cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex McWhirter <alexmcwhir...@triadic.us>
Subject Re: Wrapping my mind around networking...
Date Thu, 28 May 2015 22:04:59 GMT
So in other words, the public network can be any network that has 
internet access? I doesn't necessarily have to provide public ip 
adddress, but at least IP addresses that are routable to the internet?

On 05/28/2015 05:35 PM, Erik Weber wrote:
> On Thu, May 28, 2015 at 11:21 PM, Alex McWhirter <alexmcwhirter@triadic.us>
> wrote:
>> On 05/28/2015 05:16 PM, Erik Weber wrote:
>>
>>> On Thu, May 28, 2015 at 11:11 PM, Alex McWhirter <
>>> alexmcwhirter@triadic.us>
>>> wrote:
>>>
>>>   I'm working on a private cloud using cloudstack and im stuck on which
>>>> networking topology i should chose. Our network is segregated by VLANS
>>>> and
>>>> each department has it's own VLAN. I want to add each department into
>>>> CloudStack as a project and then add users into each project. Each
>>>> project
>>>> should have it's own VLAN.
>>>>
>>>> So the KVM hosts have two physical NIC's. One dedicated purely for NFS
>>>> and
>>>> the other for the rest of the networking.
>>>>
>>>> eth0 - General networking, VLAN trunk enabled
>>>>
>>>> eth1 - NFS, no VLAN trunking enabled.
>>>>
>>>> In the Basic mode i should be able to setup a single physical network
>>>> with
>>>> management labeled to eth0, storage labeled to eth1, and guest labeled to
>>>> br0 (which is attached to eth0).
>>>>
>>>> But in this scenario how can i tell each project to tag it's guests
>>>> traffic to a different VLAN?
>>>>
>>>> Advanced mode seems way to complex for what i want to do. I don't need a
>>>> public network. We have a hardware gateway for that. I don’t need any
>>>> virtual routers or anything like that as well. I just need a guest to
>>>> boot
>>>> tagged to a specific VLAN and the gateway should handle the DHCP and
>>>> routing.
>>>>
>>>>
>>> Basic network doesn't support multiple isolated networks (AFAIK).
>>>
>>> You would probably want to check out shared networks in advanced mode,
>>> that'll let you use your hardware router etc.
>>> I think you still need to provide a small public range for system vms and
>>> such, but your tenants won't have to use that, they can rely on shared
>>> networks.
>>>
>>>   Do i have the wrong idea on what the public network is? Im taking public
>> as in actual public IP space on the internet?
>>
>> Or is it something different like the network the management server uses
>> to talk to the KVM hosts?
>>
> Just to clarify why there is a distinct public network - not all
> companies/organizations/whatever allow internet access from (all) their
> networks.
> This way we're able to ensure that those VMs who needs it, usually system
> vms and routers, have internet access, while things like management and
> storage networks doesn't require that access.
>


Mime
View raw message