cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Burke <n...@nickburke.com>
Subject Re: Some network offerings missing after creating them
Date Fri, 06 Sep 2013 06:48:40 GMT
Hi Geoff,

Mission successful! Thanks for all the help!


On Thu, Sep 5, 2013 at 10:10 AM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Yes, just use CloudMonkey to create the networks, and then use it to
> deploy the VMs.
>
> CloudMonkey is a really cool tool, and once you master it, you will find
> you rarely use the GUI.
>
> We do large scale deployments and we only look at the GUI at the end, we
> do it all from Scripts.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Nick Burke [mailto:nick@nickburke.com]
> Sent: 05 September 2013 12:35
> To: users@cloudstack.apache.org
> Subject: Re: Some network offerings missing after creating them
>
> Whoa. You mean it's not entirely my fault? :-)
>
> I should be able to use cloudmonkey to get around this bug, right?
>
> Thanks again for all your help!
>
>
> On Thu, Sep 5, 2013 at 4:27 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com> wrote:
>
> > Sorry just looked at screen shot and you do appear to running an
> > advanced zone.
> >
> > There have been a few GUI bugs creep in with 4.1.1 in relation to
> > networking, this looks like another I have not seen reported so please
> > raise it as an issue.
> >
> > CloudMonkey provides an easier way to use the API so yes you can just
> > use CloudMonkey
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 07:24, "Geoff Higginbottom" <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om>>
> > wrote:
> >
> > Nick,
> >
> > Are you using an Advanced or Basic Zone?
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com> | www.shapeblue.com<
> > http://www.shapeblue.com>
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 5 Sep 2013, at 01:57, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com>> wrote:
> >
> > Hi Geoff,
> >
> > Thanks again for your reply and patience. I'm relieved to hear it's
> > possible with a little elbow grease!
> >
> > I have no problem starting again what-so-ever with anything. This is
> > preproduction. I've been doing regular 'drop database cloud's so
> > anything dangerous can easily be done.
> >
> > I think a large part of my problem is there is no "add guest network"
> > in Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab. (See screen shot:  http://i.imgur.com/fOtttgD.png ).
> > There are no "right click" options either. I'm running version  4.1.1,
> > if there is some kind of version thing happening here.
> >
> >
> > Regarding API, can I use cloudmonkey or do I have to start doing
> > research into the API calls?
> >
> >
> > On Wed, Sep 4, 2013 at 6:18 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>> wrote:
> >
> > Hi Nick
> >
> > What you are trying to do is achievable, but you need to start again,
> > as once you have created a network which has taken its VLAN from the
> > Default Guest VLAN range you cannot change the network Offering to one
> > which has the 'Specify VLAN' option set.
> >
> > Fortunately you can create the new networks you need using the correct
> > Network Offerings, then use the 'addNicToVirtualMachine' and
> > 'removeNicFromVirtualMachine' API commands to add the new Networks to
> > the VM, and remove the old ones.
> >
> >
> >
> > I would create two network offerings, I'll call them 'External' and
> > 'Internal'
> >
> > 'External' should not have any 'Services' as it does not need them,
> > that way no VR will be created for this Network. Assign a 'Name'&
> > 'Description', and check the 'Specify VLAN' option as you want to
> > manually set the VLAN ID so it can connect to your external physical
> > Router.  You do not need the 'Persistent' feature as there will be no VR.
> >
> > 'Internal' should have 'Specify VLAN' checked and 'DHCP' and 'DNS'
> > services enabled, all set to 'Virtual Router' You don't need the
> > 'Persistent' option as this simply keeps the VR running when you have
> > no VMs, and as you want to run a 'Intrusion Detection' VM you will
> > always have one running, and the VLAN is persistent even if do shut
> > all VMs down, as you used the 'Specify VLAN' option.
> >
> > To actually create the networks you cannot use the main 'Network' tab,
> > you must navigate to:
> >
> > Infrastructure / Zones / your-zone-name / Physical Network Tab /
> > your-network-name (the one with Guest Traffic) / Guest-Configure /
> > Network Tab
> >
> > Then click 'Add Guest Network' and set the 'scope' to account, you
> > will now see the two new Network Offerings listed (as long as you
> enabled them).
> > Create the 'External' Network with 'VLAN ID' of 200 and 'Guest Gateway'
> > set to the IP of the Physical Router connected to the Internet.  Set
> > the 'Guest Start IP' and 'Guest End IP' range so that it spans the IP
> > you want to allocate to the External interface of your VM.  Although
> > you will be setting the IP on the VM manually, and even though we did
> > not assign the DHCP service to this Network, CloudStack will still
> > allocate an IP to this VM and this will appear in the GUI.  To keep
> > things neat I always use the API to allocate the IP of the VM when I
> > create it so that the CloudStack allocated IP and my manually configured
> IP are the same.
> >
> > Repeat the process to create your 'Internal' network, setting the
> > 'VLAN ID' to 100, the 'Guest Gateway' to the IP you intend to allocate
> > to the Internal Interface of your Intrusion Detection VM, and setting
> > 'Guest Start IP' and 'Guest End IP', ensuring they do not overlap the
> Guest Gateway.
> > Note that the VR which gets created to handle the DHCP and DNS will be
> > allocated the 1st IP from the Guest Range.
> >
> > Now create your Intrusion Detection VM using the API and not the GUI
> > so you can specify the IPs for the External and Internal Interfaces,
> > and set the External as the Default.  Once created, you can add
> > additional VMs onto the Internal Network, and they will use the
> > 'Intrusion Detection VM' as their Gateway.
> >
> > Note that the VLANs you use for the External and Internal networks
> > must be outside of the default Guest VLAN Range.
> >
> > Regards
> >
> > Geoff Higginbottom
> >
> > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>
> >
> > -----Original Message-----
> > From: Nick Burke [mailto:nick@nickburke.com]
> > Sent: 04 September 2013 18:56
> > To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org
> > ><mailto:users@cloudstack.apache.org>
> > Subject: Re: Some network offerings missing after creating them
> >
> > Hello Geoff,
> >
> > Thank you for replying!
> >
> > I went there and tried to change it to the service offering I wanted,
> > but once again the only one available is
> > DefaultIsolatedNetworkOfferingWithSourceNatService. There is no
> > associated VM's with this network. I can't add anything on that scree
> >
> > Here is a screenshot: http://imgur.com/ljrVYgP
> >
> >
> > I think I'm missing something dreadfully obvious or I'm not being
> > clear on what I'm trying to accomplish... or both! :-)
> >
> >
> > Here is my end goal:
> >
> > IE: VLAN100 has a public/static IP of 4.2.2.2/24 (internet facing) ->
> > Intrusion Prevention System (aka, a cloudstack VMserver running linux)
> > ->
> > VLAN200  public/static 4.3.3.3/24
> >
> >
> > Both virtual nics are public IP addresses. One side is on one vlan,
> > the other side is on a different one. All traffic routed from the
> > internet must go through this virtual machine to reach the target
> > 4.3.3.3/24 network and vice versa.
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 2:59 PM, Geoff Higginbottom <
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com>> wrote:
> >
> > Nick,
> >
> > You need to go to Infrastructure / Zone / Phys Networks / Guest
> > Networks etc to use this type of network offering.
> >
> > The Networks Tab only shows network offerings which have the 'Source NAT'
> > service enabled
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> > +442036030540> | M: +447968161581<tel:+447968161581>
> >
> > geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.c
> > om
> > ><mailto:geoff.higginbottom@shapeblue.com><mailto:
> > geoff.higginbottom@shapeblue.c
> > om>
> > | www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com
> > | >
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 4 Sep 2013, at 17:53, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com><mailto:
> > nick@nickburke.com<mailto:nick@nickburke.com><mailto:nick@nickburke.co
> > m>>>
> > wrote:
> >
> > Thank you for the reply!
> >
> > I am logged in through the GUI as the default admin user under the
> > ROOT domain. Just a quick clarification: I can see it under "Network
> > Offerings", but I can't actually use it/see it when I try to deploy an
> > instance and/or when creating a network.
> >
> > According to cloudmonkey, it's enabled (this is the default system
> > created one I'd like to use);
> >
> > CLOUD> list networkofferings
> > count = 8
> > networkoffering:
> > name = DefaultIsolatedNetworkOffering
> > id = 14b2f56b-b941-4495-a9e6-377a756bee70
> > availability = Optional
> > conservemode = True
> > displaytext = Offering for Isolated networks with no Source Nat
> > service forvpc = False guestiptype = Isolated isdefault = True
> > ispersistent = False networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> > This is the one I created myself:
> >
> > CLOUD> list networkofferings id="e00234b0-9252-4541-9f82-7d575b8b131e"
> > count = 1
> > networkoffering:
> > name = test
> > id = e00234b0-9252-4541-9f82-7d575b8b131e
> > availability = Optional
> > conservemode = False
> > displaytext = test
> > forvpc = False
> > guestiptype = Isolated
> > isdefault = False
> > ispersistent = True
> > networkrate = 200
> > service:
> > name = Dhcp
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = UserData
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ==========
> > name = Dns
> > provider:
> > name = VirtualRouter
> >
> > ======================================================================
> > ========== serviceofferingid = d430a7fc-e294-4940-bd32-bb57a9caff3e
> > specifyipranges = True
> > specifyvlan = True
> > state = Enabled
> > traffictype = Guest
> >
> >
> >
> >
> > On Wed, Sep 4, 2013 at 1:48 PM, Chiradeep Vittal <
> > Chiradeep.Vittal@citrix.com<mailto:Chiradeep.Vittal@citrix.com><mailto:
> > Chiradeep.Vittal@citrix.com><mailto:Chiradeep.Vittal@citrix.com>> wrote:
> >
> > If the offering has 'specify VLAN', then only the admin should be able
> > to see it.
> > You can also use cloudmonkey to verify the offerings.
> >
> >
> > On 9/4/13 12:00 PM, "Nick Burke" <nick@nickburke.com<mailto:
> > nick@nickburke.com><mailto:nick@nickburke.com><mailto:
> > nick@nickburke.com<mailto:nick@nickburke.com><mailto:nick@nickburke.co
> > m>>>
> > wrote:
> >
> > I've read the documents, but I can't seem to find anything about this
> > even after google searching.
> >
> > Here is what I'm trying to accomplish: I'd like to have an external
> > hardware router handle the routing for certain networks. It's on VLAN10.
> >
> > Here is what I'm seeing: Only one network offering is showing up under
> > "network offering" in create a network and for instances. It is "
> > DefaultIsolatedNetworkOfferingWithSourceNatService"
> >
> >
> > I've tried creating a new network offering with specify vlan and
> > specify IP addresses, but it doesn't seem to ever show up to be used.
> > Additionally, there is a system created one that looks like it could
> > do it, "DefaultIsolatedNetworkOffering" but it too doesn't show up.
> >
> > If I create a network offering with the exact same options as as
> > DefaultIsolatedNetworkOfferingWithSourceNatService, it does show up
> > and can be used.
> >
> >
> > I'm in advanced networking mode for the zone, and as far as I can tell
> > everything is working well as expected.
> >
> > Does anyone have any place they can point me to for this or offer some
> > advice as to why at least the system DefaultIsolatedNetworkOffering
> > can't be used?
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens*
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> >
> >
> >
> >
> > --
> > Nick
> >
> > *'What is a human being, then?'
> > 'A seed'
> > 'A... seed?'
> > 'An acorn that is unafraid to destroy itself in growing into a tree.'
> > -David Zindell, A Requiem for Homo Sapiens* This email and any
> > attachments to it may be confidential and are intended solely for the
> > use of the individual to whom it is addressed. Any views or opinions
> > expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> > the intended recipient of this email, you must neither take any action
> > based upon its contents, nor copy or show it to anyone. Please contact
> > the sender if you believe you have received this email in error. Shape
> > Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> > Services India LLP is operated under license from Shape Blue Ltd.
> > ShapeBlue is a registered trademark.
> > This email and any attachments to it may be confidential and are
> > intended solely for the use of the individual to whom it is addressed.
> > Any views or opinions expressed are solely those of the author and do
> > not necessarily represent those of Shape Blue Ltd or related
> > companies. If you are not the intended recipient of this email, you
> > must neither take any action based upon its contents, nor copy or show
> > it to anyone. Please contact the sender if you believe you have
> > received this email in error. Shape Blue Ltd is a company incorporated
> > in England & Wales. ShapeBlue Services India LLP is operated under
> > license from Shape Blue Ltd. ShapeBlue is a registered trademark.
> >
>
>
>
> --
> Nick
>
> *'What is a human being, then?'
> 'A seed'
> 'A... seed?'
> 'An acorn that is unafraid to destroy itself in growing into a tree.'
> -David Zindell, A Requiem for Homo Sapiens*
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>



-- 
Nick

*'What is a human being, then?'
'A seed'
'A... seed?'
'An acorn that is unafraid to destroy itself in growing into a tree.'
-David Zindell, A Requiem for Homo Sapiens*

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message