This document describes how the VPC feature of cloudstack 4.0 differs from the 3.0.x networking features, and how to create a VPC.

1. Implementing CloudStack's
VPC feature
Marcus Sorensen
BetterServers, Inc

2. CloudStack 3.x network
VMs on a network

3. CloudStack 3.x network
VMs on multiple networks

4. CloudStack 3.x network
VMs w/NAT router on networks

5. CloudStack 3.x network
No inter-vlan communication for customer's
private networks

6. What's a VPC?
● Has multiple meanings
● In CloudStack, a VPC is:
– A virtual router
– One or more isolated networks
– One or more virtual machine instances
– Associated services
● ACLs
● Source NAT
● Static NAT
● Port Forwarding
● Load balancing
● VPN

7. CloudStack 4.x VPC
VPC router provides inter-vlan access

8. VPC Router
● Debian-based system VM
● CloudStack controlled/configured
● HAProxy load balancer
● iptables rules for ACLs, NAT, port forwarding
● 1 NIC one each isolated network, one on
public
● Gives customers a full datacenter experience

9. Creating a VPC
Find the VPC section

10. Creating a VPC
Click 'Add VPC' and define

11. Creating a VPC
Once VPC is created, click 'configure VPC'

12. Creating a VPC
Create one or more tiers

13. Creating a VPC
Add VMs

14. Creating a VPC
Create ACLs, get more IPs, etc

15. Current Limitations
● Advanced Zones only
● Load Balanced service offering only available on
one of your isolated networks
● Only one NIC/isolated network per VM instance
● Need to acquire separate IPs for Static NAT, Port
forwarding, etc
● Only Site to Site VPN, no remote access VPN
● No redundant router mode

16. Advanced: Roll your own VPC
● Create an instance
● Attach to multiple isolated networks and a
public network
● Configure instance as router
● Create template of instance to deploy
subsequent routers

17. Questions?
https://cwiki.apache.org/CLOUDSTACK/inter-vlan-routing.html