cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bradley Hieber <mercsni...@gmail.com>
Subject Re: Architecture Question
Date Tue, 06 Aug 2013 23:09:22 GMT
I need to place a proxy and web servers in my DMZ. Am I just not getting
something?


On Tue, Aug 6, 2013 at 7:06 PM, David Comerford <davestyle@gmail.com> wrote:

> The DMZ in your diagram would be the Guest Public network you have defined.
> Each zone you have behind the router can be isolated on it's own VLAN and
> have it's own firewall rules controlling ingress/egress.
>
> This diagram might explain it a bit better:
>
> https://cwiki.apache.org/confluence/download/attachments/30747129/image001.png?version=1&modificationDate=1357237708000
>
> Best regards,
> David Comerford
> ------------------------
> Tel: +353 87 1238295
> Email: davestyle@gmail.com
> Website: http://dave.ie
> GPG key: http://gpg.dave.ie
>
>
> On 6 August 2013 23:59, Bradley Hieber <mercsniper@gmail.com> wrote:
>
> > How would I force the traffic to go through the DMZ? Would I set a small
> > LAN in the virtual router to point to a proxy address in the DMZ?
> > —
> > Sent from Mailbox for iPhone
> >
> > On Tue, Aug 6, 2013 at 6:58 PM, David Comerford <davestyle@gmail.com>
> > wrote:
> >
> > > VPC's are the way to go. Your diagram is a text book example.
> > >
> >
> http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/configure-vpc.html
> > > Best regards,
> > > David Comerford
> > > ------------------------
> > > Tel: +353 87 1238295
> > > Email: davestyle@gmail.com
> > > Website: http://dave.ie
> > > GPG key: http://gpg.dave.ie
> > > On 6 August 2013 14:36, Bradley Hieber <mercsniper@gmail.com> wrote:
> > >> It could very well be VPC's. The idea is we are planning on using 5-6
> > hosts
> > >> in this environment. So designing the solution to fit this hardware
> > >> requirement is critical.
> > >>
> > >>
> > >> On Tue, Aug 6, 2013 at 9:29 AM, Murali Reddy <Murali.Reddy@citrix.com
> > >> >wrote:
> > >>
> > >> >
> > >> > Can 'hosting zones' represented in diagram can be contained into a
> > >> > CloudStack zone? If so you can dedicated set of hosts to be in the
> > DMZ.
> > >> > Then you can leverage 'host tags' [1] functionality to place VM's
> > >> > providing edge services (CloudStack system VM's or user VM's) on the
> > >> hosts
> > >> > dedicated in DMZ.
> > >> >
> > >> > [1]
> > https://cwiki.apache.org/CLOUDSTACK/host-tags-and-storage-tags.html
> > >> >
> > >> > On 05/08/13 11:28 PM, "Bradley Hieber" <mercsniper@gmail.com>
> wrote:
> > >> >
> > >> > >The goal is to have a virtualized dmz area where we can place
> public
> > >> > >facing
> > >> > >webservers, and other software based firewalls to protect the
> > different
> > >> > >virtualization areas. Each of the virtualization areas will host
> > >> different
> > >> > >environments for clients to utilize.
> > >> > >
> > >> > >
> > >> > >On Mon, Aug 5, 2013 at 1:55 PM, Chip Childers
> > >> > ><chip.childers@sungard.com>wrote:
> > >> > >
> > >> > >> Can you explain a bit more about what your diagram implies?
 That
> > >> might
> > >> > >> help us help you.
> > >> > >>
> > >> > >>
> > >> > >> On Mon, Aug 5, 2013 at 10:24 AM, Bradley Hieber <
> > mercsniper@gmail.com
> > >> > >> >wrote:
> > >> > >>
> > >> > >> > Is it possible to create this type of architecture with
> > cloudstack?
> > >> > >>Any
> > >> > >> > design ideas you can provide?
> > >> > >> >
> > >> > >> > http://img850.imageshack.us/img850/7940/lnzp.jpg
> > >> > >> >
> > >> > >> > --
> > >> > >> > Brad
> > >> > >> >
> > >> > >>
> > >> > >
> > >> > >
> > >> > >
> > >> > >--
> > >> > >Brad
> > >> > >
> > >> >
> > >> >
> > >> >
> > >>
> > >>
> > >> --
> > >> Brad
> > >>
> >
>



-- 
Brad

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message