cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Higginbottom <geoff.higginbot...@shapeblue.com>
Subject RE: Some network offerings missing after creating them
Date Wed, 11 Sep 2013 19:10:20 GMT
Hi Nick,

Glad to hear you got it all sorted

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Nick Burke [mailto:nick@nickburke.com]
Sent: 06 September 2013 07:49
To: users@cloudstack.apache.org
Subject: Re: Some network offerings missing after creating them

Hi Geoff,

Mission successful! Thanks for all the help!


On Thu, Sep 5, 2013 at 10:10 AM, Geoff Higginbottom < geoff.higginbottom@shapeblue.com>
wrote:

> Yes, just use CloudMonkey to create the networks, and then use it to
> deploy the VMs.
>
> CloudMonkey is a really cool tool, and once you master it, you will
> find you rarely use the GUI.
>
> We do large scale deployments and we only look at the GUI at the end,
> we do it all from Scripts.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 05 September 2013 12:35
> To: users@cloudstack.apache.org
> Subject: Re: Some network offerings missing after creating them
>
> Whoa. You mean it's not entirely my fault? :-)
>
> I should be able to use cloudmonkey to get around this bug, right?
>
> Thanks again for all your help!
>
>
> On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com> wrote:
>
> > Sorry just looked at screen shot and you do appear to running an
> > advanced zone.
> >
> > There have been a few GUI bugs creep in with 4.1.1 in relation to
> > networking, this looks like another I have not seen reported so
> > please raise it as an issue.
> >
> > CloudMonkey provides an easier way to use the API so yes you can
> > just use CloudMonkey
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om>
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om>>
> > wrote:
> >
> > Nick,
> >
> > Are you using an Advanced or Basic Zone?
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com> | www.shapeblue.com<
> > http://www.shapeblue.com>
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com>> wrote:
> >
> > Hi Geoff,
> >
> > Thanks again for your reply and patience. I'm relieved to hear it's
> > possible with a little elbow grease!
> >
> > I have no problem starting again what-so-ever with anything. This is
> > preproduction. I've been doing regular 'drop database cloud's so
> > anything dangerous can easily be done.
> >
> > I think a large part of my problem is there is no "add guest network"
> > in Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ).
> > There are no "right click" options either. I'm running version
> > 4.1.1, if there is some kind of version thing happening here.
> >
> >
> > Regarding API, can I use cloudmonkey or do I have to start doing
> > research into the API calls?
> >
> >
> > On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>> wrote:
> >
> > Hi Nick
> >
> > What you are trying to do is achievable, but you need to start
> > again, as once you have created a network which has taken its VLAN
> > from the Default Guest VLAN range you cannot change the network
> > Offering to one which has the 'Specify VLAN' option set.
> >
> > Fortunately you can create the new networks you need using the
> > correct Network Offerings, then use the 'addNicToVirtualMachine' and
> > 'removeNicFromVirtualMachine' API commands to add the new Networks
> > to the VM, and remove the old ones.
> >
> >
> >
> > I would create two network offerings, I'll call them 'External' and
> > 'Internal'
> >
> > 'External' should not have any 'Services' as it does not need them,
> > that way no VR will be created for this Network. Assign a 'Name'&
> > 'Description', and check the 'Specify VLAN' option as you want to
> > manually set the VLAN ID so it can connect to your external physical
> > Router.  You do not need the 'Persistent' feature as there will be no VR.
> >
> > 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> > services enabled, all set to 'Virtual Router' You don't need the
> > 'Persistent' option as this simply keeps the VR running when you
> > have no VMs, and as you want to run a 'Intrusion Detection' VM you
> > will always have one running, and the VLAN is persistent even if do
> > shut all VMs down, as you used the 'Specify VLAN' option.
> >
> > To actually create the networks you cannot use the main 'Network'
> > tab, you must navigate to:
> >
> > Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab
> >
> > Then click 'Add Guest Network' and set the 'scope' to account, you
> > will now see the two new Network Offerings listed (as long as you
> enabled them).
> > Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> > set to the IP of the Physical Router connected to the Internet.  Set
> > the 'Guest Start IP' and 'Guest End IP' range so that it spans the
> > IP you want to allocate to the External interface of your VM.
> > Although you will be setting the IP on the VM manually, and even
> > though we did not assign the DHCP service to this Network,
> > CloudStack will still allocate an IP to this VM and this will appear
> > in the GUI.  To keep things neat I always use the API to allocate
> > the IP of the VM when I create it so that the CloudStack allocated
> > IP and my manually configured
> IP are the same.
> >
> > Repeat the process to create your 'Internal' network, setting the
> > 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to
> > allocate to the Internal Interface of your Intrusion Detection VM,
> > and setting 'Guest Start IP' and 'Guest End IP', ensuring they do
> > not overlap the
> Guest Gateway.
> > Note that the VR which gets created to handle the DHCP and DNS will
> > be allocated the 1st IP from the Guest Range.
> >
> > Now create your Intrusion Detection VM using the API and not the GUI
> > so you can specify the IPs for the External and Internal Interfaces,
> > and set the External as the Default.  Once created, you can add
> > additional VMs onto the Internal Network, and they will use the
> > 'Intrusion Detection VM' as their Gateway.
> >
> > Note that the VLANs you use for the External and Internal networks
> > must be outside of the default Guest VLAN Range.
> >
> > Regards
> >
> > Geoff Higginbottom
> >
> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>
> >
> > -----Original Message-----
> > From: Nick Burke [mailto:nick@nickburke.com]
> > Sent: 04 September 2013 18:56
> > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> > ><mailto:users@cloudstack.apache.org>
> > Subject: Re: Some network offerings missing after creating them
> >
> > Hello Geoff,
> >
> > Thank you for replying!
> >
> > I went there and tried to change it to the service offering I
> > wanted, but once again the only one available is
> > DefaultIsolatedNetworkOfferingWithSourceNatService. There is no
> > associated VM's with this network. I can't add anything on that
> > scree
> >
> > Here is a screenshot: http://imgur.com/ljrVYgP
> >
> >
> > I think I'm missing something dreadfully obvious or I'm not being
> > clear on what I'm trying to accomplish... or both! :-)
> >
> >
> > Here is my end goal:
> >
> > IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing)
> > -> Intrusion Prevention System (aka, a cloudstack VMserver running
> > linux)
> > ->
> > VLAN200  public/static 4.3.3.3/24
> >
> >
> > Both virtual nics are public IP addresses. One side is on one vlan,
> > the other side is on a different one. All traffic routed from the
> > internet must go through this virtual machine to reach the target
> > 4.3.3.3/24 network and vice versa.
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>> wrote:
> >
> > Nick,
> >
> > You need to go to Infrastructure / Zone / Phys Networks / Guest
> > Networks etc to use this type of network offering.
> >
> > The Networks Tab only shows network offerings which have the 'Source NAT'
> > service enabled
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue
> > .c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com><mailto:
> > geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.c
> > | om
> > | >
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com><mailto:
> > nick@nickburke.com<mailto:nick@nickburke.com><mailto:nick@nickburke.
> > co
> > m>>>
> > wrote:
> >
> > Thank you for the reply!
> >
> > I am logged in through the GUI as the default admin user under the
> > ROOT domain. Just a quick clarification: I can see it under "Network
> > Offerings", but I can't actually use it/see it when I try to deploy
> > an instance and/or when creating a network.
> >
> > According to cloudmonkey, it's enabled (this is the default system
> > created one I'd like to use);
> >
> > CLOUD> list networkofferings
> > count = 8
> > networkoffering:
> > name = DefaultIsolatedNetworkOffering id =
> > 14b2f56b-b941-4495-a9e6-377a756bee70
> > availability = Optional
> > conservemode = True
> > displaytext = Offering for Isolated networks with no Source Nat
> > service forvpc = False guestiptype = Isolated isdefault = True
> > ispersistent = False networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > == ========== serviceofferingid =
> > d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> > This is the one I created myself:
> >
> > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> > count = 1
> > networkoffering:
> > name = test
> > id = e00234b0-9252-4541-9f82-7d575b8b131e
> > availability = Optional
> > conservemode = False
> > displaytext = test
> > forvpc = False
> > guestiptype = Isolated
> > isdefault = False
> > ispersistent = True
> > networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > ==
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ====================================================================
> > == ========== serviceofferingid =
> > d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> > Chiradeep.Vittal@citrix.com<mailto:Chiradeep.Vittal@citrix.com><mailto:
> > Chiradeep.Vittal@citrix.com><mailto:Chiradeep.Vittal@citrix.com>> wrote:
> >
> > If the offering has 'specify VLAN', then only the admin should be
> > able to see it.
> > You can also use cloudmonkey to verify the offerings.
> >
> >
> > On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com><mailto:
> > nick@nickburke.com<mailto:nick@nickburke.com><mailto:nick@nickburke.
> > co
> > m>>>
> > wrote:
> >
> > I've read the documents, but I can't seem to find anything about
> > this even after google searching.
> >
> > Here is what I'm trying to accomplish: I'd like to have an external
> > hardware router handle the routing for certain networks. It's on VLAN10.
> >
> > Here is what I'm seeing: Only one network offering is showing up
> > under "network offering" in create a network and for instances. It is "
> > DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> > I've tried creating a new network offering with specify vlan and
> > specify IP addresses, but it doesn't seem to ever show up to be used.
> > Additionally, there is a system created one that looks like it could
> > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> > If I create a network offering with the exact same options as as
> > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> > and can be used.
> >
> >
> > I'm in advanced networking mode for the zone, and as far as I can
> > tell everything is working well as expected.
> >
> > Does anyone have any place they can point me to for this or offer
> > some advice as to why at least the system
> > DefaultIsolatedNetworkOffering can't be used?
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens*
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under
license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under
license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for
> > the use of the individual to whom it is addressed. Any views or
> > opinions expressed are solely those of the author and do not
> > necessarily represent those of Shape Blue Ltd or related companies.
> > If you are not the intended recipient of this email, you must
> > neither take any action based upon its contents, nor copy or show it
> > to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is operated under
license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> > This email and any attachments to it may be confidential and are
> > intended solely for the use of the individual to whom it is addressed.
> > Any views or opinions expressed are solely those of the author and
> > do not necessarily represent those of Shape Blue Ltd or related
> > companies. If you are not the intended recipient of this email, you
> > must neither take any action based upon its contents, nor copy or
> > show it to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company
> > incorporated in England & Wales. ShapeBlue Services India LLP is
> > operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
> >
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens* This email and any
> attachments to it may be confidential and are intended solely for the
> use of the individual to whom it is addressed. Any views or opinions
> expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not
> the intended recipient of this email, you must neither take any action
> based upon its contents, nor copy or show it to anyone. Please contact
> the sender if you believe you have received this email in error. Shape
> Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is operated under license from Shape Blue Ltd.
> ShapeBlue is a registered trademark.
>



--
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*
This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue
is a registered trademark.

Mime
View raw message