GitHub user bullblock edited a discussion: setup a cloudsatck on aws vpc (LEVEL 2 network issue and Primary Storage issue)
Recently, I built a CloudStack env on AWS VPC. We all know that AWS VPC could be more friendly to Level 2 networks since it filters all Level 2 traffic. This means that if your IP or MAC address is not in the AWS VPC list, you cannot make it work. My environment is for testing only, not production. I don't need to worry about the scale of the environment, so I created CloudStack using a BareMetal server. All CloudStack networks will be virtual networks inside BareMetal only, and the VPC will be the external network of CloudStack. The following is my solution: 1. Public network: The Internet 2. External network (AWS VPC): 10.0.0.224/27 3. AWS VPN Endpoint: 172.27.224.0/22 (for remote access into the VPC) 4. CloudStack Management: 192.168.2.0/24 (virtual) 5. CloudStack Public: 192.168.1.0/24 (virtual) 6. CloudStack Guest: 192.168.3.0/24 (virtual) 7. CloudStack Storage: 192.168.4.0/24 (virtual) 8. BareMetal physical eth0: enable SNAT and FORWARDING (iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE and net.ipv4.ip_forward=1 in /etc/sysctl.conf) 9. AWS VPC routing table: add a routing table 192.168.0.0/16 --> the BareMetal ENI to the VPC routing table. Question 1: The above solution works fine but cannot be extended to other BareMetal servers. Would you happen to have any better ideas? Question 2: In the above environment, I tried to create the Primary Storage using the AWS EFS (an AWS NFS service), but I had no luck!!! But I'm able to develop the Secondary Storage using the AWS EFS!!! How come? Is there anything special about the Primary Storage? Does it limit the IP range? GitHub link: https://github.com/apache/cloudstack/discussions/10056 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
