SlideShare a Scribd company logo

Introduction to CloudStack Networking

Download as PPTX, PDF
S
ShapeBlue

Introduction to the different CloudStack Networking models, CloudStack Networks and System VMs

Technology
1 of 39
Introduction to CloudStack Networking Geoff Higginbottom CTO ShapeBlue geoff.higginbottom@shapeblue.com Twitter: @CloudStackGuru @ShapeBlue
About Me   Cloud Architect & ShapeBlue CTO Specialise in….       Designing & Building Clouds based on Apache CloudStack / Citrix CloudPlatform Developing CloudStack training Blogging and sharing CloudStack knowledge Involved with CloudStack before donation to Apache Designed Clouds for SunGard, Ascenty, BskyB, Trader Media, M5 Hosting, Team Cymru, Interoute, University of Pennsylvania.… CloudStack Committer (non-developer) @ShapeBlue #CloudStack #CCCEU13
About ShapeBlue “ShapeBlue are expert builders of public & private clouds. They are the leading global independent CloudStack / CloudPlatform integrator & consultancy” @ShapeBlue #CloudStack #CCCEU13
Why NaaS – The Use Cases VPS Cloud @ShapeBlue #CloudStack #CCCEU13
Why NaaS – The Use Cases @ShapeBlue #CloudStack #CCCEU13
Basic Networking       AWS Style L3 isolation – Massive Scale Simple Flat Network Each POD has a unique CIDR Optional Guest Isolation via Security Groups Optional NetScaler Integration - Elastic IPs and Elastic LB Optional Nicira NVP Integration @ShapeBlue #CloudStack #CCCEU13
Security Groups      Isolate traffic between VMs Available for both Basic and Advanced Networking Only supported on XenServer 6.x and KVM XenServer 6.0.x requires the Cloud Support Package XenServer must use Linux Bridge and not Open vSwitch   xe-switch-network-backend bridge Must be implemented before adding to CloudStack @ShapeBlue #CloudStack #CCCEU13
Security Groups  Rules can be mapped to CIDR or another Account/Security Group @ShapeBlue #CloudStack #CCCEU13
Advanced Networking   This network model provides the most flexibility in defining guest networks and providing custom network offerings such as firewall, VPN, Load Balancer & VPC functionality. Guest isolation is provided through layer-2 means such as VLANs or SDN technologies @ShapeBlue #CloudStack #CCCEU13
Advanced Networking    Private and Shared Guest Networks Multiple Physical Networks Virtual Router for each Network providing:       DNS & DHCP Firewall Client VPN Load Balancing Source / Static NAT Port Forwarding @ShapeBlue #CloudStack #CCCEU13
Advanced Networking & Security Groups  Effectively enables the deployment of multiple ‘Basic’ style networks which use Security Groups for isolation of VMs, but with each Network encapsulated within a unique VLAN. @ShapeBlue #CloudStack #CCCEU13
Management Network Traffic between CloudStack Management Servers and the various cloud components (Hosts, System VMs, Storage*, vCenter etc) @ShapeBlue #CloudStack #CCCEU13
Guest Network – Advanced Zone Traffic between VMs within an Account, and their Virtual Router, Physical Load Balancer or Physical Firewall @ShapeBlue #CloudStack #CCCEU13
Guest Network – Basic Zone Traffic between VMs on the network and their Internet Gateway @ShapeBlue #CloudStack #CCCEU13
Guest Network – Basic Zone EIP / ELB Traffic between VMs and the Internal Interface of the NetScaler @ShapeBlue #CloudStack #CCCEU13
Public Network – Advanced Zone Traffic between the Virtual Router and the Internet Gateway @ShapeBlue #CloudStack #CCCEU13
Public Network - Basic Zone EIP / ELB Only present in a Basic Zone when a Citrix NetScaler is used to provide Elastic IP and Elastic LB @ShapeBlue #CloudStack #CCCEU13
Public Network – System VMs CPVM & SSVM both have a connection to the Public Network @ShapeBlue #CloudStack #CCCEU13
Storage Network     Traffic between SSVM and the Secondary Storage Optional Network, traffic will use the Management Network if not configured. If configured, there must be a route between Management and Storage Networks It is NOT for Primary Storage Traffic @ShapeBlue #CloudStack #CCCEU13
Physical Connectivity @ShapeBlue #CloudStack #CCCEU13
Basic Zone – Example IP Schema @ShapeBlue #CloudStack #CCCEU13
Advanced Zone – Example IP Schema @ShapeBlue #CloudStack #CCCEU13
Network Service Providers  A Hardware or Virtual Appliance that provide Network Services to CloudStack e.g.  Virtual Router VPC Virtual Router Internal LBVM Citrix NetScaler F5 Load Balancer Juniper SRX Firewall          Nicira Nvp Midokura Midonet BigSwitch Vns Cisco VNMC @ShapeBlue #CloudStack #CCCEU13
Virtual Private Clouds (VPC)      Private multi-tiered Virtual Networks ACLs to control traffic isolation Inter VLAN Routing Site-2-Site VPN Private Gateway @ShapeBlue #CloudStack #CCCEU13
VPC Components Virtual Router – Connects all the VPC Components Network Tiers – Isolated Networks, each with unique VLAN and CIDR @ShapeBlue #CloudStack #CCCEU13
VPC Components Public Gateway Site-2-Site VPN Linked to Public Gateway @ShapeBlue #CloudStack #CCCEU13
VPC Components Private Gateway Created by Root Admins Configured by Users (Static Routes) @ShapeBlue #CloudStack #CCCEU13
VPC Components @ShapeBlue #CloudStack #CCCEU13
VPC Components @ShapeBlue #CloudStack #CCCEU13
VPC Components @ShapeBlue #CloudStack #CCCEU13
Communication Ports @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks Virtual Router @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks Virtual Router @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks Secondary Storage VM @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks SSVM – VM Image / ISO Upload Workflow @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks Console Proxy VM @ShapeBlue #CloudStack #CCCEU13
System VMs & Their Networks CPVM – Remote Connection @ShapeBlue #CloudStack #CCCEU13
Recent Networking Improvements (4.1 & 4.2)           Numerous VPC Improvements Add & Remove NICs / Networks Multiple IPs on Single NIC Persistent Networks Configurable Default Egress Behaviour Non Contiguous VLAN Ranges Enhanced SRX & F5 Support PVLANs GLSB IPv6 – (Technical Demo) @ShapeBlue #CloudStack #CCCEU13
Further Information     Lots of great technical info on http://shapeblue.com/blog/ These slides can be found at www.slideshare.net/shapeblue geoff.higginbottom@shapeblue.com @CloudStackGuru @ShapeBlue #CloudStack #CCCEU13

Recommended

Automating CloudStack and hypervisor installation and configuration
Automating CloudStack and hypervisor installation and configurationAutomating CloudStack and hypervisor installation and configuration
Automating CloudStack and hypervisor installation and configuration
Dag Sonstebo
 
Cloud stack networking shapeblue technical deep dive
Cloud stack networking shapeblue technical deep diveCloud stack networking shapeblue technical deep dive
Cloud stack networking shapeblue technical deep dive
ShapeBlue
 
CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack Networking
CloudStack - Open Source Cloud Computing Project
 
Implementing CloudStack's VPC feature
Implementing CloudStack's VPC featureImplementing CloudStack's VPC feature
Implementing CloudStack's VPC feature
Marcus L Sorensen
 
CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13
Chiradeep Vittal
 
CloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanCloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen Japan
Kimihiko Kitase
 
CloudStack vs Openstack
CloudStack vs OpenstackCloudStack vs Openstack
CloudStack vs Openstack
Madan Ganesh Velayudham
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStack
Victor Zhang
 

Recommended

Automating CloudStack and hypervisor installation and configuration
Automating CloudStack and hypervisor installation and configurationAutomating CloudStack and hypervisor installation and configuration
Automating CloudStack and hypervisor installation and configuration
Dag Sonstebo
 
Cloud stack networking shapeblue technical deep dive
Cloud stack networking shapeblue technical deep diveCloud stack networking shapeblue technical deep dive
Cloud stack networking shapeblue technical deep dive
ShapeBlue
 
CloudStack Networking
CloudStack NetworkingCloudStack Networking
CloudStack Networking
CloudStack - Open Source Cloud Computing Project
 
Implementing CloudStack's VPC feature
Implementing CloudStack's VPC featureImplementing CloudStack's VPC feature
Implementing CloudStack's VPC feature
Marcus L Sorensen
 
CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13CloudStack Networking Deepdive CCCEU13
CloudStack Networking Deepdive CCCEU13
Chiradeep Vittal
 
CloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen JapanCloudStack Networking at CloudOpen Japan
CloudStack Networking at CloudOpen Japan
Kimihiko Kitase
 
CloudStack vs Openstack
CloudStack vs OpenstackCloudStack vs Openstack
CloudStack vs Openstack
Madan Ganesh Velayudham
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStack
Victor Zhang
 
Introduction to cloudstack 4.3 networking
Introduction to cloudstack 4.3 networking Introduction to cloudstack 4.3 networking
Introduction to cloudstack 4.3 networking
ShapeBlue
 
Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
Hiroaki Kawai
 
SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
buildacloud
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginners
Radhika Puthiyetath
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
Nitin Mehta
 
Introduction to CloudStack
Introduction to CloudStack Introduction to CloudStack
Introduction to CloudStack
CloudStack - Open Source Cloud Computing Project
 
Solid fire cloudstack storage overview - CloudStack European User Group
Solid fire cloudstack storage overview - CloudStack European User GroupSolid fire cloudstack storage overview - CloudStack European User Group
Solid fire cloudstack storage overview - CloudStack European User Group
ShapeBlue
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
howie YU
 
Designing CloudStack Clouds
Designing CloudStack CloudsDesigning CloudStack Clouds
Designing CloudStack Clouds
ShapeBlue
 
CloudStack European User Group - controlCircle
CloudStack European User Group - controlCircle CloudStack European User Group - controlCircle
CloudStack European User Group - controlCircle
ShapeBlue
 
CloudStack Overview
CloudStack OverviewCloudStack Overview
CloudStack Overview
sedukull
 
Decisions behind hypervisor selection in CloudStack 4.3
Decisions behind hypervisor selection in CloudStack 4.3Decisions behind hypervisor selection in CloudStack 4.3
Decisions behind hypervisor selection in CloudStack 4.3
Tim Mackey
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
gavin_lee
 
Apache CloudStack from API to UI
Apache CloudStack from API to UIApache CloudStack from API to UI
Apache CloudStack from API to UI
CloudStack - Open Source Cloud Computing Project
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack Architecture
CloudStack - Open Source Cloud Computing Project
 
The Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep VittalThe Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep Vittal
buildacloud
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
Murali Reddy
 
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh BoddapatiPolicy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
buildacloud
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
buildacloud
 
Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4
Sheng Yang
 
Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 LambertXen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
The Linux Foundation
 
2015 02-10 xen server master class
2015 02-10 xen server master class2015 02-10 xen server master class
2015 02-10 xen server master class
Citrix
 

More Related Content

What's hot

Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
Hiroaki Kawai
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
Nitin Mehta
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
howie YU
 
The Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep VittalThe Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep Vittal
buildacloud
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
Murali Reddy
 
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh BoddapatiPolicy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
buildacloud
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
buildacloud
 

What's hot (20)

Introduction to cloudstack 4.3 networking
Introduction to cloudstack 4.3 networking Introduction to cloudstack 4.3 networking
Introduction to cloudstack 4.3 networking
 
Cloudstack networking2
Cloudstack networking2Cloudstack networking2
Cloudstack networking2
 
SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginners
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
 
Introduction to CloudStack
Introduction to CloudStack Introduction to CloudStack
Introduction to CloudStack
 
Solid fire cloudstack storage overview - CloudStack European User Group
Solid fire cloudstack storage overview - CloudStack European User GroupSolid fire cloudstack storage overview - CloudStack European User Group
Solid fire cloudstack storage overview - CloudStack European User Group
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
 
Designing CloudStack Clouds
Designing CloudStack CloudsDesigning CloudStack Clouds
Designing CloudStack Clouds
 
CloudStack European User Group - controlCircle
CloudStack European User Group - controlCircle CloudStack European User Group - controlCircle
CloudStack European User Group - controlCircle
 
CloudStack Overview
CloudStack OverviewCloudStack Overview
CloudStack Overview
 
Decisions behind hypervisor selection in CloudStack 4.3
Decisions behind hypervisor selection in CloudStack 4.3Decisions behind hypervisor selection in CloudStack 4.3
Decisions behind hypervisor selection in CloudStack 4.3
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
 
Apache CloudStack from API to UI
Apache CloudStack from API to UIApache CloudStack from API to UI
Apache CloudStack from API to UI
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack Architecture
 
The Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep VittalThe Future of SDN in CloudStack by Chiradeep Vittal
The Future of SDN in CloudStack by Chiradeep Vittal
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
 
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh BoddapatiPolicy Based SDN Solution for DC and Branch Office by Suresh Boddapati
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapati
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
 
Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4Virtual Router in CloudStack 4.4
Virtual Router in CloudStack 4.4
 

Viewers also liked

Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 LambertXen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
The Linux Foundation
 
vBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
vBACD July 2012 - Deploying Private PaaS with ActiveState StackatovBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
vBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
CloudStack - Open Source Cloud Computing Project
 

Viewers also liked (14)

Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 LambertXen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
Xen Orchestra: XAPI and XenServer from the web-XPUS13 Lambert
 
2015 02-10 xen server master class
2015 02-10 xen server master class2015 02-10 xen server master class
2015 02-10 xen server master class
 
XenServer, Hyper-V, and ESXi - Architecture, API, and Coding
XenServer, Hyper-V, and ESXi - Architecture, API, and CodingXenServer, Hyper-V, and ESXi - Architecture, API, and Coding
XenServer, Hyper-V, and ESXi - Architecture, API, and Coding
 
vBACD July 2012 - Xen Cloud Platform
vBACD July 2012 - Xen Cloud PlatformvBACD July 2012 - Xen Cloud Platform
vBACD July 2012 - Xen Cloud Platform
 
CloudStack Hyderabad Meetup: Using CloudStack to build IaaS clouds
CloudStack Hyderabad Meetup: Using CloudStack to build IaaS cloudsCloudStack Hyderabad Meetup: Using CloudStack to build IaaS clouds
CloudStack Hyderabad Meetup: Using CloudStack to build IaaS clouds
 
CloudStack Hyderabad Meetup: How the Apache community works
CloudStack Hyderabad Meetup: How the Apache community worksCloudStack Hyderabad Meetup: How the Apache community works
CloudStack Hyderabad Meetup: How the Apache community works
 
CloudStack technical overview
CloudStack technical overviewCloudStack technical overview
CloudStack technical overview
 
vBACD- July 2012 - Crash Course in Open Source Cloud Computing
vBACD- July 2012 - Crash Course in Open Source Cloud ComputingvBACD- July 2012 - Crash Course in Open Source Cloud Computing
vBACD- July 2012 - Crash Course in Open Source Cloud Computing
 
vBACD July 2012 - Scaling Storage with Ceph
vBACD July 2012 - Scaling Storage with CephvBACD July 2012 - Scaling Storage with Ceph
vBACD July 2012 - Scaling Storage with Ceph
 
vBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
vBACD July 2012 - Deploying Private PaaS with ActiveState StackatovBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
vBACD July 2012 - Deploying Private PaaS with ActiveState Stackato
 
CloudStack Hyderabad Meetup: Migrating applications to IaaS clouds
CloudStack Hyderabad Meetup: Migrating applications to IaaS cloudsCloudStack Hyderabad Meetup: Migrating applications to IaaS clouds
CloudStack Hyderabad Meetup: Migrating applications to IaaS clouds
 
vBACD July 2012 - Apache Hadoop, Now and Beyond
vBACD July 2012 - Apache Hadoop, Now and BeyondvBACD July 2012 - Apache Hadoop, Now and Beyond
vBACD July 2012 - Apache Hadoop, Now and Beyond
 
Introducing Xen Server
Introducing Xen ServerIntroducing Xen Server
Introducing Xen Server
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
 

Similar to Introduction to CloudStack Networking

BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
Rohit Agarwalla
 
SDN NFV NV OpenNetwork @ VMUG.IT 20150529
SDN NFV NV OpenNetwork @ VMUG.IT 20150529SDN NFV NV OpenNetwork @ VMUG.IT 20150529
SDN NFV NV OpenNetwork @ VMUG.IT 20150529
VMUG IT
 

Similar to Introduction to CloudStack Networking (20)

Silicon Valley CloudStack User Group - Introduction to Apache CloudStack
Silicon Valley CloudStack User Group - Introduction to Apache CloudStackSilicon Valley CloudStack User Group - Introduction to Apache CloudStack
Silicon Valley CloudStack User Group - Introduction to Apache CloudStack
 
Silicon Valley CloudStack User Group - Designing CloudStack Clouds
Silicon Valley CloudStack User Group - Designing CloudStack CloudsSilicon Valley CloudStack User Group - Designing CloudStack Clouds
Silicon Valley CloudStack User Group - Designing CloudStack Clouds
 
Nested CloudStack with VMware
Nested CloudStack with VMwareNested CloudStack with VMware
Nested CloudStack with VMware
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networking
 
Introduction to CloudStack Networking
Introduction to CloudStack NetworkingIntroduction to CloudStack Networking
Introduction to CloudStack Networking
 
CloudStack 101 CCCEU13
CloudStack 101 CCCEU13CloudStack 101 CCCEU13
CloudStack 101 CCCEU13
 
cisco csr1000v
cisco csr1000vcisco csr1000v
cisco csr1000v
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013
 
Lesson learns from Japan cloud trend
Lesson learns from Japan cloud trendLesson learns from Japan cloud trend
Lesson learns from Japan cloud trend
 
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
Cisco SDN/NVF Innovations (SDN NVF Day ITB 2016)
 
BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
 
Presentation cloud computing and the internet
Presentation cloud computing and the internetPresentation cloud computing and the internet
Presentation cloud computing and the internet
 
5 cisco open_stack
5 cisco open_stack5 cisco open_stack
5 cisco open_stack
 
The Hitch-Hikers Guide to Data Centre Virtualization and Workload Consolidation:
The Hitch-Hikers Guide to Data Centre Virtualization and Workload Consolidation:The Hitch-Hikers Guide to Data Centre Virtualization and Workload Consolidation:
The Hitch-Hikers Guide to Data Centre Virtualization and Workload Consolidation:
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
 
VMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
VMworld 2014: How I Learned to Stop Worrying and Love the Public CloudVMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
VMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
 
VMworld 2013: Case Study: VMware vCloud Ecosystem Framework for Network and S...
VMworld 2013: Case Study: VMware vCloud Ecosystem Framework for Network and S...VMworld 2013: Case Study: VMware vCloud Ecosystem Framework for Network and S...
VMworld 2013: Case Study: VMware vCloud Ecosystem Framework for Network and S...
 
SDN NFV NV OpenNetwork @ VMUG.IT 20150529
SDN NFV NV OpenNetwork @ VMUG.IT 20150529SDN NFV NV OpenNetwork @ VMUG.IT 20150529
SDN NFV NV OpenNetwork @ VMUG.IT 20150529
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet Topologies
 
BRKCRS-2110.pdf
BRKCRS-2110.pdfBRKCRS-2110.pdf
BRKCRS-2110.pdf
 

More from ShapeBlue

Intorduction to clocker at cloudstack european user group
Intorduction to clocker at cloudstack european user groupIntorduction to clocker at cloudstack european user group
Intorduction to clocker at cloudstack european user group
ShapeBlue
 
Radware bringing mission and performance critical applications to cloud sta...
Radware bringing mission and performance critical applications to cloud sta...Radware bringing mission and performance critical applications to cloud sta...
Radware bringing mission and performance critical applications to cloud sta...
ShapeBlue
 
Designing cloud stack clouds geoff higginbottom/shapeblue
Designing cloud stack clouds geoff higginbottom/shapeblueDesigning cloud stack clouds geoff higginbottom/shapeblue
Designing cloud stack clouds geoff higginbottom/shapeblue
ShapeBlue
 
Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014
ShapeBlue
 

More from ShapeBlue (20)

Sebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerSebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and docker
 
Wido den hollander cloud stack and ceph
Wido den hollander cloud stack and cephWido den hollander cloud stack and ceph
Wido den hollander cloud stack and ceph
 
Sebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearSebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next year
 
Giles sirett welcome and cloud stack news
Giles sirett welcome and cloud stack newsGiles sirett welcome and cloud stack news
Giles sirett welcome and cloud stack news
 
Rohit yadav cloud stack internals
Rohit yadav cloud stack internalsRohit yadav cloud stack internals
Rohit yadav cloud stack internals
 
So you think you can contribute?
So you think you can contribute?So you think you can contribute?
So you think you can contribute?
 
Redundant Virtual Private Clouds
Redundant Virtual Private CloudsRedundant Virtual Private Clouds
Redundant Virtual Private Clouds
 
XenServer HA Improvements
XenServer HA ImprovementsXenServer HA Improvements
XenServer HA Improvements
 
CloudStack User Group Overview And News - 12 feb 2015
CloudStack User Group Overview And News - 12 feb 2015CloudStack User Group Overview And News - 12 feb 2015
CloudStack User Group Overview And News - 12 feb 2015
 
Whats New in Apache CloudStack Version 4.5
Whats New in Apache CloudStack Version 4.5Whats New in Apache CloudStack Version 4.5
Whats New in Apache CloudStack Version 4.5
 
Science logic cloudstack london meetup 2015 02-11
Science logic cloudstack london meetup 2015 02-11Science logic cloudstack london meetup 2015 02-11
Science logic cloudstack london meetup 2015 02-11
 
Intorduction to clocker at cloudstack european user group
Intorduction to clocker at cloudstack european user groupIntorduction to clocker at cloudstack european user group
Intorduction to clocker at cloudstack european user group
 
Radware bringing mission and performance critical applications to cloud sta...
Radware bringing mission and performance critical applications to cloud sta...Radware bringing mission and performance critical applications to cloud sta...
Radware bringing mission and performance critical applications to cloud sta...
 
Designing cloud stack clouds geoff higginbottom/shapeblue
Designing cloud stack clouds geoff higginbottom/shapeblueDesigning cloud stack clouds geoff higginbottom/shapeblue
Designing cloud stack clouds geoff higginbottom/shapeblue
 
Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentationKaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent launch presentation
 
Citrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceCitrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-Service
 
Hybrid Enterprise IaaS Cloud - what you need to know!
Hybrid Enterprise IaaS Cloud - what you need to know!Hybrid Enterprise IaaS Cloud - what you need to know!
Hybrid Enterprise IaaS Cloud - what you need to know!
 
ShapeBlue South Africa Launch-Iaas business use cases
ShapeBlue South Africa Launch-Iaas business use cases ShapeBlue South Africa Launch-Iaas business use cases
ShapeBlue South Africa Launch-Iaas business use cases
 
Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014Cloudstack user group 26 june 2014
Cloudstack user group 26 june 2014
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Introduction to CloudStack Networking

  • 1. Introduction to CloudStack Networking Geoff Higginbottom CTO ShapeBlue geoff.higginbottom@shapeblue.com Twitter: @CloudStackGuru @ShapeBlue
  • 2. About Me   Cloud Architect & ShapeBlue CTO Specialise in….       Designing & Building Clouds based on Apache CloudStack / Citrix CloudPlatform Developing CloudStack training Blogging and sharing CloudStack knowledge Involved with CloudStack before donation to Apache Designed Clouds for SunGard, Ascenty, BskyB, Trader Media, M5 Hosting, Team Cymru, Interoute, University of Pennsylvania.… CloudStack Committer (non-developer) @ShapeBlue #CloudStack #CCCEU13
  • 3. About ShapeBlue “ShapeBlue are expert builders of public & private clouds. They are the leading global independent CloudStack / CloudPlatform integrator & consultancy” @ShapeBlue #CloudStack #CCCEU13
  • 4. Why NaaS – The Use Cases VPS Cloud @ShapeBlue #CloudStack #CCCEU13
  • 5. Why NaaS – The Use Cases @ShapeBlue #CloudStack #CCCEU13
  • 6. Basic Networking       AWS Style L3 isolation – Massive Scale Simple Flat Network Each POD has a unique CIDR Optional Guest Isolation via Security Groups Optional NetScaler Integration - Elastic IPs and Elastic LB Optional Nicira NVP Integration @ShapeBlue #CloudStack #CCCEU13
  • 7. Security Groups      Isolate traffic between VMs Available for both Basic and Advanced Networking Only supported on XenServer 6.x and KVM XenServer 6.0.x requires the Cloud Support Package XenServer must use Linux Bridge and not Open vSwitch   xe-switch-network-backend bridge Must be implemented before adding to CloudStack @ShapeBlue #CloudStack #CCCEU13
  • 8. Security Groups  Rules can be mapped to CIDR or another Account/Security Group @ShapeBlue #CloudStack #CCCEU13
  • 9. Advanced Networking   This network model provides the most flexibility in defining guest networks and providing custom network offerings such as firewall, VPN, Load Balancer & VPC functionality. Guest isolation is provided through layer-2 means such as VLANs or SDN technologies @ShapeBlue #CloudStack #CCCEU13
  • 10. Advanced Networking    Private and Shared Guest Networks Multiple Physical Networks Virtual Router for each Network providing:       DNS & DHCP Firewall Client VPN Load Balancing Source / Static NAT Port Forwarding @ShapeBlue #CloudStack #CCCEU13
  • 11. Advanced Networking & Security Groups  Effectively enables the deployment of multiple ‘Basic’ style networks which use Security Groups for isolation of VMs, but with each Network encapsulated within a unique VLAN. @ShapeBlue #CloudStack #CCCEU13
  • 12. Management Network Traffic between CloudStack Management Servers and the various cloud components (Hosts, System VMs, Storage*, vCenter etc) @ShapeBlue #CloudStack #CCCEU13
  • 13. Guest Network – Advanced Zone Traffic between VMs within an Account, and their Virtual Router, Physical Load Balancer or Physical Firewall @ShapeBlue #CloudStack #CCCEU13
  • 14. Guest Network – Basic Zone Traffic between VMs on the network and their Internet Gateway @ShapeBlue #CloudStack #CCCEU13
  • 15. Guest Network – Basic Zone EIP / ELB Traffic between VMs and the Internal Interface of the NetScaler @ShapeBlue #CloudStack #CCCEU13
  • 16. Public Network – Advanced Zone Traffic between the Virtual Router and the Internet Gateway @ShapeBlue #CloudStack #CCCEU13
  • 17. Public Network - Basic Zone EIP / ELB Only present in a Basic Zone when a Citrix NetScaler is used to provide Elastic IP and Elastic LB @ShapeBlue #CloudStack #CCCEU13
  • 18. Public Network – System VMs CPVM & SSVM both have a connection to the Public Network @ShapeBlue #CloudStack #CCCEU13
  • 19. Storage Network     Traffic between SSVM and the Secondary Storage Optional Network, traffic will use the Management Network if not configured. If configured, there must be a route between Management and Storage Networks It is NOT for Primary Storage Traffic @ShapeBlue #CloudStack #CCCEU13
  • 21. Basic Zone – Example IP Schema @ShapeBlue #CloudStack #CCCEU13
  • 22. Advanced Zone – Example IP Schema @ShapeBlue #CloudStack #CCCEU13
  • 23. Network Service Providers  A Hardware or Virtual Appliance that provide Network Services to CloudStack e.g.  Virtual Router VPC Virtual Router Internal LBVM Citrix NetScaler F5 Load Balancer Juniper SRX Firewall          Nicira Nvp Midokura Midonet BigSwitch Vns Cisco VNMC @ShapeBlue #CloudStack #CCCEU13
  • 24. Virtual Private Clouds (VPC)      Private multi-tiered Virtual Networks ACLs to control traffic isolation Inter VLAN Routing Site-2-Site VPN Private Gateway @ShapeBlue #CloudStack #CCCEU13
  • 25. VPC Components Virtual Router – Connects all the VPC Components Network Tiers – Isolated Networks, each with unique VLAN and CIDR @ShapeBlue #CloudStack #CCCEU13
  • 26. VPC Components Public Gateway Site-2-Site VPN Linked to Public Gateway @ShapeBlue #CloudStack #CCCEU13
  • 27. VPC Components Private Gateway Created by Root Admins Configured by Users (Static Routes) @ShapeBlue #CloudStack #CCCEU13
  • 32. System VMs & Their Networks Virtual Router @ShapeBlue #CloudStack #CCCEU13
  • 33. System VMs & Their Networks Virtual Router @ShapeBlue #CloudStack #CCCEU13
  • 34. System VMs & Their Networks Secondary Storage VM @ShapeBlue #CloudStack #CCCEU13
  • 35. System VMs & Their Networks SSVM – VM Image / ISO Upload Workflow @ShapeBlue #CloudStack #CCCEU13
  • 36. System VMs & Their Networks Console Proxy VM @ShapeBlue #CloudStack #CCCEU13
  • 37. System VMs & Their Networks CPVM – Remote Connection @ShapeBlue #CloudStack #CCCEU13
  • 38. Recent Networking Improvements (4.1 & 4.2)           Numerous VPC Improvements Add & Remove NICs / Networks Multiple IPs on Single NIC Persistent Networks Configurable Default Egress Behaviour Non Contiguous VLAN Ranges Enhanced SRX & F5 Support PVLANs GLSB IPv6 – (Technical Demo) @ShapeBlue #CloudStack #CCCEU13
  • 39. Further Information     Lots of great technical info on http://shapeblue.com/blog/ These slides can be found at www.slideshare.net/shapeblue geoff.higginbottom@shapeblue.com @CloudStackGuru @ShapeBlue #CloudStack #CCCEU13

Editor's Notes

  1. eSkyCityBroker BinSunGardCiscoOrangeT-Mobile
  2. Guest VMs and Hosts can be on different VLANs even though Admin Guide states they cannot
  3. XenServer requires the CloudStack Support Package to be installed BEFORE adding to CloudStack in order to use Security GroupsSecurity Groups - Guest VM will be assigned to ‘default’ security Group if none is specified – Denies all inbound but allows all outbound. VMs can belong to multiple security groups but not the Default SG and another SG. Ingress and Egress rules control the flow of traffic into and out of Security Groups. If no Egress rules have been specified all outbound traffic is allowed, however once an Egress Rule has been created, only traffic specified by Egress Rules, in response to an Ingress Rule or related to DHCP & DNS queries is allowed out.
  4. A Zone can be either Basic OR Advanced
  5. Private – limited to one accountShared – Accessible to either the whole Zone, a Domain (with or without subdomains), an Account or Project
  6. A Zone can be either Basic OR Advanced
  7. Traffic between CloudStack Management Servers and the various cloud componentsSecondary Storage also uses the Management Network of the optional ‘Storage’ network has not been configured.
  8. Advanced ZoneTraffic between VMs and their VR
  9. Basic Zone
  10. Basic Zone with EIP / ELB has a Public Network
  11. Enables services such as:Source NATStatic NATLoad BalancingPort ForwardingFirewallVPN
  12. Netscaler EIP & ELB
  13. SSVM & CPVM each have a Public Interface
  14. Optional NetworkSSVMManagement ServersHostsNOT FOR PRIMARY STORAGE
  15. Virtual RouterVPC Virtual RouterInternal Load Balancer VMCitrix NetScalerF5 Load BalancerJuniper SRX FirewallNicira Network Virtualization PlatformMidokuraMidonetBigSwitch Virtual Network SegmentsCisco Virtual Network Management Center
  16. 23 min
  17. 27 min
  18. 29 min
  19. 31 min
  20. 33 min
  21. 35 min
  22. 37 min