cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Will Stevens <>
Subject Re: [DISCUSS] Palo Alto Integration
Date Mon, 01 Apr 2013 15:22:10 GMT
Thank you for all your help Murali...

So my Provider has been setup with isExternal = true this whole time.
public static final Provider PaloAlto = new Provider("PaloAlto", true);

If I run a debugger and then create a guest network, I see it enter the
'design' function of the ExternalGuestNetworkGuru, but it does not do
anything in there because the config is not null, but the config.getId() =
-1, so it just returns the config (Network object) and doesn't really do

Apparently the 'implement' method doesn't get called until a VM is
attempted to be launched on the network.

I must be missing something because, every Isolated guest network I create
on my provider is defaulting to the cidr of  Even if I have
multiple Isolated networks associated with the same account, they all by
default have that cidr.

If the default behaviour of the ExternalGuestNetworkGuru is to create
non-overlapping guest cidrs, why does it always default to the when I create a new network?  I can not specify a
gateway or netmask
because it is an external network (as you can see from the included
[image: Inline image 1]

What am I missing here?  Why am I unable to create non-overlapping cidrs
with the ExternalGuestNetworkGuru?



On Fri, Mar 29, 2013 at 1:23 AM, Murali Reddy <>wrote:

> On 28/03/13 10:59 PM, "Will Stevens" <> wrote:
> >I am trying to implement the non-overlapping cidrs right now and I have
> >some questions.  Does the ExternalGuestNetworkGuru create networks with
> >non-overlapping cidrs by default?  Or do I need to override it's 'design'
> >and 'implement' methods to implement non overlapping cidrs?
> Will, yes, it does by default. You can just use
> 'ExternalGuestNetworkGuru'. Just so that you know, there is check
> 'networkIsConfiguredForExternalNetworking' in ExternalGuestNetworkGuru.
> Which basically checks if provider is configured as service provider using
> external physical appliances. So when you declare provider, mark
> 'isExternal' as true in the provider constructor.
> >
> >If I have to write my own methods, I think I understand how to
> >override ExternalGuestNetworkGuru and then get it to run by adding it to
> >the components.xml (or nonoss-components.xml) as well as the
> >
> >
> >If I do not have to actually write the logic for the non-overlapping cidrs
> >(which i am hoping is the case), and the ExternalGuestNetworkGuru actually
> >implements that logic, how would I get the ExternalGuestNetworkGuru into
> >my
> >flow without actually overriding the class?  I understand that the
> >components are loaded through the components.xml stuff, but its not clear
> >how you specify which NetworkGuru should be used in my specific flow.
> >
> >I am basically working from this
> >document<
> >ng.html>and
> >the code.  Is there any other resources I should be aware of for
> >extending the CloudStack networking functionality?
> >
> >I have a good start on a Resource, ExternalFirewallElement and an
> >ExternalFirewallService.  I can currently set the Palo Alto as the
> >provider
> >of Firewall, SourceNat, StaticNat and Port Forwarding services.  I can
> >currently Add, List, Configure and Delete my Palo Alto provider.
> >
> >I am getting there, but I still feel like there are gaps in my knowledge
> >when using the CS networking plugin functionality.
> Good the hear the progress. Feel free to ask any question.
> Thanks,
> Murali
> >
> >Thanks,
> >
> >Will

  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message