You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ra...@apache.org on 2013/06/14 08:36:15 UTC
git commit: updated refs/heads/master to b2111e4
Updated Branches:
refs/heads/master 5e56e43e3 -> b2111e46b
CLOUDSTACK-2986
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b2111e46
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b2111e46
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b2111e46
Branch: refs/heads/master
Commit: b2111e46b77a84aa316c9a1af16c12d04490131f
Parents: 5e56e43
Author: Radhika PC <ra...@citrix.com>
Authored: Fri Jun 14 12:05:12 2013 +0530
Committer: Radhika PC <ra...@citrix.com>
Committed: Fri Jun 14 12:05:50 2013 +0530
----------------------------------------------------------------------
docs/en-US/pvlan.xml | 125 +++++++++++++++++++++++-----------------------
1 file changed, 62 insertions(+), 63 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b2111e46/docs/en-US/pvlan.xml
----------------------------------------------------------------------
diff --git a/docs/en-US/pvlan.xml b/docs/en-US/pvlan.xml
index c4d8f92..d569507 100644
--- a/docs/en-US/pvlan.xml
+++ b/docs/en-US/pvlan.xml
@@ -32,14 +32,10 @@
<para>Isolate VMs in a shared networks by using Private VLANs.</para>
</listitem>
<listitem>
- <para>Supported in both VPC and non-VPC deployments.</para>
+ <para>Supported on KVM, XenServer, and VMware hypervisors</para>
</listitem>
<listitem>
- <para>Supported on all hypervisors.</para>
- </listitem>
- <listitem>
- <para>Allow end users to deploy VMs in an isolated networks, or a VPC, or a Private
- VLAN-enabled shared network.</para>
+ <para>PVLAN-enabled shared network can be a part of multiple networks of a guest VM.</para>
</listitem>
</itemizedlist>
<section id="about-pvlan">
@@ -122,54 +118,15 @@
greater than the number of PVLANs used.</para>
</listitem>
<listitem>
- <para>If your Catalyst switch supports PVLAN, but not PVLAN promiscuous trunk mode, perform
- the following: </para>
- <orderedlist numeration="loweralpha">
- <listitem>
- <para>Configure one of the switch port as trunk for management network (management
- VLAN).</para>
- </listitem>
- <listitem>
- <para>For each PVLAN, perform the following:</para>
- <orderedlist numeration="lowerroman">
- <listitem>
- <para>Connect a port of the Catalyst switch to the upper switch.</para>
- </listitem>
- <listitem>
- <para>Set the port in the Catalyst Switch in promiscuous mode for one pair of
- PVLAN.</para>
- </listitem>
- <listitem>
- <para>Set the port in the upper switch to access mode, and allow only the traffic of
- the primary VLAN of the PVLAN pair.</para>
- </listitem>
- </orderedlist>
- </listitem>
- </orderedlist>
- </listitem>
- <listitem>
<para>Configure private VLAN on your physical switches out-of-band.</para>
</listitem>
<listitem>
- <para>Open vSwitch (OVS) used by XenServer and KVM does not support PVLAN. Therefore,
- simulate PVLAN on OVS for XenServer and KVM by modifying the flow table to achieve the
- following:</para>
- <itemizedlist>
- <listitem>
- <para>For every traffic leaving user VMs, tag with the secondary isolated VLAN
- ID.</para>
- </listitem>
- <listitem>
- <para>Change the VLAN ID to primary VLAN ID.</para>
- <para>This allows the traffic which is tagged with the secondary isolated VLAN ID reach
- the DHCP server. </para>
- </listitem>
- <listitem>
- <para>The gateway is PVLAN-unaware; therefore, the switch connected to the gateway
- should translate all the secondary VLAN to primary VLAN for communicating with the
- gateway.</para>
- </listitem>
- </itemizedlist>
+ <para>Before you use PVLAN on XenServer and KVM, enable Open vSwitch (OVS) .</para>
+ <note>
+ <para>OVS on XenServer and KVM does not support PVLAN. Therefore, simulate PVLAN on OVS
+ for XenServer and KVM by modifying the flow table and tagging every traffic leaving
+ guest VMs with the secondary VLAN ID.</para>
+ </note>
</listitem>
</itemizedlist>
</section>
@@ -208,41 +165,83 @@
<para>Specify the following:</para>
<itemizedlist>
<listitem>
- <para>Name:</para>
+ <para><emphasis role="bold">Name</emphasis>: The name of the network. This will be
+ visible to the user.</para>
</listitem>
<listitem>
- <para>Description:</para>
+ <para><emphasis role="bold">Description</emphasis>: The short description of the network
+ that can be displayed to users.</para>
</listitem>
<listitem>
- <para>VLAN ID:</para>
+ <para><emphasis role="bold">VLAN ID</emphasis>: The unique ID of the VLAN.</para>
</listitem>
<listitem>
- <para>Private VLAN ID:</para>
+ <para><emphasis role="bold">Isolated VLAN ID</emphasis>: The unique ID of the Secondary
+ Isolated VLAN. </para>
+ <para>For the description on Secondary Isolated VLAN, see <xref linkend="about-pvlan"
+ />.</para>
</listitem>
<listitem>
- <para>Scope:</para>
+ <para><emphasis role="bold">Scope</emphasis>: The available scopes are Domain, Account,
+ Project, and All.</para>
+ <itemizedlist>
+ <listitem>
+ <para><emphasis role="bold">Domain</emphasis>: Selecting Domain limits the scope of
+ this guest network to the domain you specify. The network will not be available
+ for other domains. If you select Subdomain Access, the guest network is available
+ to all the sub domains within the selected domain.</para>
+ </listitem>
+ <listitem>
+ <para><emphasis role="bold">Account</emphasis>: The account for which the guest
+ network is being created for. You must specify the domain the account belongs
+ to.</para>
+ </listitem>
+ <listitem>
+ <para><emphasis role="bold">Project</emphasis>: The project for which the guest
+ network is being created for. You must specify the domain the project belongs
+ to.</para>
+ </listitem>
+ <listitem>
+ <para><emphasis role="bold">All</emphasis>: The guest network is available for all
+ the domains, account, projects within the selected zone. </para>
+ </listitem>
+ </itemizedlist>
</listitem>
<listitem>
- <para>Network Offering:</para>
+ <para><emphasis role="bold">Network Offering</emphasis>: If the administrator has
+ configured multiple network offerings, select the one you want to use for this
+ network.</para>
</listitem>
<listitem>
- <para>Gateway:</para>
+ <para><emphasis role="bold">Gateway</emphasis>: The gateway that the guests should
+ use.</para>
</listitem>
<listitem>
- <para>Netmask:</para>
+ <para><emphasis role="bold">Netmask</emphasis>: The netmask in use on the subnet the
+ guests will use.</para>
</listitem>
<listitem>
- <para>IP Range:</para>
+ <para><emphasis role="bold">IP Range</emphasis>: A range of IP addresses that are
+ accessible from the Internet and are assigned to the guest VMs.</para>
+ <para>If one NIC is used, these IPs should be in the same CIDR in the case of
+ IPv6.</para>
</listitem>
<listitem>
- <para>IPv6 CIDR:</para>
+ <para><emphasis role="bold">IPv6 CIDR</emphasis>: The network prefix that defines the
+ guest network subnet. This is the CIDR that describes the IPv6 addresses in use in the
+ guest networks in this zone. To allot IP addresses from within a particular address
+ block, enter a CIDR.</para>
</listitem>
<listitem>
- <para>Network Domain:</para>
+ <para><emphasis role="bold">Network Domain</emphasis>: A custom DNS suffix at the level
+ of a network. If you want to assign a special domain name to the guest VM network,
+ specify a DNS suffix.</para>
</listitem>
</itemizedlist>
</listitem>
- <listitem><para>Click OK to confirm.</para></listitem>
+ <listitem>
+ <para>Click OK to confirm.</para>
+ </listitem>
</orderedlist>
</section>
</section>