I would be willing to work with someone who really knows the networking
to fix the docs.
I have made specific suggestions about what I think needs to be changed
but it does require input from someone who actually understands
Cloudstack networking to properly fix the docs.
It would also be helpful to have the sources to the drawings. I could
not find them in the git project but perhaps I did not look in all
possible places.
Ron
On 27/02/2016 5:56 PM, Simon Weller wrote:
I do agree that the docs are confusing, especially if you have a limited
knowledge of networking concepts.
In terms of the complexity, a lot of that has to do with the fact that every
company has different service requirements and ACS needs to be flexible enough
to accommodate very different underlying needs.
It's always best to start with a basic zone, unless you REALLY need some
functionality within an advanced zone. As soon as you move into advanced zone
networking, you need to have a good understanding of layer 2/3 networking.
If all you want to do is place public IP addresses on VMs directly, then a
basic zone is what you want. If you want to build complicated relationships
between VMs using separate L2 segments (with L3 routing within ACS), then
you'll need advanced networking. Advanced networking does open up a lot of
exciting possibilities, including various SDN controllers, native VXLAN (on
KVM), GRE and many more options.
Before you dive into the more specialized areas of ACS networking, it's always
best to start with something simple, so you can get your head around some of
the general concepts.
So Ron, to answer your questions more directly:
Basic Zone guest network is what you use for public ips. Basic zone is very
simple and doesn't offering any physical private from public traffic
separation. That's where security groups come in (Think AWS style networking
here). Now you can use multiple interfaces though I believe, although I've
never tried that before.
In terms of DNS, you can use the same DNS server for both. I wasn't actually
aware basic zone gave you this option. Normally this is used for split DNS,
where you may have internal records not exposed publicly.
As Lucian pointed out, ISCSI should be an available option under XenServer when
you create the primary storage.
There should be no need for your primary storage network to need to talk to the
management server. The secondary storage network will need to be able to talk
to the management server when you pre-seed the XenServer specific templates
during setup.
All of our clouds are advanced networking based, so team, feel free to jump in
if I've stated anything incorrectly ;-)
- Si
________________________________________
From: Ron Wheeler <rwhee...@artifact-software.com>
Sent: Saturday, February 27, 2016 8:13 AM
To: users@cloudstack.apache.org
Subject: Re: Really really confused about Cloudstack networking
I am also stuck trying to sort out networking so Josh has my sympathies.
The networking docs are really confusing.
They wander from general to specific.
They mix the general architecture with specific hardware discussions
without any context for the switch or any explanation of why the
hardware specific note needs to be known to everyone.
I have earlier made specific suggestions about how reorganize the docs
but no one seems to be working in this area.
I think that part of the problem is that the larger organizations have
dedicated network experts who are working in networking everyday whereas
smaller organizations have generalists and once the network is set up,
it runs on its own for years until you want to do something like Cloudstack.
To help this type of user, the docs need to be reorganized and simplified.
The Shapeblue article is much better than the Cloudstack docs.
It is great that it is available but the official docs should be improved.
I did ask where the drawing sources are located but did not get a response.
Ron
On 27/02/2016 3:27 AM, Nux! wrote:
Hello Josh,
Networking is the single biggest cause of headaches with Cloudstack, once you
get it right the rest is easier.
I recommend to read
http://www.shapeblue.com/understanding-cloudstacks-physical-networking-architecture/
>From what you described, it looks like what you need is either a Basic Zone or
Advanced Zone with Security Groups.
I have a ACS+Xenserver setup and when I go to Infrastructure > Primary Storage I
definitely see "iscsi" as an option in the storage type.
HTH
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
From: "Josh Davis" <cloudstackh...@outlook.com>
To: users@cloudstack.apache.org
Sent: Saturday, 27 February, 2016 01:00:49
Subject: Really really confused about Cloudstack networking
I have been tinkering about cloudstack but every single guide seems to be
centered around the public IPs being NATed to the guest VMs. To be honest the
more I think about it the more I get confused so I'm posting here in hopes that
someone will guide me through this.
I have tried to pen down what I'm looking for and I hope it's clear enough:- I
have a block of public routable IPs which I want to assign to individual VMs-
These VMs run linux and are intended to function as web servers- I have no need
for inter-VM private interactions except for via the public network- These VMs
all reside in a single cloudstack cloud for high availability and resource
balancing- The HVs in the cloud are connected to a central SAN running iSCSI-
The HVs run XenServer
I'm confused with:- Do I set the guest network as the public IP range?- Internal
DNS = Public DNS?- Does the management server need to have access to the
storage network?- Why don't I have the option to choose iSCSI when I try to add
a primary storage?- Basically everything
--
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
--
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
