And one more in regards to SSVM. If a new system vm (console or storage) offering is created is there a way to select which one is chosen for the zone operation? For example, I created one with a host and storage tags so the SSVM sits on specific servers, how can i tell the system to use it?
On Fri, Dec 16, 2022 at 8:13 AM jordan j <yordan...@gmail.com> wrote: > By design, Cloudstack networks and user networks should be fully isolated. > The problem is that as the Public network is not present the SSVMs user > network interface takes the responsibilities of the public one. Here is an > example: > - ACS server 10.10.10.10/24 > - XCP-NG hosts 10.10.11.10 to 10.10.11.19/24 (POD network is > 10.10.10.11.0/24) > - user networks: > -> 192.168.1.0/24 > -> 192.168.2.0/24 > -> 192.168.3.0/24 > > When SSVMs are created they take 2 ips, one from the pod network and one > from a random network below. For example: > - Console SVM - 10.10.11.20/24 and 192.168.2.20 - 192.168.2.20 is the ip > used by users to view VM consoles in Cloudstack. The problem is that > Cloudstack management networks ( ACS and XCP) are accessed from VPN MGMT > where user networks are accessed from VPN USERS. So the system admin cannot > view consoles. > - Storage SVM - 10.10.11.21/24 and 192.168.2.21 - 192.168.2.21' is the ip > used to go to the internet and get ISOs. > Both of the issues above are not that important. What is important though > is that the 192.168.2.X IPs are used to connect SSVM to ACS and report > online state and we don't want to do that OR if we do to be from specific > IPs that do not change (which is impossible). > > An alternative that comes to my mind is somehow make the SVMs pod ip ( > 10.10.11.0/24) to take the role of the public interface instead but i > dont know if that is possible at all. > > Best regards, > Jordan > > On Thu, Dec 15, 2022 at 6:51 PM Nux <n...@li.nux.ro> wrote: > >> Hello, >> >> Then I do not think there is a setting to help you. >> >> What exactly is the problem with the system VMs getting IPs "randomly" >> from multiple networks? Perhaps we can find another solution to help you. >> >> Cheers >> --- >> Nux >> www.nux.ro >> >> >> On 2022-12-15 16:42, jordan j wrote: >> >> Thank you Nux, >> >> My question was related to guest networks. >> For management I have already dedicated network range. >> >> I am doing tests with 5 networks but they may become more later in >> production. >> >> Regards, >> Jordan >> >> On Thu, Dec 15, 2022 at 6:36 PM Nux <n...@li.nux.ro> wrote: >> >> Hi, >> >> Yes and no, depends how many network traffic types you have. For example >> if you have defined 2 physical networks in the zone, one with traffic type >> "management" and another one with type "guest", then your system VM will >> use an IP from both. >> Usually in the "management" traffic type you can add another "IP range" >> and dedicate it to system VMs[1], but you can't do this in the "guest" >> network. >> So at most you can have a dedicated range for system VMs in the >> management network, but not in the guest one.. >> So what is your situation, how many networks do you have? >> >> >> [1] see screenshot below >> >> >> >> --- >> Nux >> www.nux.ro >> >> >> On 2022-12-15 13:12, jordan j wrote: >> >> Dear all, >> >> I have the following setup. >> >> ACS 4.17.1 + XCP-NG 8.2.1 with network bridge + Advanced network with >> security groups. >> Because Security Groups are enabled there is no public network in the zone >> so instead system VMs use the user network. The setup has multiple such >> networks so SSVMs use one randomly during creation, is it possible to >> force >> them to use a specific network? >> >> Regards, >> Jordan >> >>
