You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by "Christopher M. Ryan" <cr...@harmonia.com> on 2013/07/25 15:27:01 UTC
Global Guest Networks
Hi all,
Is there a way to force all users to only have the option to pick from a list of predefined guest networks instead of creating their own? These networks can be shared. We are trying to have 2 networks that a user can create a VM on and are finding it difficult to lock them into predefined networks.
Thank!
Re: Global Guest Networks
Posted by Chiradeep Vittal <Ch...@citrix.com>.
For your use case you really don't need a public network it seems.
If you were re-doing your setup, assign the public network to be something
else (VLAN UNUSEDXX, network UNUSED/24), and create a shared network with
the cidr 192.168.0.0/24.
BUT, this might not be advisable since CloudStack will create a DHCP
server on this network. But you probably ALREADY have a DHCP server on
this network which will respond to the CloudStack Vms instead of
CloudStack's own DHCP server.
On 7/30/13 8:53 AM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>Thanks Murali! Your advice has helped me create shared networks but it
>doesn't work as I expected. When creating a VM on a shared network, it is
>not accessible outside of the Cloudstack Console button. How would I be
>able to have VMs on a shared network automatically placed on the Public
>network? I know this is possible on an isolated network using
>source/static NAT but we need the VMs to be able to communicate with each
>other on a network that's offered globally to all users.
>
>Here are the configurations I have:
>
>Each server has 2 nics. I have divided up communications as follows:
> Eth0: Public and Guest
> Eth1: Storage and Management
>
>Switch:
> VLAN 1: "Public"
> VLAN 2: "Guest"
> VLAN 3: "Storage/Management" - All ports thi
>
> Public (VLAN1) is UNTAGGED on the following ports:
> 1: the cloudstack server
>
> Public (VLAN1) is TAGGED on the following ports:
> 3: Host 1
> 5: Host 2
> 7: Host 3
> 9: Host 4
> 15: Link to office switch (which doesn't have any VLANs configured)
>
> Guest (VLAN2) is TAGGED on the following ports:
> 3: Host 1
> 5: Host 2
> 7: Host 3
> 9: Host 4
>
> Storage/Management (VLAN3) is UNTAGGED on the following ports:
> 2: Host 1
> 4: Host 2
> 6: Host 3
> 8: Host 4
> 10: SAN
> 11: SAN
> 12: SAN
> 13: SAN
> 14: ASA
>
>The office's network is on CIDR 192.168.0.0/24. I have configured the
>Public network to use VLAN ID 1 and use the same CIDR as the office
>network (192.168.0.0/24)
>
>I can get static NAT working with isolated networks by not tagging the
>public VLAN on the switch and configuring the Public network to be
>untagged. Unfortunately it seems shared networking requires VLAN tagging
>so I tried tagging both the Public network and the corresponding Public
>VLAN on the switch with VLAN ID 1 but that didn't seem to work.
>
>I would like to have VMs within a shared network available directly
>through the office network (192.168.0.0/24). Anyone know how this could
>be accomplished? I have learned a lot about networking through using
>CloudStack but am definitely no network engineer.
>
>
>-----Original Message-----
>From: Christopher M. Ryan [mailto:cryan@harmonia.com]
>Sent: Tuesday, July 30, 2013 9:52 AM
>To: users@cloudstack.apache.org
>Subject: RE: Global Guest Networks
>
>Figured it out! I needed to create a Guest Network by going to
>Infrastructure > Zones > Zone Name > Physical Network > Guest Network
>>Network Tab
>
>
>Chris Ryan
>Harmonia Holdings Group, LLC
>404 People Place, Suite 402
>Charlottesville, VA 22911
>Office: (434) 244-4002
>
>
>
>
>-----Original Message-----
>From: Christopher M. Ryan [mailto:cryan@harmonia.com]
>Sent: Tuesday, July 30, 2013 9:07 AM
>To: users@cloudstack.apache.org
>Subject: RE: Global Guest Networks
>
>I created and enabled a Network Offering with Guest Type "Shared." it
>does not show as an option when creating a Guest Network. Only Network
>Offerings with Guest Type "Isolated" are shown. An empty list is shown
>when creating a new Guest Network after disabling all Network Offerings
>with Guest Type "Isolated."
>
>I am using Advanced Networking.
>
>
>Chris Ryan
>Harmonia Holdings Group, LLC
>404 People Place, Suite 402
>Charlottesville, VA 22911
>Office: (434) 244-4002
>
>
>
>-----Original Message-----
>From: Murali Reddy [mailto:Murali.Reddy@citrix.com]
>Sent: Thursday, July 25, 2013 10:08 AM
>To: users@cloudstack.apache.org
>Subject: Re: Global Guest Networks
>
>On 25/07/13 6:57 PM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>
>>Hi all,
>>
>>
>>
>>Is there a way to force all users to only have the option to pick from
>>a list of predefined guest networks instead of creating their own?
>>These networks can be shared. We are trying to have 2 networks that a
>>user can create a VM on and are finding it difficult to lock them into
>>predefined networks.
>>
>
>You could disable all network offerings with 'isolated' guest traffic
>type, and create shared networks and make them available to all users.
>
>>
>>
>>Thank!
>>
>>
>>
>>
>
>
RE: Global Guest Networks
Posted by "Christopher M. Ryan" <cr...@harmonia.com>.
Thanks Murali! Your advice has helped me create shared networks but it doesn't work as I expected. When creating a VM on a shared network, it is not accessible outside of the Cloudstack Console button. How would I be able to have VMs on a shared network automatically placed on the Public network? I know this is possible on an isolated network using source/static NAT but we need the VMs to be able to communicate with each other on a network that's offered globally to all users.
Here are the configurations I have:
Each server has 2 nics. I have divided up communications as follows:
Eth0: Public and Guest
Eth1: Storage and Management
Switch:
VLAN 1: "Public"
VLAN 2: "Guest"
VLAN 3: "Storage/Management" - All ports thi
Public (VLAN1) is UNTAGGED on the following ports:
1: the cloudstack server
Public (VLAN1) is TAGGED on the following ports:
3: Host 1
5: Host 2
7: Host 3
9: Host 4
15: Link to office switch (which doesn't have any VLANs configured)
Guest (VLAN2) is TAGGED on the following ports:
3: Host 1
5: Host 2
7: Host 3
9: Host 4
Storage/Management (VLAN3) is UNTAGGED on the following ports:
2: Host 1
4: Host 2
6: Host 3
8: Host 4
10: SAN
11: SAN
12: SAN
13: SAN
14: ASA
The office's network is on CIDR 192.168.0.0/24. I have configured the Public network to use VLAN ID 1 and use the same CIDR as the office network (192.168.0.0/24)
I can get static NAT working with isolated networks by not tagging the public VLAN on the switch and configuring the Public network to be untagged. Unfortunately it seems shared networking requires VLAN tagging so I tried tagging both the Public network and the corresponding Public VLAN on the switch with VLAN ID 1 but that didn't seem to work.
I would like to have VMs within a shared network available directly through the office network (192.168.0.0/24). Anyone know how this could be accomplished? I have learned a lot about networking through using CloudStack but am definitely no network engineer.
-----Original Message-----
From: Christopher M. Ryan [mailto:cryan@harmonia.com]
Sent: Tuesday, July 30, 2013 9:52 AM
To: users@cloudstack.apache.org
Subject: RE: Global Guest Networks
Figured it out! I needed to create a Guest Network by going to Infrastructure > Zones > Zone Name > Physical Network > Guest Network >Network Tab
Chris Ryan
Harmonia Holdings Group, LLC
404 People Place, Suite 402
Charlottesville, VA 22911
Office: (434) 244-4002
-----Original Message-----
From: Christopher M. Ryan [mailto:cryan@harmonia.com]
Sent: Tuesday, July 30, 2013 9:07 AM
To: users@cloudstack.apache.org
Subject: RE: Global Guest Networks
I created and enabled a Network Offering with Guest Type "Shared." it does not show as an option when creating a Guest Network. Only Network Offerings with Guest Type "Isolated" are shown. An empty list is shown when creating a new Guest Network after disabling all Network Offerings with Guest Type "Isolated."
I am using Advanced Networking.
Chris Ryan
Harmonia Holdings Group, LLC
404 People Place, Suite 402
Charlottesville, VA 22911
Office: (434) 244-4002
-----Original Message-----
From: Murali Reddy [mailto:Murali.Reddy@citrix.com]
Sent: Thursday, July 25, 2013 10:08 AM
To: users@cloudstack.apache.org
Subject: Re: Global Guest Networks
On 25/07/13 6:57 PM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>Hi all,
>
>
>
>Is there a way to force all users to only have the option to pick from
>a list of predefined guest networks instead of creating their own?
>These networks can be shared. We are trying to have 2 networks that a
>user can create a VM on and are finding it difficult to lock them into
>predefined networks.
>
You could disable all network offerings with 'isolated' guest traffic type, and create shared networks and make them available to all users.
>
>
>Thank!
>
>
>
>
RE: Global Guest Networks
Posted by "Christopher M. Ryan" <cr...@harmonia.com>.
Figured it out! I needed to create a Guest Network by going to Infrastructure > Zones > Zone Name > Physical Network > Guest Network >Network Tab
Chris Ryan
Harmonia Holdings Group, LLC
404 People Place, Suite 402
Charlottesville, VA 22911
Office: (434) 244-4002
-----Original Message-----
From: Christopher M. Ryan [mailto:cryan@harmonia.com]
Sent: Tuesday, July 30, 2013 9:07 AM
To: users@cloudstack.apache.org
Subject: RE: Global Guest Networks
I created and enabled a Network Offering with Guest Type "Shared." it does not show as an option when creating a Guest Network. Only Network Offerings with Guest Type "Isolated" are shown. An empty list is shown when creating a new Guest Network after disabling all Network Offerings with Guest Type "Isolated."
I am using Advanced Networking.
Chris Ryan
Harmonia Holdings Group, LLC
404 People Place, Suite 402
Charlottesville, VA 22911
Office: (434) 244-4002
-----Original Message-----
From: Murali Reddy [mailto:Murali.Reddy@citrix.com]
Sent: Thursday, July 25, 2013 10:08 AM
To: users@cloudstack.apache.org
Subject: Re: Global Guest Networks
On 25/07/13 6:57 PM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>Hi all,
>
>
>
>Is there a way to force all users to only have the option to pick from
>a list of predefined guest networks instead of creating their own?
>These networks can be shared. We are trying to have 2 networks that a
>user can create a VM on and are finding it difficult to lock them into
>predefined networks.
>
You could disable all network offerings with 'isolated' guest traffic type, and create shared networks and make them available to all users.
>
>
>Thank!
>
>
>
>
RE: Global Guest Networks
Posted by "Christopher M. Ryan" <cr...@harmonia.com>.
I created and enabled a Network Offering with Guest Type "Shared." it does not show as an option when creating a Guest Network. Only Network Offerings with Guest Type "Isolated" are shown. An empty list is shown when creating a new Guest Network after disabling all Network Offerings with Guest Type "Isolated."
I am using Advanced Networking.
Chris Ryan
Harmonia Holdings Group, LLC
404 People Place, Suite 402
Charlottesville, VA 22911
Office: (434) 244-4002
-----Original Message-----
From: Murali Reddy [mailto:Murali.Reddy@citrix.com]
Sent: Thursday, July 25, 2013 10:08 AM
To: users@cloudstack.apache.org
Subject: Re: Global Guest Networks
On 25/07/13 6:57 PM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>Hi all,
>
>
>
>Is there a way to force all users to only have the option to pick from
>a list of predefined guest networks instead of creating their own?
>These networks can be shared. We are trying to have 2 networks that a
>user can create a VM on and are finding it difficult to lock them into
>predefined networks.
>
You could disable all network offerings with 'isolated' guest traffic type, and create shared networks and make them available to all users.
>
>
>Thank!
>
>
>
>
Re: Global Guest Networks
Posted by Murali Reddy <Mu...@citrix.com>.
On 25/07/13 6:57 PM, "Christopher M. Ryan" <cr...@harmonia.com> wrote:
>Hi all,
>
>
>
>Is there a way to force all users to only have the option to pick from a
>list of predefined guest networks instead of creating their own? These
>networks can be shared. We are trying to have 2 networks that a user can
>create a VM on and are finding it difficult to lock them into predefined
>networks.
>
You could disable all network offerings with 'isolated' guest traffic
type, and create shared networks and make them available to all users.
>
>
>Thank!
>
>
>
>