Morning Jeremy
Some more detail of your infrastructure would be helpful such as total number
of NICs (I assume you have two), whether your storage (on eth 1) is only
Primary Storage and if so where your Secondary Storage will be located (and
which NIC will access it) etc
CloudStack maps its Physical Networks to a Bridge, and a Bridge is mapped to
either a single Interface or a Bond - see
http://wiki.centos.org/TipsAndTricks/BondingInterfaces for more info
Recommended Bonding Modes when LACP is not available on the switch stack are
Mode1 for Management and Storage
Mode 6 For Guest and Public
IF you want both Networks where the VMs are behind a Virtual Router, and you
also want VMs with a real Public IP directly connected to the Internet, then
you want to use standard Advanced Networking, and not Advanced with Security
Groups.
System VMs recycling are a sign that when they are booting they cannot
communicate with either the Management Server or the 'Internal' DNS Servers or
they cannot PING the Public Gateway. This is often caused by the KVM Traffic
Labels not being set to the appropriate Bridge Name for each type of CloudStack
Traffic (Management, Guest and Public). Note the CloudStack 'Storage' is
optional, and only really required if you have a NIC (or pair of NICs bonded)
which you want to use specifically for Secondary Storage Traffic, otherwise the
SSVM will simply use its Management Interface to access the NFS Sec Storage.
It looks like you have the following NIC Allocations
eth 0 - Public
eth 1 - Management
eth 2 - Primary Storage
Therefore you need to create Bridge for each one such as eth 0 = cloudbr0, eth
1 = cloudbr1 etc and when adding the Zone, set the traffic labels to
Management - cloudbr1
Guest - cloudbr0
Public - cloudbr0 (yes the same as public as the physical NIC will handle both)
Storage - Optional and probably not used if your NFS Storage is accessible from
eth 1
Note: You do not tell cloudstack which NIC to use for Primary Storage, your
hypervisor works this out based in the CIDR of the Primary Storage
You will then create 'Isolated' networks for VMs to sit behind a Virtual
Router, and Shared Networks with an IP schema in the available Public IP range
for VMs requiring direct Internet Public IPs etc
Check out these links for more info
http://www.youtube.com/watch?v=wzEZomU4FrM
http://www.slideshare.net/ShapeBlue/introduction-to-cloudstack-43-networking
http://shapeblue.com/cloudstack/understanding-cloudstacks-physical-networking-architecture/
http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/
Regards
Geoff Higginbottom
D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
geoff.higginbot...@shapeblue.com
-Original Message-
From: Jeremy Peterson [mailto:jpeter...@acentek.net]
Sent: 02 October 2014 22:16
To: users@cloudstack.apache.org
Subject: Advanced networking CloudStack 4.3
Good afternoon all or morning depending where you are,
Truly looking for some help. This question has probably been asked a hundred
times but I cannot find a good resource for it.
I am looking to deploy CloudStack using KVM on centos 6.5 using ISCSI multipath
hence the reason for CLVM. I want advanced networking because I've using CLVM
as primary storage. I want to offer virtual routers with public IP's and be
able to deploy VM's with a public IP directly attached. If that's not possible
that's ok.
When I deploy advanced networking do I choose security groups or not?
Now I've done it both ways and had issues with each. If there is a good way to
do it let me know because I can't find it.
My SSVM and console VM's have recycled 100's of times.
I've had issues where my SSVM is trying to bridge on eth2 where eth2 is my
management NIC on the hypervisor.
Currently I sit at a clean install of cloudstack-management and my
cloudstack-agent is stopped on my two kvm hosts.
My storage is on eth1 and public is on cloudbr0 which is bridged off eth0.
Jeremy Peterson
Find out more about ShapeBlue and our range of CloudStack related services
IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build//
CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/
CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
CloudStack Infrastructure
Supporthttp://shapeblue.com/cloudstack-infrastructure-support/
CloudStack Bootcamp Training Courseshttp://shapeblue.com/cloudstack-training/
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based upon
its contents, nor copy or show it to anyone. Please contact the sender if you
believe you have received this email in error. Shape