cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Peterson <jpeter...@acentek.net>
Subject RE: Advanced networking CloudStack 4.3
Date Fri, 03 Oct 2014 21:05:55 GMT
So to break down the infrastructure.

My hosts have 4 NIC's but are using 3.

eth0 = 10 gig = Public VLAN - 205.x.x.x same subnet as where I want to deploy VM's with Public
traffic.
eth1 = 10 gig = primary storage connection to ISCSI with MPIO this has multiple VLAN's coming
into it on a bridge interface from the 5596t so I have eth1.830 and eth1.831 expanded to eth1.832
and eth1.833 when I get the extra 10gig connections to my san's.
eth2 = 1 gig = management VLAN - 10.81.0.x where each of my following servers are connected
to each other .3 is my management server .4 is my SQL server .5 is my first host .6 is my
second host expanding .7 and .8 as the next two hosts once we migrate from SolusVM to CloudStack.
eth3 = 1 gig = not used if I need to break anything up and move it to this NIC let me know

I built eth0 and eth2 to have bridged interfaces 
Eth0 bridges to cloudbr0 
Eth2 bridges to cloudbr2

I was under the assumption that the "Storage" was used for all storage not just assigned for
secondary storage.  I guess I blanked that the hosts already have connectivity to the CLVM's
and that CloudStack doesn't need to know that traffic.

I will go through my CloudStack deployment again and see what these changes and better understanding
does for me.

Thank for the explanation.  BTW thanks for the youtube video it helps.

Jeremy

-----Original Message-----
From: Geoff Higginbottom [mailto:geoff.higginbottom@shapeblue.com] 
Sent: Friday, October 3, 2014 1:32 AM
To: users@cloudstack.apache.org
Subject: RE: Advanced networking CloudStack 4.3

Morning Jeremy

Some more detail of your infrastructure would be helpful such as total number of NICs (I assume
you have two), whether your storage (on eth 1) is only Primary Storage and if so where your
Secondary Storage will be located (and which NIC will access it) etc

CloudStack maps its Physical Networks to a Bridge, and a Bridge is mapped to either a single
Interface or a Bond - see http://wiki.centos.org/TipsAndTricks/BondingInterfaces for more
info

Recommended Bonding Modes when LACP is not available on the switch stack are

  Mode1 for Management and Storage
  Mode 6 For Guest and Public

IF you want both Networks where the VMs are behind a Virtual Router, and you also want VMs
with a real Public IP directly connected to the Internet, then you want to use standard Advanced
Networking, and not Advanced with Security Groups.

System VMs recycling are a sign that when they are booting they cannot communicate with either
the Management Server or the 'Internal' DNS Servers or they cannot PING the Public Gateway.
 This is often caused by the KVM Traffic Labels not being set to the appropriate Bridge Name
for each type of CloudStack Traffic (Management, Guest and Public).  Note the CloudStack 'Storage'
is optional, and only really required if you have a NIC (or pair of NICs bonded) which you
want to use specifically for Secondary Storage Traffic, otherwise the SSVM will simply use
its Management Interface to access the NFS Sec Storage.

It looks like you have the following NIC Allocations

eth 0 - Public
eth 1 - Management
eth 2 - Primary Storage

Therefore you need to create Bridge for each one such as eth 0 = cloudbr0, eth 1 = cloudbr1
etc and when adding the Zone, set the traffic labels to

Management - cloudbr1
Guest - cloudbr0
Public - cloudbr0 (yes the same as public as the physical NIC will handle both) Storage -
Optional and probably not used if your NFS Storage is accessible from eth 1
Note:  You do not tell cloudstack which NIC to use for Primary Storage, your hypervisor works
this out based in the CIDR of the Primary Storage

You will then create 'Isolated' networks for VMs to sit behind a Virtual Router, and Shared
Networks with an IP schema in the available Public IP range for VMs requiring direct Internet
Public IPs etc

Check out these links for more info

http://www.youtube.com/watch?v=wzEZomU4FrM
http://www.slideshare.net/ShapeBlue/introduction-to-cloudstack-43-networking
http://shapeblue.com/cloudstack/understanding-cloudstacks-physical-networking-architecture/
http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/


Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Jeremy Peterson [mailto:jpeterson@acentek.net]
Sent: 02 October 2014 22:16
To: users@cloudstack.apache.org
Subject: Advanced networking CloudStack 4.3

Good afternoon all or morning depending where you are,

Truly looking for some help.  This question has probably been asked a hundred times but I
cannot find a good resource for it.

I am looking to deploy CloudStack using KVM on centos 6.5 using ISCSI multipath hence the
reason for CLVM.  I want advanced networking because I've using CLVM as primary storage. I
want to offer virtual routers with public IP's and be able to deploy VM's with a public IP
directly attached.  If that's not possible that's ok.

When I deploy advanced networking do I choose security groups or not?

Now I've done it both ways and had issues with each.  If there is a good way to do it let
me know because I can't find it.

My SSVM and console VM's have recycled 100's of times.

I've had issues where my SSVM is trying to bridge on eth2 where eth2 is my management NIC
on the hypervisor.

Currently I sit at a clean install of cloudstack-management and my cloudstack-agent is stopped
on my two kvm hosts.

My storage is on eth1 and public is on cloudbr0 which is bridged off eth0.


Jeremy Peterson

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
registered by The Republic of South Africa and is traded under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.
Mime
View raw message