Hello everyone, I am new to Cloudstack and have it deployed in our lab
currently so go easy :) I have everything working as expected with the
advanced network zone, vmware support, and multiple vlan isolation working
properly. I have a few questions I would like to ask here about networking
options inside Cloudstack that I was unable to acertain from the documentation.
Hopefully one of you guys can steer me in the right direction.
MY LAB SETUP
Cloudstack 4.1.0 (Compiled from Source w/vmware support)
Zone1- Advanced –
MGMT(untagged): 172.29.16.0/21
STORAGE(untagged): 172.29.16.0/21
GUEST(VLAN 601): 172.29.24.0/21
PUBLIC(VLAN 602): x.x.x.x/24
Currently I create an account and can add a guest network, the virtual router
deploys properly assigns the necessary vlan for the isolated network the guest
IP is assigned and a public ip is assigned from the public IP pool as expected
this works properly (Awesome). Deploying a VPC under a user account functions
properly as well (Very Cool). What I am looking for is a configuration that I
guess be best described as a shared isolated network? Where an instance is
provisioned and assigned an rfc1918 address from a large guest pool much like I
have currently setup with the “Default Shared Network”. And a user can request
an IP be assigned from the public pool and create pat/nat translations and
firewall rules just as on the isolated network I tested. This is for a
multi-tennent setup where each user does not need to create their own guest
network and vlan isolation between accounts is not necessary thus no need to
burn a vlan and a vrouter for every customer account. Based on what I am
seeing this functionality seems to already be present. If I provision and
instance on the Default Shared Network (VLAN601) in my setup, the machine is
assigned the proper RFC1918 address from the pool but when I try to allocate a
public ip from the network tab I receive the allocation error below. Should
this functionality even work? The problem seems obvious but I don’t see where I
can make the owners match even using cloudmokey.
2013-08-01 13:12:32,000 DEBUG [cloud.user.AccountManagerImpl]
(Job-Executor-21:job-269) Access to Acct[4-zimcom] granted to Acct[4-zimcom] by
DomainChecker_EnhancerByCloudStack_dd56169d
2013-08-01 13:12:32,020 DEBUG [cloud.user.AccountManagerImpl]
(Job-Executor-21:job-269) Access to Ip[209.212.252.6-1] granted to
Acct[4-zimcom] by DomainChecker_EnhancerByCloudStack_dd56169d
2013-08-01 13:12:32,031 DEBUG [cloud.user.AccountManagerImpl]
(Job-Executor-21:job-269) Access to Ntwk[204|Guest|7] granted to Acct[4-zimcom]
by DomainChecker_EnhancerByCloudStack_dd56169d
2013-08-01 13:12:32,042 ERROR [cloud.async.AsyncJobManagerImpl]
(Job-Executor-21:job-269) Unexpected exception while executing
org.apache.cloudstack.api.command.user.address.AssociateIPAddrCmd
com.cloud.exception.InvalidParameterValueException: The owner of the network is
not the same as owner of the IP
at
com.cloud.network.NetworkManagerImpl.associateIPToGuestNetwork(NetworkManagerImpl.java:744)
at
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at
com.cloud.network.NetworkServiceImpl.associateIPToNetwork(NetworkServiceImpl.java:2852)
at
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at
org.apache.cloudstack.api.command.user.address.AssociateIPAddrCmd.execute(AssociateIPAddrC
I also created a second zone with basic networking but I did not see a way to
accomplish this with that setup either as it looks like the machine is directly
assigned a public address and access control is handled via SG’s with ingress
and egress filtering.
Can anyone help me out?
Thanks in Advance.
Steve Searles
http://www.zimcom.net
Phone. (513)231-9500
Fax. (513)624-3909
Toll Free. (888)624-3910
