To summarise the discussion so far: - multiple guest Ips per NIC is very important for VPS-like environments. The primary usecase here would be ssl certs that are tied to the ip. - an additional advantage is the ability to perform ip-takeover required in HA/hearbeat environments - most important in a shared network (e.g., where all vms have non-RFC1918 addresses) - also required in advanced zone where there is a virtual router doing NAT/PF. - it is expected that there is a 'primary ip' assigned by DHCP and the additional ips are assigned manually by the VM owner. However additional ips are requested through CS API/UI. - should be able to NAT to these additional guest ips when there is a VR/managed firewall. - In Basic Zone this is a nice to have but not pressing.
On 11/21/12 2:26 PM, "Clayton Weise" <cwe...@iswest.net> wrote: >James, you're looking at it from a larger scope in which VMs are cogs in >a big machine, but if you look at it from a smaller customer perspective >this is not only something that is essential, it's _assumed_ to exist. >Case in point, shared hosting providers of any sort. It's very common to >have a single server which hosts multiple websites and SSL requires a >unique binding. There are NAT hacks around this with advanced >networking, but nothing in basic networking. > >For smaller cloud hosting companies, web design firms and other hosting >providers are easy customers to acquire and see a big benefit in handing >off the infrastructure to the cloud hoster and just worrying about >administering their websites. A VM that can only have a single IP >address is basically useless for them. And if you tell them they need to >get separate instances for each SSL site they're going to go to a >competitor. > >-----Original Message----- >From: Boylan, James [mailto:james.boy...@orbitz.com] >Sent: Wednesday, November 21, 2012 11:46 AM >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >Single NIC. I can definitely seeing situations where you would want to >have multiple interfaces for managing the traffic within a VM. But I >don't really see the real benefit in a cloud environment for having a >number of IPs assigned to one NIC. (Cloud environment not just a virtual >environment.) > >-- James > > >-----Original Message----- >From: Hari Kannan [mailto:hari.kan...@citrix.com] >Sent: Wednesday, November 21, 2012 1:42 PM >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >@James: Are you saying there is no benefit in having a single VM having >multiple IPs or a single NIC having multiple IPs? > >-----Original Message----- >From: Jonathan Bastin [mailto:jonathan.bas...@peerpointinternet.co.uk] >Sent: Wednesday, November 21, 2012 11:41 AM >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >But if customer requests it then you need to provide it. May people use >IP locking than port locking for SSL certs. > >-----Original Message----- >From: Boylan, James [mailto:james.boy...@orbitz.com] >Sent: 21 November 2012 19:37 >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >I don't actually see the benefit of this. It really goes against the >whole point of a Cloud environment. You shouldn't find yourself in a >situation where you need multiple IPs per interface. > >-- James > >-----Original Message----- >From: Jonathan Bastin [mailto:jonathan.bas...@peerpointinternet.co.uk] >Sent: Wednesday, November 21, 2012 1:35 PM >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >I said to fill my request it would need to work on advanced with the >guest network as this is where the pool sits. I also request this on a >shared and an isolated network. > >-----Original Message----- >From: Anthony Xu [mailto:xuefei...@citrix.com] >Sent: 21 November 2012 19:29 >To: cloudstack-users@incubator.apache.org >Subject: RE: Multiple IP's to one instance > >Where is FS for this feature? Will this feature be added to basic zone? >If that's the case, Security group needs to be changed, otherwise the >second IP will not work because of anti-spoofing. > >Anthony > >> -----Original Message----- >> From: Jonathan Bastin [mailto:jonathan.bas...@peerpointinternet.co.uk] >> Sent: Wednesday, November 21, 2012 11:11 AM >> To: cloudstack-users@incubator.apache.org >> Subject: RE: Multiple IP's to one instance >> >> I suggested that a few emails back and ultimately that is the quickest >> way and a dev did post back to say they were working on it for release >> 4.1 if it makes it. >> >> -----Original Message----- >> From: Clayton Weise [mailto:cwe...@iswest.net] >> Sent: 21 November 2012 18:23 >> To: cloudstack-users >> Subject: RE: Multiple IP's to one instance >> >> Given that limitation, couldn't CloudStack just take whatever steps >> necessary to make sure that the IP address doesn't get assigned to >> anything else and let the user manually add that second address? It >> just seems easier >> >> -----Original Message----- >> From: Facundo Guerrero [mailto:fguerr...@ipaddress.com.ar] >> Sent: Wednesday, November 21, 2012 9:50 AM >> To: cloudstack-users >> Subject: Re: Multiple IP's to one instance >> >> KVM has a limit of 8 nic's per VM. and there is no limit for multimes >> ip's on the same nic. >> >> *Facundo Guerrero* >> *System Administrator* >> *IPaddress integradores de soluciones* >> Tel: (54 11) 6009-5800 int 117 >> GPG ID: 0x14F4C737 >> fguerr...@ipaddress.com.ar >> *www.ipaddress.com.ar* >> >> >> >> >> 2012/11/21 Chip Childers <chip.child...@sungard.com> >> >> > On Wed, Nov 21, 2012 at 12:34 PM, Anthony Xu <xuefei...@citrix.com> >> wrote: >> > > CS manages User VM IP through DHCP service, I'm not sure DHCP can >> > deliver two IPs for one MAC/NIC. >> > > I agree that multiple NICs is easier than multiple IPs on same NIC. >> > >> > Since they are virtual hardware anyway, it's logical to just create >> > new interfaces instead of dealing with the difficulties of multiple >> > IPs per NIC. >> > >> > > Anthony >> > > >> > > >> > > >> > >> -----Original Message----- >> > >> From: Matthew Hartmann [mailto:mhartm...@tls.net] >> > >> Sent: Wednesday, November 21, 2012 8:54 AM >> > >> To: cloudstack-users@incubator.apache.org >> > >> Subject: RE: Multiple IP's to one instance >> > >> >> > >> What would be really neat is if you could have multiple NICs per >> VM >> > >> without having to have multiple virtual networks. For example, if >> > >> I'm hosting a shared web server and need to host multiple SSL >> > >> websites, I'm going to need not just multiple public IPs but >> > >> multiple NICs as well on the VM. IMO, I believe this would be >> > >> easier than trying to manage multiple IPs on one VIF. >> > >> >> > >> Matthew Hartmann >> > >> Systems Administrator | V: 812.378.4100 x 850 | E: >> > >> mhartm...@tls.net >> > >> >> > >> TLS.NET, Inc. >> > >> http://www.tls.net >> > >> >> > >> -----Original Message----- >> > >> From: Jonathan Bastin >> > >> [mailto:jonathan.bas...@peerpointinternet.co.uk] >> > >> Sent: Monday, November 19, 2012 1:35 PM >> > >> To: cloudstack-users@incubator.apache.org >> > >> Subject: Re: Multiple IP's to one instance >> > >> >> > >> It should be what ever the user wishes to allocate per single nic >> > >> >> > >> Regards, >> > >> >> > >> >> > >> Jonathan Bastin >> > >> 07739668262 >> > >> >> > >> ----- Reply message ----- >> > >> From: "Anthony Xu" <xuefei...@citrix.com> >> > >> To: "cloudstack-users@incubator.apache.org" >> > >> <cloudstack-users@incubator.apache.org> >> > >> Subject: Multiple IP's to one instance >> > >> Date: Mon, Nov 19, 2012 18:21 >> > >> >> > >> >> > >> >> > >> 'multiple IP's per NIC on guest VM' >> > >> >> > >> Does that mean there is one NIC in guest VM, and there are more >> > >> than one IPs on this guest NIC? >> > >> >> > >> Can you elaborate more how you are going to implement it? >> > >> >> > >> >> > >> Anthony >> > >> >> > >> > -----Original Message----- >> > >> > From: Jayapal Reddy Uradi >> > >> > [mailto:jayapalreddy.ur...@citrix.com] >> > >> > Sent: Monday, November 19, 2012 3:50 AM >> > >> > To: cloudstack-users@incubator.apache.org >> > >> > Subject: RE: Multiple IP's to one instance >> > >> > >> > >> > I will work on this feature 'multiple IP's per NIC on guest VM'. >> > >> Hope >> > >> > fully it will come in 4.1 release. >> > >> > >> > >> > Thanks, >> > >> > Jayapal >> > >> > >> > >> > > On 16/11/12 4:20 PM, "Geoff Higginbottom" >> > >> > > <geoff.higginbot...@shapeblue.com> wrote: >> > >> > > >> > >> > > >This gets my vote >> > >> > > > >> > >> > > >Regards >> > >> > > > >> > >> > > >Geoff >> > >> > > > >> > >> > > > >> > >> > > >-----Original Message----- >> > >> > > >From: Jonathan Bastin >> > >> > [mailto:jonathan.bas...@peerpointinternet.co.uk] >> > >> > > >Sent: 16 November 2012 10:00 >> > >> > > >To: cloudstack-users@incubator.apache.org >> > >> > > >Subject: RE: Multiple IP's to one instance >> > >> > > > >> > >> > > >Everybody wanting this please vote for it and see if we can >> > >> > > >get >> > >> this >> > >> > to >> > >> > > >happen. >> > >> > > > >> > >> > > >-----Original Message----- >> > >> > > >From: Facundo Guerrero [mailto:fguerr...@ipaddress.com.ar] >> > >> > > >Sent: 16 November 2012 03:25 >> > >> > > >To: cloudstack-users >> > >> > > >Subject: Re: Multiple IP's to one instance >> > >> > > > >> > >> > > >I not use the dhcp server to assign the ip into the vm. i >> only >> > >> made >> > >> > nat >> > >> > > >1:1 to other ip's in the network, then i add the new ip into >> > >> > > >the >> > >> vm >> > >> > as >> > >> > > >eth0:1, eth0:2. >> > >> > > > >> > >> > > >Jira link > >> > >> > > >https://issues.apache.org/jira/browse/CLOUDSTACK-24 >> > >> > > > >> > >> > > >I'll send you the modifications that i made to the script. >> > >> > > > >> > >> > > > >> > >> > > > >> > >> > > > >> > >> > > >2012/11/15 Clayton Weise <cwe...@iswest.net> >> > >> > > > >> > >> > > >> Also, what is your bug ID for this feature request so we >> can >> > >> vote >> > >> > on it. >> > >> > > >> >> > >> > > >> -----Original Message----- >> > >> > > >> From: Facundo Guerrero [mailto:fguerr...@ipaddress.com.ar] >> > >> > > >> Sent: Thursday, November 15, 2012 5:00 PM >> > >> > > >> To: cloudstack-users@incubator.apache.org >> > >> > > >> Subject: Re: Multiple IP's to one instance >> > >> > > >> >> > >> > > >> Jonathan >> > >> > > >> >> > >> > > >> Thats is not possible yet, i open a feature request asking >> > >> > > >> for >> > >> > this. >> > >> > > >> I made some hacks on the virtual router to add more that >> > >> > > >> open IP >> > >> > on >> > >> > > >> the same >> > >> > > >VM. >> > >> > > >> >> > >> > > >> >> > >> > > >> >> > >> > > >> >> > >> > > >> >> > >> > > >> >> > >> > > >> 2012/11/15 Jonathan Bastin >> > >> > <jonathan.bas...@peerpointinternet.co.uk> >> > >> > > >> >> > >> > > >> > I have made a guest network (cloudstack implementation >> > >> advanced >> > >> > > >> > networking) with live IP's that is a shared network. >> > >> > > >> > What I >> > >> want >> > >> > to >> > >> > > >> > know >> > >> > > >> is >> > >> > > >> > how to I assign more than one IP to an instance without >> > >> > > >> > using >> > >> an >> > >> > > >> > isolated network with a router. I literally want to >> assign >> > >> > > >> > say >> > >> 5 >> > >> > > >> > IP's to one instance. >> > >> > > >> > >> > >> > > >> ---------------------------------------------------------- >> > >> > > >> - >> - >> > >> > > >> ---- >> > >> -- >> > >> > --- >> > >> > > >> - >> > >> > > >> ---------------------------------------------------- >> > >> > > >> > This email (including any attachments) is intended only >> > >> > > >> > for >> > >> the >> > >> > > >> > recipient(s) named above. It may contain confidential or >> > >> > privileged >> > >> > > >> > information and should not be read, copied or otherwise >> > >> > > >> > used >> > >> by >> > >> > any >> > >> > > >> > other person. If you are not the named recipient please >> > >> contact >> > >> > the >> > >> > > >> > sender and delete the email from your system. The >> author's >> > >> > > >> > incumbent expressions, views and thoughts are their own >> > >> > > >> > and >> > >> not >> > >> > > >> > necessarily representative of those of the Peer Point >> > >> > > >> > Internet >> > >> > Ltd >> > >> > > >> > or associated >> > >> > > >companies. >> > >> > > >> > >> > >> > > >> >> > >> > > > >> > >> > > >------------------------------------------------------------ >> > >> > > >- >> - >> > >> > > >---- >> > >> -- >> > >> > --- >> > >> > > >--- >> > >> > > >------------------------------------------------ This email >> > >> > (including >> > >> > > >any attachments) is intended only for the recipient(s) named >> above. >> > >> > It >> > >> > > >may contain confidential or privileged information and >> > >> > > >should not >> > >> be >> > >> > > >read, copied or otherwise used by any other person. If you >> are >> > >> > > >not >> > >> > the >> > >> > > >named recipient please contact the sender and delete the >> email >> > >> from >> > >> > > >your system. The author's incumbent expressions, views and >> > >> thoughts >> > >> > are >> > >> > > >their own and not necessarily representative of those of the >> > >> > > >Peer >> > >> > Point >> > >> > > >Internet Ltd or associated companies. >> > >> > > > >> > >> > > >ShapeBlue provides a range of strategic and technical >> > >> > > >consulting >> > >> and >> > >> > > >implementation services to help IT Service Providers and >> > >> Enterprises >> > >> > to >> > >> > > >build a true IaaS compute cloud. ShapeBlue¹s expertise, >> > >> > > >combined >> > >> > with >> > >> > > >CloudStack technology, allows IT Service Providers and >> > >> > > >Enterprises >> > >> > to >> > >> > > >deliver true, utility based, IaaS to the customer or end-user. >> > >> > > > >> > >> > > >________________________________ >> > >> > > > >> > >> > > >This email and any attachments to it may be confidential and >> > >> > > >are intended solely for the use of the individual to whom it >> > >> > > >is >> > >> > addressed. >> > >> > > >Any views or opinions expressed are solely those of the >> author >> > >> > > >and >> > >> > do >> > >> > > >not necessarily represent those of Shape Blue Ltd. If you >> > >> > > >are not >> > >> > the >> > >> > > >intended recipient of this email, you must neither take any >> > >> > > >action based upon its contents, nor copy or show it to anyone. >> > >> > > >Please >> > >> > contact >> > >> > > >the sender if you believe you have received this email in >> error. >> > >> > Shape >> > >> > > >Blue Ltd is a company incorporated in England & Wales. >> > >> > > > >> > >> > > >> > >> >> > >> ----------------------------------------------------------------- >> > >> - >> - >> > >> ---- >> > >> ----- >> > >> ---------------------------------------------- This email >> > >> (including any >> > >> attachments) is intended only for the recipient(s) named above. >> > >> It may contain confidential or privileged information and should >> > >> not be read, copied or otherwise used by any other person. If you >> > >> are not the named recipient please contact the sender and delete >> > >> the email from your system. >> > >> The author's incumbent expressions, views and thoughts are their >> > >> own and not necessarily representative of those of the Peer Point >> > >> Internet Ltd or associated companies. >> > > >> > > >> > >> >> ---------------------------------------------------------------------- >> - >> --------------------------------------------------- This email >> (including any attachments) is intended only for the recipient(s) >> named above. It may contain confidential or privileged information and >> should not be read, copied or otherwise used by any other person. If >> you are not the named recipient please contact the sender and delete >> the email from your system. The author's incumbent expressions, views >> and thoughts are their own and not necessarily representative of those >> of the Peer Point Internet Ltd or associated companies. > >-------------------------------------------------------------------------- >-- >---------------------------------------------- This email (including any >attachments) is intended only for the recipient(s) named above. It may >contain confidential or privileged information and should not be read, >copied or otherwise used by any other person. If you are not the named >recipient please contact the sender and delete the email from your system. >The author's incumbent expressions, views and thoughts are their own and >not necessarily representative of those of the Peer Point Internet Ltd or >associated companies. > >-------------------------------------------------------------------------- >------------------------------------------------ This email (including >any attachments) is intended only for the recipient(s) named above. It >may contain confidential or privileged information and should not be >read, copied or otherwise used by any other person. If you are not the >named recipient please contact the sender and delete the email from your >system. The author's incumbent expressions, views and thoughts are their >own and not necessarily representative of those of the Peer Point >Internet Ltd or associated companies.
