On 16/10/13 12:23 PM, "Bjoern Teipel" <bjoern.tei...@internetbrands.com> wrote:
>Murali, > >That would be great if you're right. But I'm now in a dead lock: > >Adding new network offering including LB: > >2013-10-15 23:34:50,920 WARN [network.element.VirtualRouterElement] >(catalina-exec-19:null) Virtual router can't enable services [Dns Dhcp >UserData Lb ] without source NAT service >2013-10-15 23:34:50,924 ERROR [cloud.api.ApiServer] >(catalina-exec-19:null) unhandled exception executing api command: >createNetworkOffering >com.cloud.exception.UnsupportedServiceException: Provider VirtualRouter >doesn't support services combination: [Dns, Dhcp, UserData, Lb] > >That forces me to add source nat, but once I want add a guest network in >the zone I get the opposite error. I can't mix SG + sourceNat > >013-10-15 23:46:30,896 INFO [cloud.api.ApiServer] >(catalina-exec-22:null) Service SourceNat is not allowed in security >group enabled zone First issue is know issue (CLOUDSTACK-4717) is getting addressed in 4.2.1. Not sure why source NAT should not be allowed in SG network. Sorry, this is indeed a dead lock situation. It does not look like you can use LB with in shared network with SG in advanced zone. > >So no internal lb ? > >Thanks, >Bjoern > >On 10/15/2013 11:28 PM, Murali Reddy wrote: >> On 16/10/13 7:17 AM, "Bjoern Teipel" <bjoern.tei...@internetbrands.com> >> wrote: >> >>> Wow, all user@cloudstack mails got catched in my spam filter, so sorry >>> for the late response. >>> >>> After tinkering the whole day I gave up using a tagged VLAN for the >>> storage traffic, seems not to work. It ignores the VID and doesn't >>> create the VLAN on the hypervisor. >>> I added the vlan to the hypervisor now and bound cloudbr1 to it and >>> using it untagged in cloudstack. >>> Finally all is up. :-) >>> >>> Now I was looking how to use a load balancer like the internal >>> cloudstack one or even the F5 and it seems it's not supported. >>> No cloudstack support for internal LB (the VR one) or F5 ? Really !!! >>> According to the advanced network and security groups specification ( >>> >>>https://cwiki.apache.org/confluence/display/CLOUDSTACK/Isolation+based+o >>>n+ >>> Security+Groups+in+Advance+zone) >>> AddF5LoadBalancerCmd api commands will just fail in SG enabled zone. >>> That's just a joke. >> 4.1 did not support PF/NAT/LB services in shared network. From 4.2, all >> network services are supported in shared network with or without SG so >>you >> should be able to use F5/VR/Netscaler for LB. >> >>> I'm really close to end the cloudstack adventure and move on with open >>> stack. >>> Having a shared network with SG and loadbalancer is not really a >>> uncommon solution >> > >
