Hi Geoff, Mission successful! Thanks for all the help!
On Thu, Sep 5, 2013 at 10:10 AM, Geoff Higginbottom < geoff.higginbot...@shapeblue.com> wrote: > Yes, just use CloudMonkey to create the networks, and then use it to > deploy the VMs. > > CloudMonkey is a really cool tool, and once you master it, you will find > you rarely use the GUI. > > We do large scale deployments and we only look at the GUI at the end, we > do it all from Scripts. > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > -----Original Message----- > From: Nick Burke [mailto:n...@nickburke.com] > Sent: 05 September 2013 12:35 > To: users@cloudstack.apache.org > Subject: Re: Some network offerings missing after creating them > > Whoa. You mean it's not entirely my fault? :-) > > I should be able to use cloudmonkey to get around this bug, right? > > Thanks again for all your help! > > > On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom < > geoff.higginbot...@shapeblue.com> wrote: > > > Sorry just looked at screen shot and you do appear to running an > > advanced zone. > > > > There have been a few GUI bugs creep in with 4.1.1 in relation to > > networking, this looks like another I have not seen reported so please > > raise it as an issue. > > > > CloudMonkey provides an easier way to use the API so yes you can just > > use CloudMonkey > > > > Regards > > > > Geoff Higginbottom > > CTO / Cloud Architect > > > > > > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: > > +442036030540> | M: +447968161581<tel:+447968161581> > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om> > > | www.shapeblue.com > > > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS > > > > > > > > On 5 Sep 2013, at 07:24, "Geoff Higginbottom" < > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om>> > > wrote: > > > > Nick, > > > > Are you using an Advanced or Basic Zone? > > > > Regards > > > > Geoff Higginbottom > > CTO / Cloud Architect > > > > > > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: > > +442036030540> | M: +447968161581<tel:+447968161581> > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om > > ><mailto:geoff.higginbot...@shapeblue.com> | www.shapeblue.com< > > http://www.shapeblue.com> > > > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS > > > > > > > > On 5 Sep 2013, at 01:57, "Nick Burke" <n...@nickburke.com<mailto: > > n...@nickburke.com><mailto:n...@nickburke.com>> wrote: > > > > Hi Geoff, > > > > Thanks again for your reply and patience. I'm relieved to hear it's > > possible with a little elbow grease! > > > > I have no problem starting again what-so-ever with anything. This is > > preproduction. I've been doing regular 'drop database cloud's so > > anything dangerous can easily be done. > > > > I think a large part of my problem is there is no "add guest network" > > in Infrastructure / Zones / your-zone-name / Physical Network Tab / > > your-network-name (the one with Guest Traffic) / Guest-Configure / > > Network Tab. (See screen shot: http://i.imgur.com/fOtttgD.png ). > > There are no "right click" options either. I'm running version 4.1.1, > > if there is some kind of version thing happening here. > > > > > > Regarding API, can I use cloudmonkey or do I have to start doing > > research into the API calls? > > > > > > On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom < > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om > > ><mailto:geoff.higginbot...@shapeblue.com>> wrote: > > > > Hi Nick > > > > What you are trying to do is achievable, but you need to start again, > > as once you have created a network which has taken its VLAN from the > > Default Guest VLAN range you cannot change the network Offering to one > > which has the 'Specify VLAN' option set. > > > > Fortunately you can create the new networks you need using the correct > > Network Offerings, then use the 'addNicToVirtualMachine' and > > 'removeNicFromVirtualMachine' API commands to add the new Networks to > > the VM, and remove the old ones. > > > > > > > > I would create two network offerings, I'll call them 'External' and > > 'Internal' > > > > 'External' should not have any 'Services' as it does not need them, > > that way no VR will be created for this Network. Assign a 'Name'& > > 'Description', and check the 'Specify VLAN' option as you want to > > manually set the VLAN ID so it can connect to your external physical > > Router. You do not need the 'Persistent' feature as there will be no VR. > > > > 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS' > > services enabled, all set to 'Virtual Router' You don't need the > > 'Persistent' option as this simply keeps the VR running when you have > > no VMs, and as you want to run a 'Intrusion Detection' VM you will > > always have one running, and the VLAN is persistent even if do shut > > all VMs down, as you used the 'Specify VLAN' option. > > > > To actually create the networks you cannot use the main 'Network' tab, > > you must navigate to: > > > > Infrastructure / Zones / your-zone-name / Physical Network Tab / > > your-network-name (the one with Guest Traffic) / Guest-Configure / > > Network Tab > > > > Then click 'Add Guest Network' and set the 'scope' to account, you > > will now see the two new Network Offerings listed (as long as you > enabled them). > > Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway' > > set to the IP of the Physical Router connected to the Internet. Set > > the 'Guest Start IP' and 'Guest End IP' range so that it spans the IP > > you want to allocate to the External interface of your VM. Although > > you will be setting the IP on the VM manually, and even though we did > > not assign the DHCP service to this Network, CloudStack will still > > allocate an IP to this VM and this will appear in the GUI. To keep > > things neat I always use the API to allocate the IP of the VM when I > > create it so that the CloudStack allocated IP and my manually configured > IP are the same. > > > > Repeat the process to create your 'Internal' network, setting the > > 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to allocate > > to the Internal Interface of your Intrusion Detection VM, and setting > > 'Guest Start IP' and 'Guest End IP', ensuring they do not overlap the > Guest Gateway. > > Note that the VR which gets created to handle the DHCP and DNS will be > > allocated the 1st IP from the Guest Range. > > > > Now create your Intrusion Detection VM using the API and not the GUI > > so you can specify the IPs for the External and Internal Interfaces, > > and set the External as the Default. Once created, you can add > > additional VMs onto the Internal Network, and they will use the > > 'Intrusion Detection VM' as their Gateway. > > > > Note that the VLANs you use for the External and Internal networks > > must be outside of the default Guest VLAN Range. > > > > Regards > > > > Geoff Higginbottom > > > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om > > ><mailto:geoff.higginbot...@shapeblue.com> > > > > -----Original Message----- > > From: Nick Burke [mailto:n...@nickburke.com] > > Sent: 04 September 2013 18:56 > > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org > > ><mailto:users@cloudstack.apache.org> > > Subject: Re: Some network offerings missing after creating them > > > > Hello Geoff, > > > > Thank you for replying! > > > > I went there and tried to change it to the service offering I wanted, > > but once again the only one available is > > DefaultIsolatedNetworkOfferingWithSourceNatService. There is no > > associated VM's with this network. I can't add anything on that scree > > > > Here is a screenshot: http://imgur.com/ljrVYgP > > > > > > I think I'm missing something dreadfully obvious or I'm not being > > clear on what I'm trying to accomplish... or both! :-) > > > > > > Here is my end goal: > > > > IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) -> > > Intrusion Prevention System (aka, a cloudstack VMserver running linux) > > -> > > VLAN200 public/static 4.3.3.3/24 > > > > > > Both virtual nics are public IP addresses. One side is on one vlan, > > the other side is on a different one. All traffic routed from the > > internet must go through this virtual machine to reach the target > > 4.3.3.3/24 network and vice versa. > > > > > > > > > > On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom < > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om > > ><mailto:geoff.higginbot...@shapeblue.com>> wrote: > > > > Nick, > > > > You need to go to Infrastructure / Zone / Phys Networks / Guest > > Networks etc to use this type of network offering. > > > > The Networks Tab only shows network offerings which have the 'Source NAT' > > service enabled > > > > Regards > > > > Geoff Higginbottom > > CTO / Cloud Architect > > > > > > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: > > +442036030540> | M: +447968161581<tel:+447968161581> > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c > > om > > ><mailto:geoff.higginbot...@shapeblue.com><mailto: > > geoff.higginbottom@shapeblue.c > > om> > > | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com > > | > > > > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS > > > > > > > > On 4 Sep 2013, at 17:53, "Nick Burke" <n...@nickburke.com<mailto: > > n...@nickburke.com><mailto:n...@nickburke.com><mailto: > > n...@nickburke.com<mailto:n...@nickburke.com><mailto:n...@nickburke.co > > m>>> > > wrote: > > > > Thank you for the reply! > > > > I am logged in through the GUI as the default admin user under the > > ROOT domain. Just a quick clarification: I can see it under "Network > > Offerings", but I can't actually use it/see it when I try to deploy an > > instance and/or when creating a network. > > > > According to cloudmonkey, it's enabled (this is the default system > > created one I'd like to use); > > > > CLOUD> list networkofferings > > count = 8 > > networkoffering: > > name = DefaultIsolatedNetworkOffering > > id = 14b2f56b-b941-4495-a9e6-377a756bee70 > > availability = Optional > > conservemode = True > > displaytext = Offering for Isolated networks with no Source Nat > > service forvpc = False guestiptype = Isolated isdefault = True > > ispersistent = False networkrate = 200 > > service: > > name = Dhcp > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== > > name = UserData > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== > > name = Dns > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e > > specifyipranges = True > > specifyvlan = True > > state = Enabled > > traffictype = Guest > > > > > > This is the one I created myself: > > > > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e" > > count = 1 > > networkoffering: > > name = test > > id = e00234b0-9252-4541-9f82-7d575b8b131e > > availability = Optional > > conservemode = False > > displaytext = test > > forvpc = False > > guestiptype = Isolated > > isdefault = False > > ispersistent = True > > networkrate = 200 > > service: > > name = Dhcp > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== > > name = UserData > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== > > name = Dns > > provider: > > name = VirtualRouter > > > > ====================================================================== > > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e > > specifyipranges = True > > specifyvlan = True > > state = Enabled > > traffictype = Guest > > > > > > > > > > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal < > > chiradeep.vit...@citrix.com<mailto:chiradeep.vit...@citrix.com><mailto: > > chiradeep.vit...@citrix.com><mailto:chiradeep.vit...@citrix.com>> wrote: > > > > If the offering has 'specify VLAN', then only the admin should be able > > to see it. > > You can also use cloudmonkey to verify the offerings. > > > > > > On 9/4/13 12:00 PM, "Nick Burke" <n...@nickburke.com<mailto: > > n...@nickburke.com><mailto:n...@nickburke.com><mailto: > > n...@nickburke.com<mailto:n...@nickburke.com><mailto:n...@nickburke.co > > m>>> > > wrote: > > > > I've read the documents, but I can't seem to find anything about this > > even after google searching. > > > > Here is what I'm trying to accomplish: I'd like to have an external > > hardware router handle the routing for certain networks. It's on VLAN10. > > > > Here is what I'm seeing: Only one network offering is showing up under > > "network offering" in create a network and for instances. It is " > > DefaultIsolatedNetworkOfferingWithSourceNatService" > > > > > > I've tried creating a new network offering with specify vlan and > > specify IP addresses, but it doesn't seem to ever show up to be used. > > Additionally, there is a system created one that looks like it could > > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up. > > > > If I create a network offering with the exact same options as as > > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up > > and can be used. > > > > > > I'm in advanced networking mode for the zone, and as far as I can tell > > everything is working well as expected. > > > > Does anyone have any place they can point me to for this or offer some > > advice as to why at least the system DefaultIsolatedNetworkOffering > > can't be used? > > > > -- > > Nick > > > > *'What is a human being, then?' > > 'A seed' > > 'A... seed?' > > 'An acorn that is unafraid to destroy itself in growing into a tree.' > > -David Zindell, A Requiem for Homo Sapiens* > > > > > > > > > > -- > > Nick > > > > *'What is a human being, then?' > > 'A seed' > > 'A... seed?' > > 'An acorn that is unafraid to destroy itself in growing into a tree.' > > -David Zindell, A Requiem for Homo Sapiens* This email and any > > attachments to it may be confidential and are intended solely for the > > use of the individual to whom it is addressed. Any views or opinions > > expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > > the intended recipient of this email, you must neither take any action > > based upon its contents, nor copy or show it to anyone. Please contact > > the sender if you believe you have received this email in error. Shape > > Blue Ltd is a company incorporated in England & Wales. ShapeBlue > > Services India LLP is operated under license from Shape Blue Ltd. > > ShapeBlue is a registered trademark. > > > > > > > > > > -- > > Nick > > > > *'What is a human being, then?' > > 'A seed' > > 'A... seed?' > > 'An acorn that is unafraid to destroy itself in growing into a tree.' > > -David Zindell, A Requiem for Homo Sapiens* This email and any > > attachments to it may be confidential and are intended solely for the > > use of the individual to whom it is addressed. Any views or opinions > > expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > > the intended recipient of this email, you must neither take any action > > based upon its contents, nor copy or show it to anyone. Please contact > > the sender if you believe you have received this email in error. Shape > > Blue Ltd is a company incorporated in England & Wales. ShapeBlue > > Services India LLP is operated under license from Shape Blue Ltd. > > ShapeBlue is a registered trademark. > > > > > > > > > > -- > > Nick > > > > *'What is a human being, then?' > > 'A seed' > > 'A... seed?' > > 'An acorn that is unafraid to destroy itself in growing into a tree.' > > -David Zindell, A Requiem for Homo Sapiens* This email and any > > attachments to it may be confidential and are intended solely for the > > use of the individual to whom it is addressed. Any views or opinions > > expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > > the intended recipient of this email, you must neither take any action > > based upon its contents, nor copy or show it to anyone. Please contact > > the sender if you believe you have received this email in error. Shape > > Blue Ltd is a company incorporated in England & Wales. ShapeBlue > > Services India LLP is operated under license from Shape Blue Ltd. > > ShapeBlue is a registered trademark. > > This email and any attachments to it may be confidential and are > > intended solely for the use of the individual to whom it is addressed. > > Any views or opinions expressed are solely those of the author and do > > not necessarily represent those of Shape Blue Ltd or related > > companies. If you are not the intended recipient of this email, you > > must neither take any action based upon its contents, nor copy or show > > it to anyone. Please contact the sender if you believe you have > > received this email in error. Shape Blue Ltd is a company incorporated > > in England & Wales. ShapeBlue Services India LLP is operated under > > license from Shape Blue Ltd. ShapeBlue is a registered trademark. > > > > > > -- > Nick > > *'What is a human being, then?' > 'A seed' > 'A... seed?' > 'An acorn that is unafraid to destroy itself in growing into a tree.' > -David Zindell, A Requiem for Homo Sapiens* > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. > -- Nick *'What is a human being, then?' 'A seed' 'A... seed?' 'An acorn that is unafraid to destroy itself in growing into a tree.' -David Zindell, A Requiem for Homo Sapiens*
