Your SlideShare is downloading. ×
0
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Introduction to cloudstack 4.2 networking
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Introduction to cloudstack 4.2 networking

3,222

Published on

Geoff Higginbottom did a short “Introduction to Cloudstack Networking” talk . Many people acknowledge that there’s nobody on planet earth who knows as much about Cloudstack Networking as Geoff. …

Geoff Higginbottom did a short “Introduction to Cloudstack Networking” talk . Many people acknowledge that there’s nobody on planet earth who knows as much about Cloudstack Networking as Geoff. Luckily he decided to throttle back a little on his usual detail levels and did an excellent job of explaining the key cloudstack networking features and also had a good look that the new & improved VPC functionality available in Cloudstack 4.2

Published in: Technology
0 Comments
10 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,222
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
17
Comments
0
Likes
10
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Introduction to CloudStack Networking Geoff Higginbottom CTO ShapeBlue geoff.higginbottom@shapeblue.com Twitter: @ShapeBlue, @CloudStackGuru
  • 2. Why NaaS – The Use Cases VPS Cloud www.shapeblue.com @CloudStackGuru
  • 3. Why NaaS – The Use Cases www.shapeblue.com @CloudStackGuru
  • 4. Management Network www.shapeblue.com @CloudStackGuru
  • 5. Public Network – Advanced Zone www.shapeblue.com @CloudStackGuru
  • 6. Public Network - Basic Zone EIP / ELB www.shapeblue.com @CloudStackGuru
  • 7. Public Network – System VMs www.shapeblue.com @CloudStackGuru
  • 8. Guest Network – Advanced Zone www.shapeblue.com @CloudStackGuru
  • 9. Guest Network – Basic Zone www.shapeblue.com @CloudStackGuru
  • 10. Guest Network – Basic Zone www.shapeblue.com @CloudStackGuru
  • 11. Guest Network – Basic Zone EIP / ELB www.shapeblue.com @CloudStackGuru
  • 12. Storage Network www.shapeblue.com @CloudStackGuru
  • 13. Physical Connectivity www.shapeblue.com @CloudStackGuru
  • 14. Network Service Providers www.shapeblue.com @CloudStackGuru
  • 15. Basic Networking       AWS Style L3 isolation – Massive Scale Simple Flat Network Each POD has a unique CIDR Optional Guest Isolation via Security Groups Optional NetScaler Integration - Elastic IPs and Elastic LB Optional Nicira NVP Integration www.shapeblue.com @CloudStackGuru
  • 16. Security Groups      Isolate traffic between VMs Available for both Basic and Advanced Networking Only supported on XenServer 6.x and KVM XenServer 6.0.x requires the Cloud Support Package XenServer must use Linux Bridge and not Open vSwitch   xe-switch-network-backend bridge Must be implemented before adding to CloudStack www.shapeblue.com @CloudStackGuru
  • 17. Security Groups     Must be specified when the Zone is created Uses Ingress and Egress Rules to control traffic flow Default is all outbound traffic allowed, all inbound denied Rules can be mapped to CIDR or another Account/Security Group www.shapeblue.com @CloudStackGuru
  • 18. Security Groups     Must be specified when the Zone is created Uses Ingress and Egress Rules to control traffic flow Default is all outbound traffic allowed, all inbound denied Rules can be mapped to CIDR or another Account/Security Group www.shapeblue.com @CloudStackGuru
  • 19. Basic Zone – Example IP Schema www.shapeblue.com @CloudStackGuru
  • 20. Using Multiple NICs www.shapeblue.com @CloudStackGuru
  • 21. Using Multiple NICs www.shapeblue.com @CloudStackGuru
  • 22. Advanced Networking     Guest Networks isolated by VLANs Private and Shared Guest Networks Multiple Physical Networks Virtual Router for each Network providing:       DNS & DHCP Firewall Client VPN Load Balancing Source / Static NAT Port Forwarding www.shapeblue.com @CloudStackGuru
  • 23. Adv Zone – Example IP Schema www.shapeblue.com @CloudStackGuru
  • 24. Adv Zone - Egress Rules  Blocks all outbound traffic by default Example of an ‘Allow All’ Egress Rule www.shapeblue.com @CloudStackGuru
  • 25. Adv Zone - Firewall & Port Forwarding  Firewall   Allow traffic into network Port Forwarding  Pass traffic to a specified VM www.shapeblue.com @CloudStackGuru
  • 26. Adv Zone - Load Balancing  Load Balancing Algorithms     Round Robin Least Connections Source Stickiness     None Source Based AppCookie LBCookie www.shapeblue.com @CloudStackGuru
  • 27. Adv Zone - User VPN  User VPN    IPSec VPN Win/MAC Connects to Guest Network www.shapeblue.com @CloudStackGuru
  • 28. Adv Zone - Static NAT  Enable Static NAT www.shapeblue.com @CloudStackGuru
  • 29. Adv Zone - Static NAT  Allocate VM www.shapeblue.com @CloudStackGuru
  • 30. Adv Zone - Static NAT   Only Firewall Rules exist due to 1-2-1 mapping Public IP is also used for Outbound Traffic from this VM www.shapeblue.com @CloudStackGuru
  • 31. Virtual Private Clouds (VPC)      Private multi-tiered Virtual Networks ACLs to control traffic isolation Inter VLAN Routing Site-2-Site VPN Private Gateway www.shapeblue.com @CloudStackGuru
  • 32. Virtual Private Clouds (VPC)  No Conserve Mode so unique Public IP Required for:     Source NAT Port Forwarding Load Balancing Cannot operate in Redundant Mode (VRRP) www.shapeblue.com @CloudStackGuru
  • 33. VPC Components Virtual Router – Connects all the VPC Components Network Tiers – Isolated Networks, each with unique VLAN and CIDR www.shapeblue.com @CloudStackGuru
  • 34. VPC Components Public Gateway Site-2-Site VPN Linked to Public Gateway www.shapeblue.com @CloudStackGuru
  • 35. VPC Components Private Gateway Created by Root Admins Configured by Users (Static Routes) www.shapeblue.com @CloudStackGuru
  • 36. VPC Components www.shapeblue.com @CloudStackGuru
  • 37. VPC Components www.shapeblue.com @CloudStackGuru
  • 38. VPC Components www.shapeblue.com @CloudStackGuru
  • 39. VPC 4.2 Enhancements         Support for KVM Load Balancing between Tiers Citrix NetScaler as External LB Enhanced Access Control Lists Deploy VM to both VPC & Shared Network from UI Multiple VPN Gateways Multiple Private Gateways ACLs & Black Lists for Private Gateways www.shapeblue.com @CloudStackGuru
  • 40. System VMs & Their Networks Virtual Router www.shapeblue.com @CloudStackGuru
  • 41. System VMs & Their Networks Virtual Router www.shapeblue.com @CloudStackGuru
  • 42. System VMs & Their Networks Secondary Storage VM www.shapeblue.com @CloudStackGuru
  • 43. System VMs & Their Networks SSVM – VM Image / ISO Upload Workflow www.shapeblue.com @CloudStackGuru
  • 44. System VMs & Their Networks Console Proxy VM www.shapeblue.com @CloudStackGuru
  • 45. System VMs & Their Networks CPVM – Remote Connection www.shapeblue.com @CloudStackGuru
  • 46. Communication Ports www.shapeblue.com @CloudStackGuru
  • 47. Recent Networking Improvements (4.1 & 4.2)           Numerous VPC Improvements Add & Remove NICs / Networks Multiple IPs on Single NIC Persistent Networks Configurable Default Egress Behaviour Non Contiguous VLAN Ranges Enhanced SRX & F5 Support PVLANs GLSB IPv6 – (Technical Demo) www.shapeblue.com @CloudStackGuru
  • 48. Questions? www.shapeblue.com @CloudStackGuru
  • 49. Introduction to CloudStack Networking Geoff Higginbottom CTO ShapeBlue geoff.higginbottom@shapeblue.com Twitter: @ShapeBlue, @CloudStackGuru

×