cs 4.2.1 vm vmware wrong volume type thin and NOT thick
Hello, we use CS 4.2.1 with vmware 5.1. We create vm templates with disk thick lazy . If we deploy a vm from template, it is created with logic parallel controller and thin disk. If we deploy a vm manually directly from vcenter it was correctly deployed with thick lazy disk. Waiting for your reply Regards -- Supernova s.r.l. Via G. Misiticoni, 3 65126 - Pescara ITALY www.netsons.com Domenico De Monte CEO t. (+39) 085 45 100 52 m. (+39) 339 79 033 98 e. d.demo...@netsons.com Netsons® è un marchio registrato dalla Supernova s.r.l. Le informazioni trasmesse sono riservate alla persona o alla società indicata come destinatario, e possono includere contenuti considerati confidenziali. Ogni elaborazione, comunicazione, trasmissione o altro utilizzo, anche azioni conseguenti alla conoscenza di queste informazioni da parte di chiunque non sia espressamente indicato come destinatario è proibita. Nel caso abbiate ricevuto per errore questa comunicazione, siete pregati di darne avviso a info [at] netsons.com ed eliminare ogni stampa ed ogni traccia informatica. Il ricevente dovrà inoltre accertarsi che gli eventuali allegati non contengano virus prima di aprirli. Qualunque opinione o affermazione presentata in questo messaggio è da ritenersi propria dell'autore e non rappresenta necessariamente la posizione della Società. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact: info [at] netsons.com and delete the material from any computer. If this email contains attachments you should ensure they are checked for viruses before opening them. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company.
Re: Change of guest IP address
e VM a new 'temp' NIC on an alternate network 2. Set this new NIC to default 3. Remove original NIC 4. Assign a NIC on the original Network, but also set the required IP (hence using API and not UI) 5. Set this new NIC to default 6. Remove the temp NIC API commands required are addNicToVirtualMachine http://cloudstack.apache.org/docs/api/apidocs-4.2/root_admin/addNicToVirtualMachine.html updateDefaultNicForVirtualMachine http://cloudstack.apache.org/docs/api/apidocs-4.2/root_admin/updateDefaultNicForVirtualMachine.html removeNicFromVirtualMachine http://cloudstack.apache.org/docs/api/apidocs-4.2/root_admin/removeNicFromVirtualMachine.html Whilst there are 6 steps, a simple CloudMonkey Script could complete this process in around 30 secs Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com] Sent: 19 December 2013 11:27 To: users@cloudstack.apache.org Subject: Re: Change of guest IP address Hi, There is no other way to change the ip. If you want specific IP for the VM, you can get secondary ip in vm NICs page and configure it on the VM. Thanks, Jayapal On 19-Dec-2013, at 3:58 PM, Andrei Mikhailovsky and...@arhont.com wrote: Do you know if there is an easier way? Like via the api calls or the cloudmonkey command? Or is it currently the only way? - Original Message - From: "Jayapal Reddy Uradi" jayapalreddy.ur...@citrix.com To: "users@cloudstack.apache.org" users@cloudstack.apache.org Sent: Thursday, 19 December, 2013 9:25:05 AM Subject: Re: Change of guest IP address Hi, If your VM is in isolated network please do the following 1. edit the nics table ip4_address column for your instance_id to new ip. 2. login to the router corresponds to the network and replace old ip with new ip in below files. a. /var/lib/misc/dnsmasq.leases b. /etc/dhcphosts.txt 3. restart the dnsmasq in router (service dnsmasq restart) 4. Reboot the VM or restart the network service in Vm so that VM gets the new ip from the dhcp. Thanks, Jayapal On 19-Dec-2013, at 2:27 PM, Andrei Mikhailovsky and...@arhont.com wrote: Hello guys, Could some one tell me how to change the IP address of a guest vm? It has been assigned by default by dhcp router and I would like to change it. I know how to create a new vm with a specified IP address using cloudmonkey, but I couldn't find a way of changing the IP for the existing vm. Cheers Andrei This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. -- Supernova s.r.l. Via G. Misiticoni, 3 65126 - Pescara ITALY www.netsons.com Domenico De Monte CEO t. (+39) 085 45 100 52 m. (+39) 339 79 033 98 e. d.demo...@netsons.com Netsons® è un marchio registrato dalla Supernova s.r.l. Le informazioni trasmesse sono riservate alla persona o alla società indicata come destinatario, e possono includere contenuti considerati confidenziali. Ogni elaborazione, comunicazione, trasmissione o altro utilizzo, anche azioni conseguenti alla conoscenza di queste informazioni da parte di chiunque non sia espressamente indicato come destinatario è proibita. Nel caso abbiate ricevuto per errore questa comunicazione, siete pregati di darne avviso a info [at] netsons.com ed eliminare ogni stampa ed ogni traccia
Re: Pod VLAN
In my case i have to update also vlan table on CS database because after few minutes/hours, CS update again VMware port group to original vlan_id. Regards Il 19/12/2013 16:17, tawfiq zidi ha scritto: Hi , Well I found the Way to resolve this Problem :). You have to update vmware traffic label with the VLAN number. Thank you for Help. On Wed, Dec 18, 2013 at 3:03 PM, tawfiq zidi tawfiq.z...@gmail.com wrote: Thank you for Replying. I'm using Vmware Esxi 5.0 with vCenter in my installation. I see that each time a vRouter Create , a control port is Created as: cloud.private.untagged.0.1-vSwitch Is it possible to always tag this port with VLAN 20 ? On Sun, Dec 15, 2013 at 8:37 PM, Marty Sweet msweet@gmail.com wrote: Depending on the hypervisor (for example this would work with KVM), you could still tag management traffic down to each host, just manually setting up a network interface (ex. privatebr0) and set the 'KVM Traffic label' accordingly. Not sure how effective this would be with other hypervisors. Example networking on Ubuntu 12.04: == iface management0 inet manual bond-mode active-backup bond-miimon 100 bond-slaves none up /sbin/ifenslave management0 eth0 eth1 down /sbin/ifenslave -d management0 eth0 eth1 iface vlan20 inet manual vlan-raw-device management0 iface privatebr0 inet static bridge_ports vlan20 bridge_fd 0 bridge_stp off bridge_maxwait -1 address 172.16.0.12 netmask 255.255.255.0 == Marty On Sun, Dec 15, 2013 at 6:05 PM, Ahmad Emneina aemne...@gmail.com wrote: I believe the management range for a pod has to be untagged. It does seem like a legacy requirement at this point. You might want to file a feature enhancement ticket @ https://issues.apache.org/jira/secure/Dashboard.jspa On Sun, Dec 15, 2013 at 5:37 AM, tawfiq zidi tawfiq.z...@gmail.com wrote: Hi, Is it possible to tag a specific VLAN for a POD range ? *For example a want to tag a VLAN (20) for private addesses 172.16.0.0/24for POD1. The default installation always gives untagged VLAN. -- Supernova s.r.l. Via G. Misiticoni, 3 65126 - Pescara ITALY www.netsons.com Domenico De Monte CEO t. (+39) 085 45 100 52 m. (+39) 339 79 033 98 e. d.demo...@netsons.com Netsons un marchio registrato dalla Supernova s.r.l. Le informazioni trasmesse sono riservate alla persona o alla societ indicata come destinatario, e possono includere contenuti considerati confidenziali. Ogni elaborazione, comunicazione, trasmissione o altro utilizzo, anche azioni conseguenti alla conoscenza di queste informazioni da parte di chiunque non sia espressamente indicato come destinatario proibita. Nel caso abbiate ricevuto per errore questa comunicazione, siete pregati di darne avviso a info [at] netsons.com ed eliminare ogni stampa ed ogni traccia informatica. Il ricevente dovr inoltre accertarsi che gli eventuali allegati non contengano virus prima di aprirli. Qualunque opinione o affermazione presentata in questo messaggio da ritenersi propria dell'autore e non rappresenta necessariamente la posizione della Societ. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact: info [at] netsons.com and delete the material from any computer. If this email contains attachments you should ensure they are checked for viruses before opening them. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company.
Re: Change of guest IP address
We try to fix like this: 1) Destroy vm with NIC collected to QuickCloudNoService. Of course we will see expunging errors. 2) Change network_id in vm_instance mysql table to a guest network with associated a DHCP service. 3) Let CS destroy vm instance. 4) Update user_ip_address mysql table with following values based on IP address assigned to that vm: - state='Free' - account_id=NULL - domain_id=NULL Before doing this, we destroy a vm with a single NIC connected to a NetworkOffering with DHCP and we notice that just those 2 tables (vm_instance and user_ip_address ) where updated and were important for this operation ( also other tables likes async_job, async_job_view, nics, usage_event but i do not think they are important for this operation from what i can see and suppose ). Regards Il 19/12/2013 17:17, Andrei Mikhailovsky ha scritto: Ah, I see, so I am not going mad, it is actually a known issue )) Anyway, I should probably wait for 4.3 to be out as 4.2.1 is still utterly broken when it comes to S3 Secondary storage which is what i am after. Andrei - Original Message - From: "Andrija Panic" andrija.pa...@gmail.com To: users@cloudstack.apache.org Sent: Thursday, 19 December, 2013 3:24:19 PM Subject: Re: Change of guest IP address My "workarround" is to wait for 4.2.1, and have bunch of VMs that can not be deleted, just waisting my disk space... And yes, that is true, the logs you sent, I have that very issue. Bug here: https://issues.apache.org/jira/browse/CLOUDSTACK-4828 Andrija On 19 December 2013 16:14, Domenico De Monte d.demo...@netsons.com wrote: So if i understand correctly: if we create a vm with offering network WITHOUT dhcp ( like QuickCloudNoService ) and we want terminate it, we can not because there is a bug that NEED to remove dhcp service from virtual nic assigned to this network. If it's case, following log show exact error? 2013-12-19 16:08:01,332 DEBUG [cloud.vm.VirtualMachineManagerImpl] (UserVm-Scavenger-1:null) Stopped called on VM[User|Test01] but the state is Expunging 2013-12-19 16:08:01,339 DEBUG [cloud.capacity.CapacityManagerImpl] (UserVm-Scavenger-1:null) VM state transitted from :Expunging to Expunging with event: ExpungeOperationvm's original host id: null new host id: null host id before state transition: null 2013-12-19 16:08:01,339 DEBUG [cloud.vm.VirtualMachineManagerImpl] (UserVm-Scavenger-1:null) Destroying vm VM[User|Test01] 2013-12-19 16:08:01,339 DEBUG [cloud.vm.VirtualMachineManagerImpl] (UserVm-Scavenger-1:null) Cleaning up NICS 2013-12-19 16:08:01,341 DEBUG [cloud.network.NetworkManagerImpl] (UserVm-Scavenger-1:null) Cleaning network for vm: 8 2013-12-19 16:08:01,346 DEBUG [cloud.network.NetworkModelImpl] (UserVm-Scavenger-1:null) Service SecurityGroup is not supported in the network id=207 2013-12-19 16:08:01,349 WARN [cloud.vm.UserVmManagerImpl] (UserVm-Scavenger-1:null) Unable to expunge VM[User|Test01] com.cloud.exception.UnsupportedServiceException: Service Dhcp is not supported in the network id=207 at com.cloud.network.dao.NetworkServiceMapDaoImpl.getProviderForServiceInNetwork(NetworkServiceMapDaoImpl.java:127) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.network.NetworkManagerImpl.getDhcpServiceProvider(NetworkManagerImpl.java:3681) at com.cloud.network.NetworkManagerImpl.isDhcpAccrossMultipleSubnetsSupported(NetworkManagerImpl.java:2522) at com.cloud.network.NetworkManagerImpl.removeNic(NetworkManagerImpl.java:2507) at com.cloud.network.NetworkManagerImpl.cleanupNics(NetworkManagerImpl.java:2463) at com.cloud.vm.VirtualMachineManagerImpl.advanceExpunge(VirtualMachineManagerImpl.java:475) at com.cloud.vm.UserVmManagerImpl.expunge(UserVmManagerImpl.java:1600) at com.cloud.vm.UserVmManagerImpl$ExpungeTask.run(UserVmManagerImpl.java:1769) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351) at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:701) Which is a possible solution or workaround for this bug ? Waiting for your reply Regards Il 19/12/2013 15:40, Andrija Panic ha scritto:
Re: Password reset feature and User Data service
I do not see your specific case but, in my case, i notice many bugs in this release so: yes, i think it's one of UI bugs. Regards Il 12/12/2013 16:50, Andrija Panic ha scritto: No I have not, you think this is the UI bug ? Sent from Google Nexus 4 On Dec 12, 2013 4:49 PM, "Domenico De Monte" d.demo...@netsons.com wrote: Have you tried by api ? Regards Il 12/12/2013 16:46, Andrija Panic ha scritto: Anyone?, I'm desperate...lot of production VMs running, can't really experiment by stopping all of them... ? http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/index.html#change-network-offering-on-guest-network says I only need to stop VMs, if decide to use external device instead of CS VR (which is NOT the case with me). So, why don't I see the edit button on the shared network? (I DO see Edit button for isolated networks that are already in use...) ? Regards, Andrija On 10 December 2013 01:04, Andrija Panic andrija.pa...@gmail.com wrote: Any info on this one ? Do I need to stop ALL the VMs that are using this shared netowrk, in order to update it with new offering... ? On 5 December 2013 17:10, Andrija Panic andrija.pa...@gmail.com wrote: I should add:I can see the "edit" button on Isolated netowrks already deployed and in use buy some VMs...but have only 1 shred netowrk, and no edit button for it... On 5 December 2013 17:08, Andrija Panic andrija.pa...@gmail.com wrote: From the http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/index.html#change-network-offering-on-guest-network There should be the "edit" button on the network, but I dont see it, only the "restart" and "delete" netowrk buttons...This shared network is shared type, defined vlan ID, and has DNS/DHCP as the services provided by Virtual Router... Not sure why I don't see the edit button... On 5 December 2013 09:57, Andrija Panic andrija.pa...@gmail.com wrote: Thank you Sanjeev for inputs. Can you please confirm that updating network is possible only from API - I can not find it anywhere in GUI ? Also how should I handle VLAN assigment to this shared network - now vlan 500 is assigned...I suppose when updating the network (with the new networking template), that already deployed network should retain it's vlan and IP ranges, right ? Thank you very much... On 5 December 2013 06:15, Sanjeev Neelarapu sanjeev.neelar...@citrix.com wrote: Hi, Create another network offering with dhcp,dns and userdata service and undate the shared network with these offerings. While doing the network update choose not to change the network cidr. Thanks, Sanjeev -Original Message- From: Andrija Panic [mailto:andrija.pa...@gmail.com] Sent: Wednesday, December 04, 2013 3:31 PM To: users@cloudstack.apache.org Subject: Password reset feature and "User Data" service Hi, I have kind of problem and need advice please. I have 1 shared network for assigning public IP addresses to all VMs we create - with DHCP,DNS, and Virtual Router, as the services that are enabled in this networking tempalte. Now I want to enable "password management/reset" features, but I got error messages "user data" service is not enabled for my network id=212. So since modifications of Network tempalte is not possible, and the modification of the already deployed Network (id=212) is not possible is there a change to hack the database to include the "User Data" service as the service in both the netowrk template, and for the already used network (id=212) Any help would be really appriciated... Thanks, -- Andrija Panić -- Andrija Panić -- http://admintweets.com -- -- Andrija Panić -- http://admintweets.com -- -- Andrija Panić -- http://admintweets.com -- -- Andrija Panić -- http://admintweets.com -- --
start vm failed after taking vm snapshot
Hello, i configured CS 4.2 with a basic network zone and local disk. Configuration is one zone, one pod, one cluster, one host, one primary storage ( local ), one secondary storage ( nfs ). I am using VMware 5.1 If i create an instance everything works. If i take a VM snapshot, after stop and start vm i obtain same error discussed here: https://issues.apache.org/jira/browse/CLOUDSTACK-3234 On issues website it said it was fixed ( at least for advanced network ) but i still receive same error. VM does not start and on CS log i see following lines: 2013-12-05 17:48:04,372 INFO [cloud.vm.VirtualMachineManagerImpl] (Job-Executor-27:job-72 = [ 48e7c5c4-c2f0-4ea1-8e8e-045332c5f9db ]) Unable to start VM on Host[-4-Routing] due to StartCommand failed due to Exception: java.lang.RuntimeException Message: Invalid configuration for device '0'. If i delete VM snapshot everything works. Waiting for your reply Best regards
internal server error on CS 4.2 - can not delete guest network
Hello all. CS is 4.2 Once setup a zone with network basic with VMware 5.1, if i try to remove step by step zone, when i need to delete guestnetwork in order to delete physical network of zone i receive following internal server error: 2013-12-05 23:00:00,527 DEBUG [db.Transaction.Transaction] (Job-Executor-9:job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ]) Rolling back the transaction: Time = 3 Name = -AsyncJobManagerImpl$1.run:494-Executors$RunnableAdapter.call:471-FutureTask$Sync.innerRun:334-FutureTask.run:166-ThreadPoolExecutor.runWorker:1146-ThreadPoolExecutor$Worker.run:615-Thread.run:701; called by -Transaction.rollback:898-Transaction.removeUpTo:841-Transaction.close:665-TransactionContextBuilder.interceptException:63-ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept:133-NetworkManagerImpl.destroyNetwork:3131-ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept:125-NetworkServiceImpl.deleteNetwork:1767-ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept:125-DeleteNetworkCmd.execute:70-ApiDispatcher.dispatch:158-AsyncJobManagerImpl$1.run:531 2013-12-05 23:00:00,535 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ]) Unexpected exception while executing org.apache.cloudstack.api.command.user.network.DeleteNetworkCmd java.lang.NullPointerException at com.cloud.network.guru.DirectNetworkGuru.trash(DirectNetworkGuru.java:311) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.network.NetworkManagerImpl.destroyNetwork(NetworkManagerImpl.java:3131) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.network.NetworkServiceImpl.deleteNetwork(NetworkServiceImpl.java:1767) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.api.command.user.network.DeleteNetworkCmd.execute(DeleteNetworkCmd.java:70) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:158) at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:531) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:701) 2013-12-05 23:00:00,537 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ]) Complete async job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ], jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: null 2013-12-05 23:00:00,551 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-9:job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ]) Sync queue (7) is currently empty 2013-12-05 23:00:00,552 WARN [cloud.async.AsyncJobManagerImpl] (Job-Executor-9:job-107 = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ]) Unable to unregister active job [ 107 ] = [ 602e96d6-2abc-424d-99a5-1ac1ee5fe5df ] from JMX monitoring Waiting for your reply Best regards
Re: public ip of system vm and public ip of guest vm on same network segment overlaps
I confirm that CS complain about overlapping ranges. After many tests i did not reach my goal. I want to assign a public IP directly to vm without NAT/SNAT ( like in your blog article, Shanker ). I want also to let customer have his lan isolated between 2 or more vm. I understand that with network base, CS let you assign public IPs to vm directly but you can not create guest network ( connect 2 vm with private address ) on UI. I do not via api if you can do it. I understand also that with network advanced it’s possible to create many isolated network but NOT assign public IP directly to vm without NAT/SNAT. Am i wrong ? This is much important to let me understand how network works inside CS. Best regards Il giorno 05/dic/2013, alle ore 10:32, Domenico De Monte d.demo...@netsons.com ha scritto: Now i understand :) Thank you for all those answers. You clarify me a crucial point. So there is no difference between guest traffic ( public or internal ). That means that all guest traffic will use just one switch. For example if i create an instance with 2 nic, one for public traffic and one for private traffic, private traffic goes to internet switch instead of internal switch. I understand now how it works but in my personal opinion i do not think it's correct. Best solution i believe is to let administrator choose on which switch separate private and public traffic. Just my 2 cents to CS. Thank you again shanker! Il 04/12/2013 11:45, Shanker Balan ha scritto: On 04-Dec-2013, at 1:35 pm, Domenico De Monte d.demo...@netsons.com wrote: Before all, thank you for your reply. You explain me many concepts, really important to know, that were not clear in CS documentation. There are four traffic types in CloudStack: (1) Management (2) Storage (3) Guest (4) Public Don’t call it by any other name, just use the ones listed above. :) In total there are 4 NIC on each server, 2 assigned to vSwitch0 and 2 to vSwitch1. In according of what you replied, my new zone configuration will be: 1 physical interface for internet traffic ( Public traffic, Guest Public traffic both connected to vSwitch0 ) There is no “guest public” traffic type. vSwitch0 will carry GUEST *and* PUBLIC traffic. 1 physical interface for internal traffic ( Management traffic, Storage traffic, guest internal traffic both connected to vSwitch1 ). There is no “internal traffic type. You have Management and Storage traffic on vSwitch1. I want separate guest internal traffic with guest public traffic for many reasons. Again, there is no “guest internal” traffic type and “guest public” traffic type. Its just GUEST traffic and PUBLIC traffic. :) You said that for guest traffic, a hard requirement is VLAN usage. Meanwhile for public traffic, management and storage VLAN is not needed. Thats correct. This point here is crucial because i still do not understand difference between public traffic and guest public traffic. :) So there is no “guest public” traffic type. Just “GUEST” and “PUBLIC” traffic types. Ok? Q. What is “GUEST traffic? A. From http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/#advanced-zone-network-traffic-types Guest. When end users run VMs, they generate guest traffic. The guest VMs communicate with each other over a network that can be referred to as the guest network. This network can be isolated or shared. In an isolated guest network, the administrator needs to reserve VLAN ranges to provide isolation for each CloudStack account’s network (potentially a large number of VLANs). In a shared guest network, all guest VMs share a single network” Q. What is “PUBLIC” traffic? Again, from http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/#advanced-zone-network-traffic-types: Public traffic is generated when VMs in the cloud access the Internet. Publicly accessible IPs must be allocated for this purpose. End users can use the CloudStack UI to acquire these IPs to implement NAT between their guest network and the public network, as described in “Acquiring a New IP Address” in the Administration Guide.” The same link also described Management and Storage traffic types also. If i understand, public traffic of a zone is for system vm only ? Incorrect. See http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/#advanced-zone-network-traffic-types And guest public traffic is for guest vm only ? There is no such traffic type as “guest public”. Its just PUBLIC traffic. Again, see http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Installation_Guide/#advanced-zone-network-traffic-types If so, why if we use basic network configuration, we do not have “overlaps” network issue ? Basic networks is a shared network and does not have
Re: public ip of system vm and public ip of guest vm on same network segment overlaps
Before all, thank you for your reply. You explain me many concepts, really important to know, that were not clear in CS documentation. In total there are 4 NIC on each server, 2 assigned to vSwitch0 and 2 to vSwitch1. In according of what you replied, my new zone configuration will be: 1 physical interface for internet traffic ( Public traffic, Guest Public traffic both connected to vSwitch0 ) 1 physical interface for internal traffic ( Management traffic, Storage traffic, guest internal traffic both connected to vSwitch1 ). I want separate guest internal traffic with guest public traffic for many reasons. You said that for guest traffic, a hard requirement is VLAN usage. Meanwhile for public traffic, management and storage VLAN is not needed. This point here is crucial because i still do not understand difference between public traffic and guest public traffic. If i understand, public traffic of a zone is for system vm only ? And guest public traffic is for guest vm only ? If so, why if we use basic network configuration, we do not have “overlaps” network issue ? Of course in this case we can not let users use internal physical switch ( vswitch1 ) for lan traffic. Anyway my target is still to reduce public IPs usage and of course do not use SNAT. In order to do so, i want definitively follow your guide: http://shankerbalan.net/blog/create-a-shared-network-with-public-ips-in-cloudstack/ ( i read it also before, very well done :) ) But following this i still have problem of CS network overlaps if i want use same /24 for both type of public traffic. Consider that we want let customers use a public IP and a private IP directly on their vm. For internet traffic without vlan. This is our goal. Assign for each vm a VLAN for public traffic, we will lose many ips just for subnetting. So there is no way to use a single /24 for public system traffic and guests public traffic without split this /24 in smaller subnet ? I think key is to assign just 2 physical interface as you suggest and try to see if overlaps issue goes away, like it was for basic network configuration. Waiting for your reply Best regards Il giorno 04/dic/2013, alle ore 05:24, Shanker Balan shanker.ba...@shapeblue.com ha scritto: Comments inline. On 04-Dec-2013, at 6:18 am, Domenico De Monte d.demo...@netsons.com wrote: Hello, i added a zone with advanced network with following network configuration on CS 4.2 but i was not able to setup same IP class on public traffic ( of system vm ) and guest traffic ( of guest vm ). Scenario Servers with VMware ESXi 5.1 have multiple nic: 2 nic connected to physical internet switch ( vSwitch0 standard ) Am not intricately familiar with ESXi but I assume these 2 NICs are in a bond (LACP/LAGG) and configured as vSwitch0 for Internet traffic. 2 nic connected to physical private switch ( vSwitch1 standard ) vSWitch1 is also a LACAP/LAGG bond of 2 NICs? On CS i create a zone with advanced network and 5 physical interface: You would only require 2 CloudStack physical interface. “Physical Interface 1” for Internet vSwitch0 traffic and “Physical Interface 2” for Internal vSwitch1 traffic. 1 physical interface for Public traffic connected to vSwitch0 ( i think it's system vm public traffic ). The “untrusted” public Internet traffic would go to “Physical Interface 1”. The “Public Traffic” includes all public Internet traffic (Guest VM Public traffic + SSVM Public Traffic + CPVM Public Traffic etc). 1 physical interface for Guest traffic connected to vSwitch0 ( i think it's guest vm public traffic ). The “untrusted” guest traffic would also go to “Physical Interface 1”. 1 physical interface for Guest traffic connected to vSwitch1 ( i think it's guest vm lan traffic ). So basically all Guest VM traffic and any Public traffic gets combined onto “Physical Interface 1” which is mapped to vSwitch0 1 physical interface for Storage traffic connected to vSwitch1 ( i am sure it's storage traffic for snapshot, deploy and so on ). Yep, so storage traffic is on “Physical Interface 2” which is mapped to vSwitch1 1 physical interface for Management traffic connected to vSwitch1 ( i am sure it's for system vm traffic and so on ). Yep, so Management traffic is also on “Physical Interface 2”. I do not want use vlan and i read on ml that if i do not setup them, they are just ignore from CS. You require VLANs for “GUEST” VM traffic. This is a hard requirement. VLAN is optional for the other traffic types of “PUBLIC”, “MANAGEMENT” and “STORAGE”. To sum up, Public Traffic - Physical Interface 1 - vSwitch0 - 2xNICs (LACP/LAGG) Guest Traffic - Physical Interface 1 - vSwitch0 - 2xNICs (LACP/LAGG) Management Traffic - Physical Interface 2 - vSwitch1 - 2xNICs (LACP/LAGG) Storage Traffic- Physical Interface 2 - vSwitch1 - 2xNICs (LACP/LAGG) Assuming that i have a public ip class like 1.2.3.0/24
public ip of system vm and public ip of guest vm on same network segment overlaps
Hello, i added a zone with advanced network with following network configuration on CS 4.2 but i was not able to setup same IP class on public traffic ( of system vm ) and guest traffic ( of guest vm ). Scenario Servers with VMware ESXi 5.1 have multiple nic: 2 nic connected to physical internet switch ( vSwitch0 standard ) 2 nic connected to physical private switch ( vSwitch1 standard ) On CS i create a zone with advanced network and 5 physical interface: 1 physical interface for Public traffic connected to vSwitch0 ( i think it's system vm public traffic ). 1 physical interface for Guest traffic connected to vSwitch0 ( i think it's guest vm public traffic ). 1 physical interface for Guest traffic connected to vSwitch1 ( i think it's guest vm lan traffic ). 1 physical interface for Storage traffic connected to vSwitch1 ( i am sure it's storage traffic for snapshot, deploy and so on ). 1 physical interface for Management traffic connected to vSwitch1 ( i am sure it's for system vm traffic and so on ). I do not want use vlan and i read on ml that if i do not setup them, they are just ignore from CS. Assuming that i have a public ip class like 1.2.3.0/24. On public traffic ( system vm i think ) i setup a range like following ( example ): gw: 1.2.3.1 netmask: 255.255.255.0 start ip: 1.2.3.21 end ip: 12.3.30 On guest traffic ( on vSwitch0 so guest public traffic ) i want setup a different range but in SAME subnet: gw: 1.2.3.1 netmask: 255.255.255.0 start ip: 1.2.3.31 end ip: 1.2.3.128 I can not do this cause CS stop me, warning about netmask/gw overlaps. So i came to 2 possible solution: 1) Do subnetting for network: 1.2.3.0/24 and assign a /29 to public traffic ( system vm ) and different /28 to guest traffic. 2) Assign to public traffic ( system vm ), private IPs that will be natted to my router, so i can assign all public IPs that i want to guest vm. Also here i am not sure if everything works after that. So my questions are: 1) Why system vm should have internet connection ? They need to receive incoming connection or i can nat them in order to reduce public ip usage ? 2) There is no other solution ? Can i skip somehow CS warning about netmask/gw overlap ? Waiting for your reply Best regards