cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Comerford <davest...@gmail.com>
Subject Re: Architecture Question
Date Tue, 06 Aug 2013 23:15:37 GMT
You don't need a proxy. The VPC is held together by the virtual router.
That forwards the traffic to and from all the zones/DMZs or the CloudStack
term "network tiers".

Ideally you would make a Web network tier where the web servers would
reside. Anther tier for application servers, anto

Best regards,
David Comerford
------------------------
Tel: +353 87 1238295
Email: davestyle@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie


On 7 August 2013 00:09, Bradley Hieber <mercsniper@gmail.com> wrote:

> I need to place a proxy and web servers in my DMZ. Am I just not getting
> something?
>
>
> On Tue, Aug 6, 2013 at 7:06 PM, David Comerford <davestyle@gmail.com>
> wrote:
>
> > The DMZ in your diagram would be the Guest Public network you have
> defined.
> > Each zone you have behind the router can be isolated on it's own VLAN and
> > have it's own firewall rules controlling ingress/egress.
> >
> > This diagram might explain it a bit better:
> >
> >
> https://cwiki.apache.org/confluence/download/attachments/30747129/image001.png?version=1&modificationDate=1357237708000
> >
> > Best regards,
> > David Comerford
> > ------------------------
> > Tel: +353 87 1238295
> > Email: davestyle@gmail.com
> > Website: http://dave.ie
> > GPG key: http://gpg.dave.ie
> >
> >
> > On 6 August 2013 23:59, Bradley Hieber <mercsniper@gmail.com> wrote:
> >
> > > How would I force the traffic to go through the DMZ? Would I set a
> small
> > > LAN in the virtual router to point to a proxy address in the DMZ?
> > > —
> > > Sent from Mailbox for iPhone
> > >
> > > On Tue, Aug 6, 2013 at 6:58 PM, David Comerford <davestyle@gmail.com>
> > > wrote:
> > >
> > > > VPC's are the way to go. Your diagram is a text book example.
> > > >
> > >
> >
> http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/configure-vpc.html
> > > > Best regards,
> > > > David Comerford
> > > > ------------------------
> > > > Tel: +353 87 1238295
> > > > Email: davestyle@gmail.com
> > > > Website: http://dave.ie
> > > > GPG key: http://gpg.dave.ie
> > > > On 6 August 2013 14:36, Bradley Hieber <mercsniper@gmail.com> wrote:
> > > >> It could very well be VPC's. The idea is we are planning on using
> 5-6
> > > hosts
> > > >> in this environment. So designing the solution to fit this hardware
> > > >> requirement is critical.
> > > >>
> > > >>
> > > >> On Tue, Aug 6, 2013 at 9:29 AM, Murali Reddy <
> Murali.Reddy@citrix.com
> > > >> >wrote:
> > > >>
> > > >> >
> > > >> > Can 'hosting zones' represented in diagram can be contained into
a
> > > >> > CloudStack zone? If so you can dedicated set of hosts to be in
the
> > > DMZ.
> > > >> > Then you can leverage 'host tags' [1] functionality to place
VM's
> > > >> > providing edge services (CloudStack system VM's or user VM's)
on
> the
> > > >> hosts
> > > >> > dedicated in DMZ.
> > > >> >
> > > >> > [1]
> > > https://cwiki.apache.org/CLOUDSTACK/host-tags-and-storage-tags.html
> > > >> >
> > > >> > On 05/08/13 11:28 PM, "Bradley Hieber" <mercsniper@gmail.com>
> > wrote:
> > > >> >
> > > >> > >The goal is to have a virtualized dmz area where we can place
> > public
> > > >> > >facing
> > > >> > >webservers, and other software based firewalls to protect
the
> > > different
> > > >> > >virtualization areas. Each of the virtualization areas will
host
> > > >> different
> > > >> > >environments for clients to utilize.
> > > >> > >
> > > >> > >
> > > >> > >On Mon, Aug 5, 2013 at 1:55 PM, Chip Childers
> > > >> > ><chip.childers@sungard.com>wrote:
> > > >> > >
> > > >> > >> Can you explain a bit more about what your diagram implies?
>  That
> > > >> might
> > > >> > >> help us help you.
> > > >> > >>
> > > >> > >>
> > > >> > >> On Mon, Aug 5, 2013 at 10:24 AM, Bradley Hieber <
> > > mercsniper@gmail.com
> > > >> > >> >wrote:
> > > >> > >>
> > > >> > >> > Is it possible to create this type of architecture
with
> > > cloudstack?
> > > >> > >>Any
> > > >> > >> > design ideas you can provide?
> > > >> > >> >
> > > >> > >> > http://img850.imageshack.us/img850/7940/lnzp.jpg
> > > >> > >> >
> > > >> > >> > --
> > > >> > >> > Brad
> > > >> > >> >
> > > >> > >>
> > > >> > >
> > > >> > >
> > > >> > >
> > > >> > >--
> > > >> > >Brad
> > > >> > >
> > > >> >
> > > >> >
> > > >> >
> > > >>
> > > >>
> > > >> --
> > > >> Brad
> > > >>
> > >
> >
>
>
>
> --
> Brad
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message