cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <...@li.nux.ro>
Subject Re: Advanced network configuration
Date Sun, 28 Feb 2016 13:15:46 GMT
Here's the readable version, so others waste less time on this.
Mate you really need to learn how to format emails, if you expect any kind of positive response.

======
Hi all,

I've decided to go with the advanced network. I have some questions:

1. Should the HV management interface be on a public IP or is it sufficient to have it on
the private management network?
2. I have 2 NICs on each HV to be split between Public, Guest & Management traffic (Storage
traffic has its own 10GbE switch). 

Should I split them as:
a. 2 NICs connected to a L3 switch with trunked ports for P,G&M VLANs or
b. 1 NIC connected to a L3 switch for P&M VLANs and 1 NIC to a L2 switch with only G VLANs
3. Is it advisible to mix Dell (Cisco style bulk VLAN trunking) switches with HP switches
(HP style tagging each individual VLAN to ports)
4. This article suggests a separate switch for the management server farm. 

Can I place the management server directly on the zone level L3 switch? Same for the secondary
storage server.
 
Should the hardware firewall be in front of the management server or in front of the zone
level L3 switch?
http://servermanagement24x7.com/wp-content/jk27/2013/07/Cloudstack-Networking-in-a-Zone.png5

What VLANs should each machine have access to?

Thanks!

Josh
======

And now some answers:

1. Management can be private, though it might need some sort of NAT for certain things. For
example I think the management server probes template/iso URLs when you add them, so it needs
to be able to reach them.

2. I would keep management completely separate, if you end up having high traffic (genuine
or attacks) on Public or Guest nets, then management server might not be able to reach the
HV for status checks in time and think it's down and start to do crazy things. I would add
another NIC in the server for this purpose; if it's not possible then mix public and guest
on a single NIC - think of the impact on performance.

No reason comes to mind as to why you shouldn't be able to add management and secondary storage
zone wide; but I think at this point in time only KVM supports zone-wide sec storage, so depends
which HV you are using.

HTH



--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
> From: "Josh Davis" <cloudstackhelp@outlook.com>
> To: users@cloudstack.apache.org
> Sent: Sunday, 28 February, 2016 12:21:50
> Subject: Advanced network configuration

> Hi all,
> I've decided to go with the advanced network. I have some questions:
> 1. Should the HV management interface be on a public IP or is it sufficient to
> have it on the private management network?2. I have 2 NICs on each HV to be
> split between Public, Guest & Management traffic (Storage traffic has its own
> 10GbE switch). Should I split them as:a. 2 NICs connected to a L3 switch with
> trunked ports for P,G&M VLANs orb. 1 NIC connected to a L3 switch for P&M VLANs
> and 1 NIC to a L2 switch with only G VLANs3. Is it advisible to mix Dell (Cisco
> style bulk VLAN trunking) switches with HP switches (HP style tagging each
> individual VLAN to ports)4. This article suggests a separate switch for the
> management server farm. Can I place the management server directly on the zone
> level L3 switch? Same for the secondary storage server. Should the hardware
> firewall be in front of the management server or in front of the zone level L3
> switch?http://servermanagement24x7.com/wp-content/jk27/2013/07/Cloudstack-Networking-in-a-Zone.png5.
> What VLANs should each machine have access to?
> Thanks!Josh

Mime
View raw message