expected.
>
>Does anyone have any place they can point me to for this or offer some
>advice as to why at least the system DefaultIsolatedNetworkOffering can't
>be used?
>
>-- 
>Nick
>
>*'What is a human being, then?'
>'A seed'
>'A... seed?'
>'An acorn that is unafraid to destroy itself in growing into a tree.'
>-David Zindell, A Requiem for Homo Sapiens*