cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chiradeep Vittal <Chiradeep.Vit...@citrix.com>
Subject Re: Multiple IP's to one instance
Date Wed, 21 Nov 2012 23:56:37 GMT
To summarise the discussion so far:
 - multiple guest Ips per NIC is very important for VPS-like environments.
The primary usecase here would be ssl certs that are tied to the ip.
 - an additional advantage is the ability to perform ip-takeover required
in HA/hearbeat environments
 - most important in a shared network (e.g., where all vms have
non-RFC1918 addresses)
 - also required in advanced zone where there is a virtual router doing
NAT/PF.
 - it is expected that there is a 'primary ip' assigned by DHCP and the
additional ips are assigned manually by the VM owner. However additional
ips are requested through CS API/UI.
 - should be able to NAT to these additional guest ips when there is a
VR/managed firewall.
 - In Basic Zone this is a nice to have but not pressing.

On 11/21/12 2:26 PM, "Clayton Weise" <cweise@iswest.net> wrote:

>James, you're looking at it from a larger scope in which VMs are cogs in
>a big machine, but if you look at it from a smaller customer perspective
>this is not only something that is essential, it's _assumed_ to exist.
>Case in point, shared hosting providers of any sort.  It's very common to
>have a single server which hosts multiple websites and SSL requires a
>unique binding.  There are NAT hacks around this with advanced
>networking, but nothing in basic networking.
>
>For smaller cloud hosting companies, web design firms and other hosting
>providers are easy customers to acquire and see a big benefit in handing
>off the infrastructure to the cloud hoster and just worrying about
>administering their websites.  A VM that can only have a single IP
>address is basically useless for them.  And if you tell them they need to
>get separate instances for each SSL site they're going to go to a
>competitor.
>
>-----Original Message-----
>From: Boylan, James [mailto:JAMES.BOYLAN@orbitz.com]
>Sent: Wednesday, November 21, 2012 11:46 AM
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>Single NIC. I can definitely seeing situations where you would want to
>have multiple interfaces for managing the traffic within a VM. But I
>don't really see the real benefit in a cloud environment for having a
>number of IPs assigned to one NIC. (Cloud environment not just a virtual
>environment.)
>
>-- James
>
>
>-----Original Message-----
>From: Hari Kannan [mailto:hari.kannan@citrix.com]
>Sent: Wednesday, November 21, 2012 1:42 PM
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>@James: Are you saying there is no benefit in having a single VM having
>multiple IPs or a single NIC having multiple IPs?
>
>-----Original Message-----
>From: Jonathan Bastin [mailto:jonathan.bastin@peerpointinternet.co.uk]
>Sent: Wednesday, November 21, 2012 11:41 AM
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>But if customer requests it then you need to provide it. May people use
>IP locking than port locking for SSL certs.
>
>-----Original Message-----
>From: Boylan, James [mailto:JAMES.BOYLAN@orbitz.com]
>Sent: 21 November 2012 19:37
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>I don't actually see the benefit of this. It really goes against the
>whole point of a Cloud environment. You shouldn't find yourself in a
>situation where you need multiple IPs per interface.
>
>-- James
>
>-----Original Message-----
>From: Jonathan Bastin [mailto:jonathan.bastin@peerpointinternet.co.uk]
>Sent: Wednesday, November 21, 2012 1:35 PM
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>I said to fill my request it would need to work on advanced with the
>guest network as this is where the pool sits. I also request this on a
>shared and an isolated network.
>
>-----Original Message-----
>From: Anthony Xu [mailto:Xuefei.Xu@citrix.com]
>Sent: 21 November 2012 19:29
>To: cloudstack-users@incubator.apache.org
>Subject: RE: Multiple IP's to one instance
>
>Where is FS for this feature? Will this feature be added to basic zone?
>If that's the case, Security group needs to be changed, otherwise the
>second IP will not work because of anti-spoofing.
>
>Anthony
>
>> -----Original Message-----
>> From: Jonathan Bastin [mailto:jonathan.bastin@peerpointinternet.co.uk]
>> Sent: Wednesday, November 21, 2012 11:11 AM
>> To: cloudstack-users@incubator.apache.org
>> Subject: RE: Multiple IP's to one instance
>>
>> I suggested that a few emails back and ultimately that is the quickest
>> way and a dev did post back to say they were working on it for release
>> 4.1 if it makes it.
>>
>> -----Original Message-----
>> From: Clayton Weise [mailto:cweise@iswest.net]
>> Sent: 21 November 2012 18:23
>> To: cloudstack-users
>> Subject: RE: Multiple IP's to one instance
>>
>> Given that limitation, couldn't CloudStack just take whatever steps
>> necessary to make sure that the IP address doesn't get assigned to
>> anything else and let the user manually add that second address?  It
>> just seems easier
>>
>> -----Original Message-----
>> From: Facundo Guerrero [mailto:fguerrero@ipaddress.com.ar]
>> Sent: Wednesday, November 21, 2012 9:50 AM
>> To: cloudstack-users
>> Subject: Re: Multiple IP's to one instance
>>
>> KVM has a limit of 8 nic's per VM. and there is no limit for multimes
>> ip's on the same nic.
>>
>> *Facundo Guerrero*
>> *System Administrator*
>> *IPaddress integradores de soluciones*
>> Tel: (54 11) 6009-5800 int 117
>> GPG ID: 0x14F4C737
>> fguerrero@ipaddress.com.ar
>> *www.ipaddress.com.ar*
>>
>>
>>
>>
>> 2012/11/21 Chip Childers <chip.childers@sungard.com>
>>
>> > On Wed, Nov 21, 2012 at 12:34 PM, Anthony Xu <Xuefei.Xu@citrix.com>
>> wrote:
>> > > CS manages User VM IP through DHCP service, I'm not sure DHCP can
>> > deliver two IPs for one MAC/NIC.
>> > > I agree that multiple NICs is easier than multiple IPs on same NIC.
>> >
>> > Since they are virtual hardware anyway, it's logical to just create
>> > new interfaces instead of dealing with the difficulties of multiple
>> > IPs per NIC.
>> >
>> > > Anthony
>> > >
>> > >
>> > >
>> > >> -----Original Message-----
>> > >> From: Matthew Hartmann [mailto:mhartmann@tls.net]
>> > >> Sent: Wednesday, November 21, 2012 8:54 AM
>> > >> To: cloudstack-users@incubator.apache.org
>> > >> Subject: RE: Multiple IP's to one instance
>> > >>
>> > >> What would be really neat is if you could have multiple NICs per
>> VM
>> > >> without having to have multiple virtual networks. For example, if
>> > >> I'm hosting a shared web server and need to host multiple SSL
>> > >> websites, I'm going to need not just multiple public IPs but
>> > >> multiple NICs as well on the VM. IMO, I believe this would be
>> > >> easier than trying to manage multiple IPs on one VIF.
>> > >>
>> > >> Matthew Hartmann
>> > >> Systems Administrator | V: 812.378.4100 x 850 | E:
>> > >> mhartmann@tls.net
>> > >>
>> > >> TLS.NET, Inc.
>> > >> http://www.tls.net
>> > >>
>> > >> -----Original Message-----
>> > >> From: Jonathan Bastin
>> > >> [mailto:Jonathan.Bastin@peerpointinternet.co.uk]
>> > >> Sent: Monday, November 19, 2012 1:35 PM
>> > >> To: cloudstack-users@incubator.apache.org
>> > >> Subject: Re: Multiple IP's to one instance
>> > >>
>> > >> It should be what ever the user wishes to allocate per single nic
>> > >>
>> > >> Regards,
>> > >>
>> > >>
>> > >> Jonathan Bastin
>> > >> 07739668262
>> > >>
>> > >> ----- Reply message -----
>> > >> From: "Anthony Xu" <Xuefei.Xu@citrix.com>
>> > >> To: "cloudstack-users@incubator.apache.org"
>> > >> <cloudstack-users@incubator.apache.org>
>> > >> Subject: Multiple IP&apos;s to one instance
>> > >> Date: Mon, Nov 19, 2012 18:21
>> > >>
>> > >>
>> > >>
>> > >> 'multiple IP's per NIC on guest VM'
>> > >>
>> > >> Does that mean there is one NIC in guest VM, and there are more
>> > >> than one IPs on this guest NIC?
>> > >>
>> > >> Can you elaborate more how you are going to implement it?
>> > >>
>> > >>
>> > >> Anthony
>> > >>
>> > >> > -----Original Message-----
>> > >> > From: Jayapal Reddy Uradi
>> > >> > [mailto:jayapalreddy.uradi@citrix.com]
>> > >> > Sent: Monday, November 19, 2012 3:50 AM
>> > >> > To: cloudstack-users@incubator.apache.org
>> > >> > Subject: RE: Multiple IP's to one instance
>> > >> >
>> > >> > I will  work on this feature 'multiple IP's per NIC on guest VM'.
>> > >> Hope
>> > >> > fully it will come in  4.1 release.
>> > >> >
>> > >> > Thanks,
>> > >> > Jayapal
>> > >> >
>> > >> > > On 16/11/12 4:20 PM, "Geoff Higginbottom"
>> > >> > > <geoff.higginbottom@shapeblue.com> wrote:
>> > >> > >
>> > >> > > >This gets my vote
>> > >> > > >
>> > >> > > >Regards
>> > >> > > >
>> > >> > > >Geoff
>> > >> > > >
>> > >> > > >
>> > >> > > >-----Original Message-----
>> > >> > > >From: Jonathan Bastin
>> > >> > [mailto:jonathan.bastin@peerpointinternet.co.uk]
>> > >> > > >Sent: 16 November 2012 10:00
>> > >> > > >To: cloudstack-users@incubator.apache.org
>> > >> > > >Subject: RE: Multiple IP's to one instance
>> > >> > > >
>> > >> > > >Everybody wanting this please vote for it and see if
we can
>> > >> > > >get
>> > >> this
>> > >> > to
>> > >> > > >happen.
>> > >> > > >
>> > >> > > >-----Original Message-----
>> > >> > > >From: Facundo Guerrero [mailto:fguerrero@ipaddress.com.ar]
>> > >> > > >Sent: 16 November 2012 03:25
>> > >> > > >To: cloudstack-users
>> > >> > > >Subject: Re: Multiple IP's to one instance
>> > >> > > >
>> > >> > > >I not use the dhcp server to assign the ip into the vm.
i
>> only
>> > >> made
>> > >> > nat
>> > >> > > >1:1 to other ip's in the network, then i add the new
ip into
>> > >> > > >the
>> > >> vm
>> > >> > as
>> > >> > > >eth0:1, eth0:2.
>> > >> > > >
>> > >> > > >Jira link >
>> > >> > > >https://issues.apache.org/jira/browse/CLOUDSTACK-24
>> > >> > > >
>> > >> > > >I'll send you the modifications that i made to the script.
>> > >> > > >
>> > >> > > >
>> > >> > > >
>> > >> > > >
>> > >> > > >2012/11/15 Clayton Weise <cweise@iswest.net>
>> > >> > > >
>> > >> > > >> Also, what is your bug ID for this feature request
so we
>> can
>> > >> vote
>> > >> > on it.
>> > >> > > >>
>> > >> > > >> -----Original Message-----
>> > >> > > >> From: Facundo Guerrero [mailto:fguerrero@ipaddress.com.ar]
>> > >> > > >> Sent: Thursday, November 15, 2012 5:00 PM
>> > >> > > >> To: cloudstack-users@incubator.apache.org
>> > >> > > >> Subject: Re: Multiple IP's to one instance
>> > >> > > >>
>> > >> > > >> Jonathan
>> > >> > > >>
>> > >> > > >> Thats is not possible yet, i open a feature request
asking
>> > >> > > >> for
>> > >> > this.
>> > >> > > >> I made some hacks on the virtual router to add more
that
>> > >> > > >> open IP
>> > >> > on
>> > >> > > >> the same
>> > >> > > >VM.
>> > >> > > >>
>> > >> > > >>
>> > >> > > >>
>> > >> > > >>
>> > >> > > >>
>> > >> > > >>
>> > >> > > >> 2012/11/15 Jonathan Bastin
>> > >> > <jonathan.bastin@peerpointinternet.co.uk>
>> > >> > > >>
>> > >> > > >> > I have made a guest network (cloudstack implementation
>> > >> advanced
>> > >> > > >> > networking) with live IP's that is a shared
network.
>> > >> > > >> > What I
>> > >> want
>> > >> > to
>> > >> > > >> > know
>> > >> > > >> is
>> > >> > > >> > how to I assign more than one IP to an instance
without
>> > >> > > >> > using
>> > >> an
>> > >> > > >> > isolated network with a router. I literally
want to
>> assign
>> > >> > > >> > say
>> > >> 5
>> > >> > > >> > IP's to one instance.
>> > >> > > >> >
>> > >> > > >> ----------------------------------------------------------
>> > >> > > >> -
>> -
>> > >> > > >> ----
>> > >> --
>> > >> > ---
>> > >> > > >> -
>> > >> > > >> ----------------------------------------------------
>> > >> > > >> > This email (including any attachments) is intended
only
>> > >> > > >> > for
>> > >> the
>> > >> > > >> > recipient(s) named above. It may contain confidential
or
>> > >> > privileged
>> > >> > > >> > information and should not be read, copied
or otherwise
>> > >> > > >> > used
>> > >> by
>> > >> > any
>> > >> > > >> > other person. If you are not the named recipient
please
>> > >> contact
>> > >> > the
>> > >> > > >> > sender and delete the email from your system.
The
>> author's
>> > >> > > >> > incumbent expressions, views and thoughts are
their own
>> > >> > > >> > and
>> > >> not
>> > >> > > >> > necessarily representative of those of the
Peer Point
>> > >> > > >> > Internet
>> > >> > Ltd
>> > >> > > >> > or associated
>> > >> > > >companies.
>> > >> > > >> >
>> > >> > > >>
>> > >> > > >
>> > >> > > >------------------------------------------------------------
>> > >> > > >-
>> -
>> > >> > > >----
>> > >> --
>> > >> > ---
>> > >> > > >---
>> > >> > > >------------------------------------------------ This
email
>> > >> > (including
>> > >> > > >any attachments) is intended only for the recipient(s)
named
>> above.
>> > >> > It
>> > >> > > >may contain confidential or privileged information and
>> > >> > > >should not
>> > >> be
>> > >> > > >read, copied or otherwise used by any other person. If
you
>> are
>> > >> > > >not
>> > >> > the
>> > >> > > >named recipient please contact the sender and delete
the
>> email
>> > >> from
>> > >> > > >your system. The author's incumbent expressions, views
and
>> > >> thoughts
>> > >> > are
>> > >> > > >their own and not necessarily representative of those
of the
>> > >> > > >Peer
>> > >> > Point
>> > >> > > >Internet Ltd or associated companies.
>> > >> > > >
>> > >> > > >ShapeBlue provides a range of strategic and technical
>> > >> > > >consulting
>> > >> and
>> > >> > > >implementation services to help IT Service Providers
and
>> > >> Enterprises
>> > >> > to
>> > >> > > >build a true IaaS compute cloud. ShapeBlue┬╣s expertise,
>> > >> > > >combined
>> > >> > with
>> > >> > > >CloudStack technology, allows IT Service Providers and
>> > >> > > >Enterprises
>> > >> > to
>> > >> > > >deliver true, utility based, IaaS to the customer or
end-user.
>> > >> > > >
>> > >> > > >________________________________
>> > >> > > >
>> > >> > > >This email and any attachments to it may be confidential
and
>> > >> > > >are intended solely for the use of the individual to
whom it
>> > >> > > >is
>> > >> > addressed.
>> > >> > > >Any views or opinions expressed are solely those of the
>> author
>> > >> > > >and
>> > >> > do
>> > >> > > >not necessarily represent those of Shape Blue Ltd. If
you
>> > >> > > >are not
>> > >> > the
>> > >> > > >intended recipient of this email, you must neither take
any
>> > >> > > >action based upon its contents, nor copy or show it to
anyone.
>> > >> > > >Please
>> > >> > contact
>> > >> > > >the sender if you believe you have received this email
in
>> error.
>> > >> > Shape
>> > >> > > >Blue Ltd is a company incorporated in England & Wales.
>> > >> > > >
>> > >> > >
>> > >>
>> > >> -----------------------------------------------------------------
>> > >> -
>> -
>> > >> ----
>> > >> -----
>> > >> ---------------------------------------------- This email
>> > >> (including any
>> > >> attachments) is intended only for the recipient(s) named above.
>> > >> It may contain confidential or privileged information and should
>> > >> not be read, copied or otherwise used by any other person. If you
>> > >> are not the named recipient please contact the sender and delete
>> > >> the email from your system.
>> > >> The author's incumbent expressions, views and thoughts are their
>> > >> own and not necessarily representative of those of the Peer Point
>> > >> Internet Ltd or associated companies.
>> > >
>> > >
>> >
>>
>> ----------------------------------------------------------------------
>> -
>> --------------------------------------------------- This email
>> (including any attachments) is intended only for the recipient(s)
>> named above. It may contain confidential or privileged information and
>> should not be read, copied or otherwise used by any other person. If
>> you are not the named recipient please contact the sender and delete
>> the email from your system. The author's incumbent expressions, views
>> and thoughts are their own and not necessarily representative of those
>> of the Peer Point Internet Ltd or associated companies.
>
>--------------------------------------------------------------------------
>--
>---------------------------------------------- This email (including any
>attachments) is intended only for the recipient(s) named above. It may
>contain confidential or privileged information and should not be read,
>copied or otherwise used by any other person. If you are not the named
>recipient please contact the sender and delete the email from your system.
>The author's incumbent expressions, views and thoughts are their own and
>not necessarily representative of those of the Peer Point Internet Ltd or
>associated companies.
>
>--------------------------------------------------------------------------
>------------------------------------------------ This email (including
>any attachments) is intended only for the recipient(s) named above. It
>may contain confidential or privileged information and should not be
>read, copied or otherwise used by any other person. If you are not the
>named recipient please contact the sender and delete the email from your
>system. The author's incumbent expressions, views and thoughts are their
>own and not necessarily representative of those of the Peer Point
>Internet Ltd or associated companies.

Mime
View raw message