Add Cluster: vSphere

X-Mailer: ASF-Git Admin Mailer Subject: [47/51] [partial] Adding documents from 4.2 http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-clusters-vsphere.xml ---------------------------------------------------------------------- diff --git a/en-US/add-clusters-vsphere.xml b/en-US/add-clusters-vsphere.xml new file mode 100644 index 0000000..c3a0902 --- /dev/null +++ b/en-US/add-clusters-vsphere.xml @@ -0,0 +1,178 @@ + + +%BOOK_ENTITIES; +]> + +

+ Add Cluster: vSphere + Host management for vSphere is done through a combination of vCenter and the &PRODUCT; admin + UI. &PRODUCT; requires that all hosts be in a &PRODUCT; cluster, but the cluster may consist of + a single host. As an administrator you must decide if you would like to use clusters of one host + or of multiple hosts. Clusters of multiple hosts allow for features like live migration. + Clusters also require shared storage such as NFS or iSCSI. + For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding + the entire cluster to &PRODUCT;. Follow these requirements: + + + Do not put more than 8 hosts in a vSphere cluster + + + Make sure the hypervisor hosts do not have any VMs already running before you add them + to &PRODUCT;. + + + To add a vSphere cluster to &PRODUCT;: + + + Create the cluster of hosts in vCenter. Follow the vCenter instructions to do this. You + will create a cluster that looks something like this in vCenter. + + + + + + vsphereclient.png: vSphere client + + + + + Log in to the UI. + + + In the left navigation, choose Infrastructure. In Zones, click View More, then click the + zone in which you want to add the cluster. + + + Click the Compute tab, and click View All on Pods. Choose the pod to which you want to + add the cluster. + + + Click View Clusters. + + + Click Add Cluster. + + + In Hypervisor, choose VMware. + + + Provide the following information in the dialog. The fields below make reference to the + values from vCenter. + + + + + + addcluster.png: add a cluster + + + + + Cluster Name: Enter the name of the cluster you + created in vCenter. For example, "cloud.cluster.2.2.1" + + + vCenter Username: Enter the username that &PRODUCT; + should use to connect to vCenter. This user must have all the administrative + privileges. + + + CPU overcommit ratio: Enter the CPU overcommit + ratio for the cluster. The value you enter determines the CPU consumption of each VM in + the selected cluster. By increasing the over-provisioning ratio, more resource capacity + will be used. If no value is specified, the value is defaulted to 1, which implies no + over-provisioning is done. + + + RAM overcommit ratio: Enter the RAM overcommit + ratio for the cluster. The value you enter determines the memory consumption of each VM + in the selected cluster. By increasing the over-provisioning ratio, more resource + capacity will be used. If no value is specified, the value is defaulted to 1, which + implies no over-provisioning is done. + + + vCenter Host: Enter the hostname or IP address of + the vCenter server. + + + vCenter Password: Enter the password for the user + named above. + + + vCenter Datacenter: Enter the vCenter datacenter + that the cluster is in. For example, "cloud.dc.VM". + + + Override Public Traffic: Enable this option to + override the zone-wide public traffic for the cluster you are creating. + + + Public Traffic vSwitch Type: This option is + displayed only if you enable the Override Public Traffic option. Select a desirable + switch. If the vmware.use.dvswitch global parameter is true, the default option will be + VMware vNetwork Distributed Virtual Switch. + If you have enabled Nexus dvSwitch in the environment, the following parameters for + dvSwitch configuration are displayed: + + + Nexus dvSwitch IP Address: The IP address of the Nexus VSM appliance. + + + Nexus dvSwitch Username: The username required to access the Nexus VSM + appliance. + + + Nexus dvSwitch Password: The password associated with the username specified + above. + + + + + Override Guest Traffic: Enable this option to + override the zone-wide guest traffic for the cluster you are creating. + + + Guest Traffic vSwitch Type: This option is + displayed only if you enable the Override Guest Traffic option. Select a desirable + switch. + If the vmware.use.dvswitch global parameter is true, the default option will be + VMware vNetwork Distributed Virtual Switch. + If you have enabled Nexus dvSwitch in the environment, the following parameters for + dvSwitch configuration are displayed: + + + Nexus dvSwitch IP Address: The IP address of the Nexus VSM appliance. + + + Nexus dvSwitch Username: The username required to access the Nexus VSM + appliance. + + + Nexus dvSwitch Password: The password associated with the username specified + above. + + + + + There might be a slight delay while the cluster is provisioned. It will + automatically display in the UI. + + + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-gateway-vpc.xml ---------------------------------------------------------------------- diff --git a/en-US/add-gateway-vpc.xml b/en-US/add-gateway-vpc.xml new file mode 100644 index 0000000..403302d --- /dev/null +++ b/en-US/add-gateway-vpc.xml @@ -0,0 +1,227 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding a Private Gateway to a VPC + A private gateway can be added by the root admin only. The VPC private network has 1:1 + relationship with the NIC of the physical network. You can configure multiple private gateways + to a single VPC. No gateways with duplicated VLAN and IP are allowed in the same data + center. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to configure load balancing + rules. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + Internal LB + + + Public LB IP + + + Static NAT + + + Virtual Machines + + + CIDR + + + The following router information is displayed: + + + Private Gateways + + + Public IP Addresses + + + Site-to-Site VPNs + + + Network ACL Lists + + + + + Select Private Gateways. + The Gateways page is displayed. + + + Click Add new gateway: + + + + + + add-new-gateway-vpc.png: adding a private gateway for the VPC. + + + + + Specify the following: + + + Physical Network: The physical network you have + created in the zone. + + + IP Address: The IP address associated with the VPC + gateway. + + + Gateway: The gateway through which the traffic is + routed to and from the VPC. + + + Netmask: The netmask associated with the VPC + gateway. + + + VLAN: The VLAN associated with the VPC + gateway. + + + Source NAT: Select this option to enable the source + NAT service on the VPC private gateway. + See . + + + ACL: Controls both ingress and egress traffic on a + VPC private gateway. By default, all the traffic is blocked. + See . + + + The new gateway appears in the list. You can repeat these steps to add more gateway for + this VPC. + + +

+ Source NAT on Private Gateway + You might want to deploy multiple VPCs with the same super CIDR and guest tier CIDR. + Therefore, multiple guest VMs from different VPCs can have the same IPs to reach a enterprise + data center through the private gateway. In such cases, a NAT service need to be configured on + the private gateway to avoid IP conflicts. If Source NAT is enabled, the guest VMs in VPC + reaches the enterprise network via private gateway IP address by using the NAT service. + The Source NAT service on a private gateway can be enabled while adding the private + gateway. On deletion of a private gateway, source NAT rules specific to the private gateway + are deleted. + To enable source NAT on existing private gateways, delete them and create afresh with + source NAT. +

+ ACL on Private Gateway + The traffic on the VPC private gateway is controlled by creating both ingress and egress + network ACL rules. The ACLs contains both allow and deny rules. As per the rule, all the + ingress traffic to the private gateway interface and all the egress traffic out from the + private gateway interface are blocked. + You can change this default behaviour while creating a private gateway. Alternatively, you + can do the following: + + + In a VPC, identify the Private Gateway you want to work with. + + + In the Private Gateway page, do either of the following: + + + Use the Quickview. See . + + + Use the Details tab. See through . + + + + + In the Quickview of the selected Private Gateway, click Replace ACL, select the ACL + rule, then click OK + + + Click the IP address of the Private Gateway you want to work with. + + + In the Detail tab, click the Replace ACL button. + + + + + replace-acl-icon.png: button to replace the default ACL behaviour. + + + The Replace ACL dialog is displayed. + + + select the ACL rule, then click OK. + Wait for few seconds. You can see that the new ACL rule is displayed in the Details + page. + + +

+ Creating a Static Route + &PRODUCT; enables you to specify routing for the VPN connection you create. You can enter + one or CIDR addresses to indicate which traffic is to be routed back to the gateway. + + + In a VPC, identify the Private Gateway you want to work with. + + + In the Private Gateway page, click the IP address of the Private Gateway you want to + work with. + + + Select the Static Routes tab. + + + Specify the CIDR of destination network. + + + Click Add. + Wait for few seconds until the new route is created. + + +

+ Blacklisting Routes + &PRODUCT; enables you to block a list of routes so that they are not assigned to any of + the VPC private gateways. Specify the list of routes that you want to blacklist in the + blacklisted.routes global parameter. Note that the parameter update affects + only new static route creations. If you block an existing static route, it remains intact and + continue functioning. You cannot add a static route if the route is blacklisted for the zone. + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-ingress-egress-rules.xml ---------------------------------------------------------------------- diff --git a/en-US/add-ingress-egress-rules.xml b/en-US/add-ingress-egress-rules.xml new file mode 100644 index 0000000..2490cec --- /dev/null +++ b/en-US/add-ingress-egress-rules.xml @@ -0,0 +1,131 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding Ingress and Egress Rules to a Security Group + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network + + + In Select view, choose Security Groups, then click the security group you want . + + + To add an ingress rule, click the Ingress Rules tab and fill out the following fields to + specify what network traffic is allowed into VM instances in this security group. If no + ingress rules are specified, then no traffic will be allowed in, except for responses to any + traffic that has been allowed out through an egress rule. + + + Add by CIDR/Account. Indicate whether the source of + the traffic will be defined by IP address (CIDR) or an existing security group in a + &PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from + all VMs in another security group + + + Protocol. The networking protocol that sources will + use to send traffic to the security group. TCP and UDP are typically used for data + exchange and end-user communications. ICMP is typically used to send error messages or + network monitoring data. + + + Start Port, End Port. (TCP, UDP only) A range of + listening ports that are the destination for the incoming traffic. If you are opening a + single port, use the same number in both fields. + + + ICMP Type, ICMP Code. (ICMP only) The type of + message and error code that will be accepted. + + + CIDR. (Add by CIDR only) To accept only traffic + from IP addresses within a particular address block, enter a CIDR or a comma-separated + list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, + 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0. + + + Account, Security Group. (Add by Account only) To + accept only traffic from another security group, enter the &PRODUCT; account and name of + a security group that has already been defined in that account. To allow traffic between + VMs within the security group you are editing now, enter the same name you used in step + 7. + + + The following example allows inbound HTTP access from anywhere: + + + + + + httpaccess.png: allows inbound HTTP access from anywhere + + + + + To add an egress rule, click the Egress Rules tab and fill out the following fields to + specify what type of traffic is allowed to be sent out of VM instances in this security + group. If no egress rules are specified, then all traffic will be allowed out. Once egress + rules are specified, the following types of traffic are allowed out: traffic specified in + egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been + allowed in through an ingress rule + + + Add by CIDR/Account. Indicate whether the + destination of the traffic will be defined by IP address (CIDR) or an existing security + group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing + traffic to all VMs in another security group. + + + Protocol. The networking protocol that VMs will use + to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user + communications. ICMP is typically used to send error messages or network monitoring + data. + + + Start Port, End Port. (TCP, UDP only) A range of + listening ports that are the destination for the outgoing traffic. If you are opening a + single port, use the same number in both fields. + + + ICMP Type, ICMP Code. (ICMP only) The type of + message and error code that will be sent + + + CIDR. (Add by CIDR only) To send traffic only to IP + addresses within a particular address block, enter a CIDR or a comma-separated list of + CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22. + To allow all CIDRs, set to 0.0.0.0/0. + + + Account, Security Group. (Add by Account only) To + allow traffic to be sent to another security group, enter the &PRODUCT; account and name + of a security group that has already been defined in that account. To allow traffic + between VMs within the security group you are editing now, enter its name. + + + + + Click Add. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-ip-range.xml ---------------------------------------------------------------------- diff --git a/en-US/add-ip-range.xml b/en-US/add-ip-range.xml new file mode 100644 index 0000000..6da0668 --- /dev/null +++ b/en-US/add-ip-range.xml @@ -0,0 +1,124 @@ + + +%BOOK_ENTITIES; +]> + +

+ Multiple Subnets in Shared Network + &PRODUCT; provides you with the flexibility to add guest IP ranges from different subnets in + Basic zones and security groups-enabled Advanced zones. For security groups-enabled Advanced + zones, it implies multiple subnets can be added to the same VLAN. With the addition of this + feature, you will be able to add IP address ranges from the same subnet or from a different one + when IP address are exhausted. This would in turn allows you to employ higher number of subnets + and thus reduce the address management overhead. You can delete the IP ranges you have + added. +

+ Prerequisites and Guidelines + + + This feature can only be implemented: + + + on IPv4 addresses + + + if virtual router is the DHCP provider + + + on KVM, xenServer, and VMware hypervisors + + + + + Manually configure the gateway of the new subnet before adding the IP range. + + + &PRODUCT; supports only one gateway for a subnet; overlapping subnets are not + currently supported + + +

+ Adding Multiple Subnets to a Shared Network + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Infrastructure. + + + On Zones, click View More, then click the zone to which you want to work with.. + + + Click Physical Network. + + + In the Guest node of the diagram, click Configure. + + + Click Networks. + + + Select the networks you want to work with. + + + Click View IP Ranges. + + + Click Add IP Range. + The Add IP Range dialog is displayed, as follows: + + + + + + add-ip-range.png: adding an IP range to a network. + + + + + Specify the following: + All the fields are mandatory. + + + Gateway: The gateway for the tier you create. + Ensure that the gateway is within the Super CIDR range that you specified while + creating the VPC, and is not overlapped with the CIDR of any existing tier within the + VPC. + + + Netmask: The netmask for the tier you create. + For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is + 10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is + 255.255.255.0. + + + Start IP/ End IP: A range of IP addresses that + are accessible from the Internet and will be allocated to guest VMs. Enter the first + and last IP addresses that define a range that &PRODUCT; can assign to guest VMs + . + + + + + Click OK. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-iso.xml ---------------------------------------------------------------------- diff --git a/en-US/add-iso.xml b/en-US/add-iso.xml new file mode 100644 index 0000000..25986e0 --- /dev/null +++ b/en-US/add-iso.xml @@ -0,0 +1,151 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding an ISO + To make additional operating system or other software available for use with guest VMs, you + can add an ISO. The ISO is typically thought of as an operating system image, but you can also + add ISOs for other types of software, such as desktop applications that you want to be installed + as part of a template. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation bar, click Templates. + + + In Select View, choose ISOs. + + + Click Add ISO. + + + In the Add ISO screen, provide the following: + + + Name: Short name for the ISO image. For example, + CentOS 6.2 64-bit. + + + Description: Display test for the ISO image. For + example, CentOS 6.2 64-bit. + + + URL: The URL that hosts the ISO image. The + Management Server must be able to access this location via HTTP. If needed you can place + the ISO image directly on the Management Server + + + Zone: Choose the zone where you want the ISO to be + available, or All Zones to make it available throughout &PRODUCT;. + + + Bootable: Whether or not a guest could boot off + this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not + bootable. + + + OS Type: This helps &PRODUCT; and the hypervisor + perform certain operations and make assumptions that improve the performance of the + guest. Select one of the following. + + + If the operating system of your desired ISO image is listed, choose it. + + + If the OS Type of the ISO is not listed or if the ISO is not bootable, choose + Other. + + + (XenServer only) If you want to boot from this ISO in PV mode, choose Other PV + (32-bit) or Other PV (64-bit) + + + (KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO + will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have + an IDE root disk. The PV-enabled types are: + + + + + Fedora 13 + Fedora 12 + Fedora 11 + + + Fedora 10 + Fedora 9 + Other PV + + + Debian GNU/Linux + CentOS 5.3 + CentOS 5.4 + + + CentOS 5.5 + Red Hat Enterprise Linux 5.3 + Red Hat Enterprise Linux 5.4 + + + Red Hat Enterprise Linux 5.5 + Red Hat Enterprise Linux 6 + + + + + + + + + It is not recommended to choose an older version of the OS than the version in the + image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not + work. In these cases, choose Other. + + + + Extractable: Choose Yes if the ISO should be + available for extraction. + + + Public: Choose Yes if this ISO should be available + to other users. + + + Featured: Choose Yes if you would like this ISO to + be more prominent for users to select. The ISO will appear in the Featured ISOs list. + Only an administrator can make an ISO Featured. + + + + + Click OK. + The Management Server will download the ISO. Depending on the size of the ISO, this may + take a long time. The ISO status column will display Ready once it has been successfully + downloaded into secondary storage. Clicking Refresh updates the download percentage. + + + Important: Wait for the ISO to finish downloading. If + you move on to the next task and try to use the ISO right away, it will appear to fail. The + entire ISO must be available before &PRODUCT; can work with it. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-load-balancer-rule.xml ---------------------------------------------------------------------- diff --git a/en-US/add-load-balancer-rule.xml b/en-US/add-load-balancer-rule.xml new file mode 100644 index 0000000..01bf13d --- /dev/null +++ b/en-US/add-load-balancer-rule.xml @@ -0,0 +1,102 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding a Load Balancer Rule + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + Click the name of the network where you want to load balance the traffic. + + + Click View IP Addresses. + + + Click the IP address for which you want to create the rule, then click the Configuration + tab. + + + In the Load Balancing node of the diagram, click View All. + In a Basic zone, you can also create a load balancing rule without acquiring or + selecting an IP address. &PRODUCT; internally assign an IP when you create the load + balancing rule, which is listed in the IP Addresses page when the rule is created. + To do that, select the name of the network, then click Add Load Balancer tab. Continue + with . + + + Fill in the following: + + + Name: A name for the load balancer rule. + + + Public Port: The port receiving incoming traffic to + be balanced. + + + Private Port: The port that the VMs will use to + receive the traffic. + + + Algorithm: Choose the load balancing algorithm you + want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are + not familiar with these choices, you will find plenty of information about them on the + Internet. + + + Stickiness: (Optional) Click Configure and choose + the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer + Rules. + + + AutoScale: Click Configure and complete the + AutoScale configuration as explained in . + + Health Check: (Optional; NetScaler load balancers only) + Click Configure and fill in the characteristics of the health check policy. + See . + + Ping path (Optional): Sequence of destinations to which to send health check queries. + Default: / (all). + Response time (Optional): How long to wait for a response from the health check (2 - 60 seconds). + Default: 5 seconds. + Interval time (Optional): Amount of time between health checks (1 second - 5 minutes). + Default value is set in the global configuration parameter lbrule_health check_time_interval. + Healthy threshold (Optional): Number of consecutive health check successes + that are required before declaring an instance healthy. + Default: 2. + Unhealthy threshold (Optional): Number of consecutive health check failures that are required before declaring an instance unhealthy. + Default: 10. + + + + + Click Add VMs, then select two or more VMs that will divide the load of incoming + traffic, and click Apply. + The new load balancer rule appears in the list. You can repeat these steps to add more + load balancer rules for this IP address. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-loadbalancer-rule-vpc.xml ---------------------------------------------------------------------- diff --git a/en-US/add-loadbalancer-rule-vpc.xml b/en-US/add-loadbalancer-rule-vpc.xml new file mode 100644 index 0000000..90247b0 --- /dev/null +++ b/en-US/add-loadbalancer-rule-vpc.xml @@ -0,0 +1,462 @@ + + +%BOOK_ENTITIES; +]> + + +

+ Adding Load Balancing Rules on a VPC + In a VPC, you can configure two types of load balancing—external LB and internal LB. + External LB is nothing but a LB rule created to redirect the traffic received at a public IP of + the VPC virtual router. The traffic is load balanced within a tier based on your configuration. + Citrix NetScaler and VPC virtual router are supported for external LB. When you use internal LB + service, traffic received at a tier is load balanced across different VMs within that tier. For + example, traffic reached at Web tier is redirected to another VM in that tier. External load + balancing devices are not supported for internal LB. The service is provided by a internal LB VM + configured on the target tier. +

+ Load Balancing Within a Tier (External LB) + A &PRODUCT; user or administrator may create load balancing rules that balance traffic + received at a public IP to one or more VMs that belong to a network tier that provides load + balancing service in a VPC. A user creates a rule, specifies an algorithm, and assigns the + rule to a set of VMs within a tier. +

+ Enabling NetScaler as the LB Provider on a VPC Tier + + + Add and enable Netscaler VPX in dedicated mode. + Netscaler can be used in a VPC environment only if it is in dedicated mode. + + + Create a network offering, as given in . + + + Create a VPC with Netscaler as the Public LB provider. + For more information, see . + + + For the VPC, acquire an IP. + + + Create an external load balancing rule and apply, as given in . + + +

+ Creating a Network Offering for External LB + To have external LB support on VPC, create a network offering as follows: + + + Log in to the &PRODUCT; UI as a user or admin. + + + From the Select Offering drop-down, choose Network Offering. + + + Click Add Network Offering. + + + In the dialog, make the following choices: + + + Name: Any desired name for the network + offering. + + + Description: A short description of the + offering that can be displayed to users. + + + Network Rate: Allowed data transfer rate in MB + per second. + + + Traffic Type: The type of network traffic that + will be carried on the network. + + + Guest Type: Choose whether the guest network is + isolated or shared. + + + Persistent: Indicate whether the guest network + is persistent or not. The network that you can provision without having to deploy a + VM on it is termed persistent network. + + + VPC: This option indicate whether the guest + network is Virtual Private Cloud-enabled. A Virtual Private Cloud (VPC) is a + private, isolated part of &PRODUCT;. A VPC can have its own virtual network topology + that resembles a traditional physical network. For more information on VPCs, see + . + + + Specify VLAN: (Isolated guest networks only) + Indicate whether a VLAN should be specified when this offering is used. + + + Supported Services: Select Load Balancer. Use + Netscaler or VpcVirtualRouter. + + + Load Balancer Type: Select Public LB from the + drop-down. + + + LB Isolation: Select Dedicated if Netscaler is + used as the external LB provider. + + + System Offering: Choose the system service + offering that you want virtual routers to use in this network. + + + Conserve mode: Indicate whether to use conserve + mode. In this mode, network resources are allocated only when the first virtual + machine starts in the network. + + + + + Click OK and the network offering is created. + + +

+ Creating an External LB Rule + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC, for which you want to configure load + balancing rules. + The VPC page is displayed where all the tiers you created listed in a + diagram. + For each tier, the following options are displayed: + + + Internal LB + + + Public LB IP + + + Static NAT + + + Virtual Machines + + + CIDR + + + The following router information is displayed: + + + Private Gateways + + + Public IP Addresses + + + Site-to-Site VPNs + + + Network ACL Lists + + + + + In the Router node, select Public IP Addresses. + The IP Addresses page is displayed. + + + Click the IP address for which you want to create the rule, then click the + Configuration tab. + + + In the Load Balancing node of the diagram, click View All. + + + Select the tier to which you want to apply the rule. + + + Specify the following: + + + Name: A name for the load balancer rule. + + + Public Port: The port that receives the + incoming traffic to be balanced. + + + Private Port: The port that the VMs will use to + receive the traffic. + + + Algorithm. Choose the load balancing algorithm + you want &PRODUCT; to use. &PRODUCT; supports the following well-known + algorithms: + + + Round-robin + + + Least connections + + + Source + + + + + Stickiness. (Optional) Click Configure and + choose the algorithm for the stickiness policy. See Sticky Session Policies for Load + Balancer Rules. + + + Add VMs: Click Add VMs, then select two or more + VMs that will divide the load of incoming traffic, and click Apply. + + + + + The new load balancing rule appears in the list. You can repeat these steps to add more + load balancing rules for this IP address. +

+ Load Balancing Across Tiers + &PRODUCT; supports sharing workload across different tiers within your VPC. Assume that + multiple tiers are set up in your environment, such as Web tier and Application tier. Traffic + to each tier is balanced on the VPC virtual router on the public side, as explained in . If you want the traffic coming from the Web tier to + the Application tier to be balanced, use the internal load balancing feature offered by + &PRODUCT;. +

+ How Does Internal LB Work in VPC? + In this figure, a public LB rule is created for the public IP 72.52.125.10 with public + port 80 and private port 81. The LB rule, created on the VPC virtual router, is applied on + the traffic coming from the Internet to the VMs on the Web tier. On the Application tier two + internal load balancing rules are created. An internal LB rule for the guest IP 10.10.10.4 + with load balancer port 23 and instance port 25 is configured on the VM, InternalLBVM1. + Another internal LB rule for the guest IP 10.10.10.4 with load balancer port 45 and instance + port 46 is configured on the VM, InternalLBVM1. Another internal LB rule for the guest IP + 10.10.10.6, with load balancer port 23 and instance port 25 is configured on the VM, + InternalLBVM2. + + + + + + vpc-lb.png: Configuring internal LB for VPC + + +

+ Guidelines + + Internal LB and Public LB are mutually exclusive on a tier. If the tier has LB on the public + side, then it can't have the Internal LB. + Internal LB is supported just on VPC networks in &PRODUCT; 4.2 release. + Only Internal LB VM can act as the Internal LB provider in &PRODUCT; 4.2 release. + Network upgrade is not supported from the network offering with Internal LB to the network + offering with Public LB. + Multiple tiers can have internal LB support in a VPC. + Only one tier can have Public LB support in a VPC. + +

+ Enabling Internal LB on a VPC Tier + + + Create a network offering, as given in . + + + Create an internal load balancing rule and apply, as given in . + + +

+ Creating a Network Offering for Internal LB + To have internal LB support on VPC, either use the default offering, + DefaultIsolatedNetworkOfferingForVpcNetworksWithInternalLB, or create a network offering as + follows: + + + Log in to the &PRODUCT; UI as a user or admin. + + + From the Select Offering drop-down, choose Network Offering. + + + Click Add Network Offering. + + + In the dialog, make the following choices: + + + Name: Any desired name for the network + offering. + + + Description: A short description of the + offering that can be displayed to users. + + + Network Rate: Allowed data transfer rate in MB + per second. + + + Traffic Type: The type of network traffic that + will be carried on the network. + + + Guest Type: Choose whether the guest network is + isolated or shared. + + + Persistent: Indicate whether the guest network + is persistent or not. The network that you can provision without having to deploy a + VM on it is termed persistent network. + + + VPC: This option indicate whether the guest + network is Virtual Private Cloud-enabled. A Virtual Private Cloud (VPC) is a + private, isolated part of &PRODUCT;. A VPC can have its own virtual network topology + that resembles a traditional physical network. For more information on VPCs, see + . + + + Specify VLAN: (Isolated guest networks only) + Indicate whether a VLAN should be specified when this offering is used. + + + Supported Services: Select Load Balancer. + Select InternalLbVM from the provider list. + + + Load Balancer Type: Select Internal LB from the + drop-down. + + + System Offering: Choose the system service + offering that you want virtual routers to use in this network. + + + Conserve mode: Indicate whether to use conserve + mode. In this mode, network resources are allocated only when the first virtual + machine starts in the network. + + + + + Click OK and the network offering is created. + + +

+ Creating an Internal LB Rule + When you create the Internal LB rule and applies to a VM, an Internal LB VM, which is + responsible for load balancing, is created. + You can view the created Internal LB VM in the Instances page if you navigate to + Infrastructure > Zones > + <zone_ name> > <physical_network_name> > Network Service + Providers > Internal LB VM. You can manage the + Internal LB VMs as and when required from the location. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Locate the VPC for which you want to configure internal LB, then click + Configure. + The VPC page is displayed where all the tiers you created listed in a + diagram. + + + Locate the Tier for which you want to configure an internal LB rule, click Internal + LB. + In the Internal LB page, click Add Internal LB. + + + In the dialog, specify the following: + + + Name: A name for the load balancer rule. + + + Description: A short description of the rule + that can be displayed to users. + + + Source IP Address: (Optional) The source IP + from which traffic originates. The IP is acquired from the CIDR of that particular + tier on which you want to create the Internal LB rule. If not specified, the IP + address is automatically allocated from the network CIDR. + For every Source IP, a new Internal LB VM is created for load balancing. + + + Source Port: The port associated with the + source IP. Traffic on this port is load balanced. + + + Instance Port: The port of the internal LB + VM. + + + Algorithm. Choose the load balancing algorithm + you want &PRODUCT; to use. &PRODUCT; supports the following well-known + algorithms: + + + Round-robin + + + Least connections + + + Source + + + + + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-members-to-projects.xml ---------------------------------------------------------------------- diff --git a/en-US/add-members-to-projects.xml b/en-US/add-members-to-projects.xml new file mode 100644 index 0000000..39c3edf --- /dev/null +++ b/en-US/add-members-to-projects.xml @@ -0,0 +1,35 @@ + + +%BOOK_ENTITIES; +]> + + + +

+ Adding Members to a Project + New members can be added to a project by the project’s administrator, the domain administrator of the domain where the project resides or any parent domain, or the &PRODUCT; root administrator. There are two ways to add members in &PRODUCT;, but only one way is enabled at a time: + + If invitations have been enabled, you can send invitations to new members. + If invitations are not enabled, you can add members directly through the UI. + + + +

+ http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-more-clusters.xml ---------------------------------------------------------------------- diff --git a/en-US/add-more-clusters.xml b/en-US/add-more-clusters.xml new file mode 100644 index 0000000..894b4d8 --- /dev/null +++ b/en-US/add-more-clusters.xml @@ -0,0 +1,29 @@ + + +%BOOK_ENTITIES; +]> + +

+ Add More Clusters (Optional) + You need to tell &PRODUCT; about the hosts that it will manage. Hosts exist inside clusters, + so before you begin adding hosts to the cloud, you must add at least one cluster. + + + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-password-management-to-templates.xml ---------------------------------------------------------------------- diff --git a/en-US/add-password-management-to-templates.xml b/en-US/add-password-management-to-templates.xml new file mode 100644 index 0000000..581e564 --- /dev/null +++ b/en-US/add-password-management-to-templates.xml @@ -0,0 +1,33 @@ + + +%BOOK_ENTITIES; +]> + + + +

+ Adding Password Management to Your Templates + &PRODUCT; provides an optional password reset feature that allows users to set a temporary admin or root password as well as reset the existing admin or root password from the &PRODUCT; UI. + To enable the Reset Password feature, you will need to download an additional script to patch your template. When you later upload the template into &PRODUCT;, you can specify whether reset admin/root password feature should be enabled for this template. + The password management feature works always resets the account password on instance boot. The script does an HTTP call to the virtual router to retrieve the account password that should be set. As long as the virtual router is accessible the guest will have access to the account password that should be used. When the user requests a password reset the management server generates and sends a new password to the virtual router for the account. Thus an instance reboot is necessary to effect any password changes. + If the script is unable to contact the virtual router during instance boot it will not set the password but boot will continue normally. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-portforward-rule-vpc.xml ---------------------------------------------------------------------- diff --git a/en-US/add-portforward-rule-vpc.xml b/en-US/add-portforward-rule-vpc.xml new file mode 100644 index 0000000..5b1bb49 --- /dev/null +++ b/en-US/add-portforward-rule-vpc.xml @@ -0,0 +1,117 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding a Port Forwarding Rule on a VPC + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + For each tier, the following options are displayed: + + + Internal LB + + + Public LB IP + + + Static NAT + + + Virtual Machines + + + CIDR + + + The following router information is displayed: + + + Private Gateways + + + Public IP Addresses + + + Site-to-Site VPNs + + + Network ACL Lists + + + + + In the Router node, select Public IP Addresses. + The IP Addresses page is displayed. + + + Click the IP address for which you want to create the rule, then click the Configuration + tab. + + + In the Port Forwarding node of the diagram, click View All. + + + Select the tier to which you want to apply the rule. + + + Specify the following: + + + Public Port: The port to which public traffic will + be addressed on the IP address you acquired in the previous step. + + + Private Port: The port on which the instance is + listening for forwarded public traffic. + + + Protocol: The communication protocol in use between + the two ports. + + + TCP + + + UDP + + + + + Add VM: Click Add VM. Select the name of the + instance to which this rule applies, and click Apply. + You can test the rule by opening an SSH session to the instance. + + + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-primary-storage.xml ---------------------------------------------------------------------- diff --git a/en-US/add-primary-storage.xml b/en-US/add-primary-storage.xml new file mode 100644 index 0000000..a43567f --- /dev/null +++ b/en-US/add-primary-storage.xml @@ -0,0 +1,108 @@ + + +%BOOK_ENTITIES; +]> + +

+ Adding Primary Storage + + Ensure that nothing stored on the server. Adding the server to CloudStack will destroy any + existing data. + + When you create a new zone, the first primary storage is added as part of that procedure. + You can add primary storage servers at any time, such as when adding a new cluster or adding + more servers to an existing cluster. + + + Log in to the &PRODUCT; UI. + + + In the left navigation, choose Infrastructure. In Zones, click View More, then click the + zone in which you want to add the primary storage. + + + Click the Compute tab. + + + In the Primary Storage node of the diagram, click View All. + + + Click Add Primary Storage. + + + Provide the following information in the dialog. The information required varies + depending on your choice in Protocol. + + + Pod. The pod for the storage device. + + + Cluster. The cluster for the storage device. + + + Name. The name of the storage device + + + Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS + or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or + NFS + + + Server (for NFS, iSCSI, or PreSetup). The IP address or DNS name of the storage + device + + + Server (for VMFS). The IP address or DNS name of the vCenter server. + + + Path (for NFS). In NFS this is the exported path from the server. + + + Path (for VMFS). In vSphere this is a combination of the datacenter name and the + datastore name. The format is "/" datacenter name "/" datastore name. For example, + "/cloud.dc.VM/cluster1datastore". + + + Path (for SharedMountPoint). With KVM this is the path on each host that is where + this primary storage is mounted. For example, "/mnt/primary". + + + SR Name-Label (for PreSetup). Enter the name-label of the SR that has been set up + outside &PRODUCT;. + + + Target IQN (for iSCSI). In iSCSI this is the IQN of the target. For example, + iqn.1986-03.com.sun:02:01ec9bb549-1271378984 + + + Lun # (for iSCSI). In iSCSI this is the LUN number. For example, 3. + + + Tags (optional). The comma-separated list of tags for this storage device. It should + be an equivalent set or superset of the tags on your disk offerings. + + + The tag sets on primary storage across clusters in a Zone must be identical. For + example, if cluster A provides primary storage that has tags T1 and T2, all other clusters + in the Zone must also provide primary storage that has tags T1 and T2. + + + Click OK. + + +

http://git-wip-us.apache.org/repos/asf/cloudstack-docs/blob/b23872a5/en-US/add-projects-members-from-ui.xml ---------------------------------------------------------------------- diff --git a/en-US/add-projects-members-from-ui.xml b/en-US/add-projects-members-from-ui.xml new file mode 100644 index 0000000..670a0ec --- /dev/null +++ b/en-US/add-projects-members-from-ui.xml @@ -0,0 +1,37 @@ + + +%BOOK_ENTITIES; +]> + + + +

+ Adding Project Members From the UI + The steps below tell how to add a new member to a project if the invitations feature is not enabled in the cloud. If the invitations feature is enabled cloud,as described in , use the procedure in . + + Log in to the &PRODUCT; UI. + In the left navigation, click Projects. + In Select View, choose Projects. + Click the name of the project you want to work with. + Click the Accounts tab. The current members of the project are listed. + Type the account name of the new member you want to add, and click Add Account. You can add only people who have an account in this cloud and within the same domain as the project. + +