THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Page History
...
This
...
guide
...
is
...
geared
...
more towards CS 4.0
...
(build
...
140)
...
and
...
vSphere5
...
,
...
however,
...
the
...
same
...
concept
...
should
...
apply
...
to
...
other
...
hypervisors
...
types
...
like
...
KVM
...
and
...
XEN.
...
This
...
is
...
NOT a beginners guide, please use your judgement and substitute values as necessary.
Disclaimer
...
The CS4.0 build 140 is defined on purpose in this document - there are known UI issues that have been already addressed - however, since no update/patch has been officially released to address these issues (at the time of this writing) - in order to configure Advanced Networking - we must use API calls to substitute what GUI could not accomplish. The newer releases should address the UI limitations and API calls may not be necessary. Nevertheless, its a good learning experience.
...
What This Guide Covers
- CloudStack Advanced Network Concepts
- Physical Networks and Mapping
- VLAN Tagging
- Usage of Virtual Switches
- Network Offerings
- API Usage and CloudMokey CLI
- Troubleshooting
Assumptions
- Used CloudStack previously and have basic network setup functional
- Able to provision VMs in basic network setup and your setup is fully operational
- Have understanding of basic terminology - go to this page for CS4 Documentation
- Root access to your hypervisors/virtual center and know your network topology
- Minimal experience with using APIs and/or CloudMonkey CLI
- Able to tell what config options must change to suit your environment
Getting Started
If you attempted to create Advanced Networking - but for some reason it did not work and you would like to start over
- If you've tried previously to configure CS within your environment and it has not worked, before you begin, make sure you environment is clean from all previous attempts. I will use VSphere 5 as an example, translate it to a hypervisor of your choice.
- Remove all network modifications on your Hypervisors/Cluster created by CS
- Remove all storage modifications on your Hypervisors/Cluster created by CS
- Remove all content from NFS primary and secondary datastore (i'm making assumption that data is not needed) or present a new primary and secondary NFS datastore
- Remove all references from CS about the zone/pod/cluster/storage/networks/hosts
...
- you
...
- attempted
...
- to
...
- add
...
- but
...
- failed
...
If
...
- there
...
- are
...
- remnants
...
- of
...
- previous
...
- setup
...
- -
...
- there
...
- is
...
- a
...
- chance
...
- your
...
- Zone
...
- Deployment
...
- may
...
- fail
...
- -
...
- therefore,
...
- please
...
- confirm
...
- that
...
- your
...
- environment
...
- is
...
- in
...
- pristine state as it was pre-CloudStack
...
- Zone
...
- Deployment
...
- operation
Pretext
The example environment in this tutorial consists of:
Physical gear and OS:
- 3 x HP BL465 G8 Servers as hypervisors
- Each hypervisor has 6 NICs
- VmWare vSphere 5.0 u1 and Virtual Center 5.0
Hypervisor Network Layout - same on all 3 hosts:
-------------------------------------------------------------
...
-
- vSwitch0 - Virtual Switch for Management - 2 Physical NICs assigned
- Management Network - Portgroup for Management vnic vmk0
- NO VLAN TAGGING
- Management Network - Portgroup for Management vnic vmk0
- vSwitch1 - Virtual Switch for vMotion Network - 2 Physical NICs assigned
- vMotion - PortGroup for vMotion operations
- NO VLAN TAGGING
- vMotion - PortGroup for vMotion operations
- vSwitch2 - Virtual Switch for Guest VMs TRUNK Network - 2 Physical NICs assigned
- MGMT - PortGroup for VMs on Management Network
- VLAN TAG/ID 1045
- DEV - PortGroup for VMs on Development Network
- VLAN TAG/ID 1075
- MGMT - PortGroup for VMs on Management Network
Step 1: Import system template
SSH to your CS4 environment
Mount the secondary NFS storage to /mnt/secondary on CS4
Run
| Code Block |
|---|
* *vSwitch0* \- Virtual Switch for Management \- 2 Physical NICs assigned ** *Management Network* \- Portgroup for Management vnic vmk0 *** *NO VLAN TAGGING* * *vSwitch1* \- Virtual Switch for vMotion Network - 2 Physical NICs assigned ** *vMotion* \- PortGroup for vMotion operations *** *NO VLAN TAGGING* * *vSwitch2* \- Virtual Switch for Guest VMs TRUNK Network - 2 Physical NICs assigned ** *MGMT* \- PortGroup for VMs on Management Network *** *VLAN TAG/ID 1045* ** *DEV* \- PortGroup for VMs on Development Network *** *VLAN TAG/ID 1075* h2. Step 1: Import system template SSH to your CS4 environment Mount the secondary NFS storage to /mnt/secondary on CS4 Run {code}/usr/lib64/cloud/common/scripts/storage/secondary/cloud-install-sys-tmplt -m /mnt/secondary/ -u http://download.cloud.com/templates/burbank/burbank-systemvm-08012012.ova -h vmware{code} h2. Step |
Step 2:
...
Create
...
a
...
network
...
topology
...
map
...
for
...
your
...
reference
...
It
...
is
...
recommended
...
to
...
create
...
layout
...
of
...
how
...
you
...
believe
...
CloudStack
...
IP
...
allocation
...
will
...
take
...
place,
...
hence
...
a
...
quick
...
write
...
up
...
of
...
what
...
networks
...
get
...
what
...
assignments
...
is
...
very
...
helpful.
...
In
...
my
...
case,
...
i
...
wanted
...
to
...
be
...
able
...
to
...
deploy
...
DEV
...
and
...
MGMT
...
VMs
...
on
...
vSwitch2
...
that
...
uses
...
VLAN
...
tagging,
...
while
...
CS
...
Managment/Storage
...
VMs
...
would
...
reside
...
on
...
vSwitch0
...
(w/o
...
VLAN
...
tag).
...
If
...
you
...
would
...
like
...
to
...
move
...
your
...
CS
...
Management
...
VMs
...
to
...
VLAN
...
tag'ed
...
network
...
- you will need to confirm that you meet minimum requirements for CS described in Setup Guide and alter the CS Global Settings to change the default portgroup name "Management Network" for vmware - if its different.
Network we need to define before we begin:
- CloudStack Networks
- Management - used by management nodes
- Storage - used by secondary storage node
- VM Instance Networks
- Public - network used for VMs and Internet (used only if you do Isolated Mode)
- Guest - network used for internal VM communication
Below is the sample table created for easy of IP space accounting
VmWare Virtual Switch | CS Physical Network | VmWare PortGroup Name | Network | Subnet | Gateway | VLAN TAG | CS Traffic Type | Network IP Range |
|---|---|---|---|---|---|---|---|---|
vSwitch0 | vSwitch0-CS-Dev-MGMT-PN |
...
Management |
...
Network |
...
10.25.243.0 |
...
255.255.255.0 |
...
10.25.243.1 |
...
NONE | CS Management | 10.25.243.140 |
...
- 10.25.243.146 |
...
vSwitch0 | vSwitch0-CS-Dev-MGMT-PN |
...
Management |
...
Network |
...
10.25.243.0 |
...
255.255.255.0 |
...
10.25.243.1 |
...
NONE | CS Storage | 10.25.243.147 |
...
- 10.25.243.149 |
...
vSwitch2 | vSwitch2-CS-Dev-Public-PN |
...
MGMT | 10.25.243.0 |
...
255.255.255.0 |
...
10.25.243.1 |
...
1045 | Public | 10.25.243.195 |
...
- 10.25.243.199 |
...
vSwitch2 | vSwitch2-CS-Dev-Public-PN |
...
DEV | 10.28.18.0 |
...
255.255.254.0 |
...
10.28.18.1 |
...
1075 | Public | 10.28.19.195 |
...
- |
...
10.28.19.199 |
...
vSwitch2 | vSwitch2-CS-Dev-MGMT-PN |
...
MGMT | 10.25.243.0 |
...
255.255.255.0 |
...
10.25.243.1 |
...
1045 | Guest | 10.25.243.150 |
...
- 10.25.243.194 |
...
vSwitch2 | vSwitch2-CS-Dev-DEV-PN |
...
DEV | 10.28.18.0 |
...
255.255.254.0 |
...
10.28.18.1 |
...
1075 | Guest | 10.28.19.150 |
...
- |
...
10.28.19.194 |
...
You
...
will
...
need
...
administrative
...
VC
...
user
...
and
...
password
...
when
...
configuring
...
vSphere
...
Cluster
...
with
...
CS.
...
The
...
above
...
table
...
gives
...
you
...
an
...
overview
...
of
...
what
...
I
...
have
...
setup.
...
Please
...
note
...
that
...
while
...
i
...
have
...
listed
...
6
...
Physical
...
Network
...
names
...
-
...
we
...
only
...
need
...
to
...
create
...
4.
...
vSwitch0-CS-Dev-MGMT-PN,
...
vSwitch2-CS-Dev-Public-PN,
...
vSwitch2-CS-Dev-MGMT-PN
...
and vSwitch2-CS-Dev-DEV-PN.
...
Moreover,
...
the
...
concept
...
of
...
Public
...
IP
...
space
...
in
...
Advanced
...
Network
...
Shared
...
setup
...
does
...
not
...
apply
...
-
...
as
...
it
...
is
...
meant
...
to
...
be
...
used
...
for
...
internal
...
Non-Isolated
...
network.
...
Therefore,
...
i've
...
allocated
...
a
...
very
...
small
...
amount
...
of
...
public
...
IP
...
space
...
that
...
will
...
be
...
used
...
by
...
CS
...
management
...
VMs
...
only.
...
If
...
you
...
are
...
using
...
Isolated
...
mode,
...
then
...
you
...
should
...
assign
...
more
...
public
...
IP space, if you are running traditional Shared internal environment - then 5 IPs on each network should be enough.
Step 3: Add Zone/POD/Cluster
...
via
...
UI
...
Before
...
you
...
begin
...
-
...
you
...
can
...
see
...
my
...
cluster
...
network
...
setup
...
in
...
Virtual
...
Center.
...
I've
...
removed
...
all
...
remnants
...
of
...
existing
...
CS
...
network
...
setup
...
as
...
I've
...
done
...
this
...
several
...
times
...
before.
This screenshot shows the storage setup - also clean from previous CS storage setup attempts.
Next is to import the System VM image for VmWare.
Login to CS with user that has admin privileges, this screenshot has Citrix CloudPlatform Logo - which is a bug that will be addressed in CS4.0.1
Navigate to Infrastructure > Zones, click Add Zone
Choose Advanced Zone
. 
Complete the required fields for Setup Zone page
When you get to Setup Network, define your Physical Network Names, in my case I created 4 Physical Networks - as defined in Network Map above.
Note that I've placed CS Management and Storage Traffic on vSwitch0-CS-Dev-MGMT-PN
...
The
...
Public
...
traffic
...
on
...
vSwitch2-CS-Dev-Public-PN
...
The
...
Guest
...
traffic
...
for
...
2
...
of
...
my
...
tagged
...
VLANs
...
on
...
vSwitch2-CS-Dev-MGMT-PN
...
and vSwitch2-CS-Dev-DEV-PN
...
.
Press Edit on each Traffic Type and and specify the respective VmWare vSwitch (reminder you must use non distributed virtual switch - the support for dVs will be in CS version 4.1).
Once you've defined all VMWare Traffic Labels for all of your Traffic Types, proceed to the next step.
Screenshot shows how i've defined 2 Public Networks for DEV and MGMT. This is only required of your are using Isolated Mode in your Network Offering. To make an analogy of what Isolated mode means, look at how AWS does IaaS. They offer an Internal IP address as well as External IP address. If If you are planning to run your environment in traditional manner where NATing is handled by Firewalls, your don't need to define Public Network for your guest VMs. A small public network IP range is required only for Management VMs.
Define you POD on the page below as well as IP space for CS Management Network
I've purposely left VLAN Range blank for both Physical Networks on Guest Traffic and will do this through API/CLI commands later. This function has not worked as expected through UI interface and Network has not been created.
On the Storage Traffic page, define the IP range for your storage network. For simplicity, i did not use a VLAN tagged network.
The screenshot below defined the VmWare cluster information, you will need a user that is able to login to a virtual center with administrative privileges.
Primary storage is where your guest VMs are going to live.In this example its NFS based, make sure you have proper network access to CS and your hypervisors. 
Secondary storage is where your templates are going to reside, make sure it has proper network access to CS and your hypervisors.
Last but not least - if you've done everything properly, you should see a Ready Page to Launch a Zone.
I'd strongly recommend to open Virtual Center and look for the progress CS makes when it goes through the setup process.
When you get to enable the Zone page, launch an ssh session to cloudstack server and tail the /var/log/cloud/management/management-server.log.
...
Note
...
that
...
you
...
will
...
be
...
getting
...
occasional
...
warning
...
and
...
errors
...
-
...
as
...
it
...
tries
...
to
...
deploy
...
multiple
...
components
...
-
...
this
...
is
...
normal.
...
What
...
is
...
not
...
normal
...
is
...
when
...
you
...
see
...
the
...
same
...
error
...
repeating
...
over
...
and
...
over
...
for
...
extended
...
period
...
of
...
time
...
-
...
if
...
thats
...
the
...
case,
...
proceed
...
to
...
troubleshooting
...
section.
...
Here
...
is
...
an
...
example
...
of
...
what
...
you
...
may
...
see...
...
The initial setup process may take upto 10 minutes depending on your environment. I'd recommend to wait it out and proceed only once the initial setup is successful.
Before we proceed, make sure that Storage VM (s-XXX-VM)
...
and
...
Proxy
...
VM
...
(v-XXX-VM)
...
have
...
been
...
deployed.
...
At
...
this
...
point
...
we
...
are
...
half
...
way
...
done
...
and
...
will
...
proceed
...
to
...
a
...
more
...
sophisticated
...
part
...
of
...
this
...
tutorial.
...
Step
...
4:
...
Creating
...
API
...
Keys
...
and
...
Signature
...
for
...
CloudMonkey
...
CLI
...
CloudStack
...
provides
...
a
...
CLI
...
called
...
CloudMonkey.
...
To
...
install
...
CloudMonkey,
...
please
...
visit
...
this
...
CloudMonkey Tutorial for detailed instructions. Once installed, proceed with generating required keys.
Navigate to Accounts tab and select the desired user (admin privileges required)
Once on Users Tab, click on "View Users" to see additional permission and settings for this user.
Under Details Tab, press on the Key Icon to generate the API Keys.
Launch CloudMokey CLI in your ssh terminal and setup the initial settings/attributes in order for CLI to interact with CloudStack core server.
| Code Block |
|---|
Tutorial|https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+cloudmonkey+CLI] for detailed instructions. Once installed, proceed with generating required keys. Navigate to Accounts tab and select the desired user (admin privileges required) h2. !redo-cs-advance-setup25.png|border=1! Once on Users Tab, click on "View Users" to see additional permission and settings for this user. !redo-cs-advance-setup26.png|border=1! Under Details Tab, press on the Key Icon to generate the API Keys. !redo-cs-advance-setup27.png|border=1! Launch CloudMokey CLI in your ssh terminal and setup the initial settings/attributes in order for CLI to interact with CloudStack core server. {code} > set host <CS-hostname> > set port 8080 > set apikey <put-your-api-key-for-your-user> > set secretkey <put-your-secret-key-for-your-user> > set prompt mycloudmonkey> {code} |
To
...
test
...
it,
...
run
...
"list
...
zones"
...
command,
...
the
...
example
...
screenshot
...
is
...
below.
Step 5: Creating Network Offering
In order for VMs to have network functinality we need to create a network offering and networks.
Network Offering is a collection of network services VM will have an access to. For example, if you would like to have DHCPD, DNS, LoadBalancing and UserData services offered, we need to create Network Offering with these services.
In order to create the Network Offerings, we must first Tag Guest Traffic in Physical Networks.
Navigate to Infrastructure, Zones, choose your Zone and press on Physical Network.
Press on each Physical Network that has a Guest Traffic Type and define a tag. My setup has only 2 Guest Traffic Types, 1 in each Physical Network respectively. In the example below, you will see that I use {Physical Network Name}-Guest-tag, this naming convention is optional and only my preference. Make sure to leave VLAN information blank, we will do this portion through API/CLI shortly.
Upon completion, navigate to Service Offerings and choose Network Offering from the drop down menu and press on "Add network offering" button. In this example, I kept it very basic and only enable DHCP, DNS and UserData services that are offered by Default Virtual Router system offering that comes with CS. For the proof of concept, i suggest keeping it simple - you can revisit this section and add more services once you get your environment functional with VLAN tagging.
Once you service offering has been created, open it by pressing on its name and enable it.
Part 6: Create networks through CloudMokey CLI
In order to create the networks for each of our Guest Traffic Types, we need to get the following information from API/CLI.
ZoneID - the ID of the zone you've created in Step 3
NetworkOfferingID - the ID of the network offering created in Step 5
PhysicalNetworkID - in this example i have 2 physical network ID
Network Information - this includes ip range, subnet mask, gateway and vlan for each Guest Traffic.
Below is the set of screenshots and commands i run in order to get the required IDs.
| Code Block |
|---|
list zones | grep -iE 'id|name|----'
list networkofferings | grep -iE 'id|name|----'
list physicalnetworks
|
Note the required IDs and keep them handy for the next step of creating a network. You can see the command i've executed below. This screenshot shows an example of how I created the CS-DEV-vSwitch2-DEV-Network
One more run for the CS-DEV-vSwitch2-MGMT-Network
If all is done correctly, you can navigate to a Networks in CS and see your Networks displayed.
Almost done, in order to activate these networks, we will need to deploy an instance from one of the templates and choose the network offering you've created. I'm not putting any screenshots for that part - as I assume you know how to do that.
Troubleshooting
If for some reason, the deployment did not go as expected, here are some pointers of what you can do to understand and correct the issue.
- Inspect the /var/log/cloud/management/management-server.log for specifics of what CloudStack Core does.
- Inspect the /var/log/cloud/management/api-server.log to see what API commands have been executed and error details if it failed.
- Review the Virtual Center Recent Task tab for additional information on what CS does.
How to get more help?
CloudStack community is very involved and helps users fairly quickly.
First, please search the existing mailing lists for cloudstack-users and cloudstack-dev on http://markmail.org/
Reach out to cloudstack-users mailing list and join our IRC channel on irc.freenode.com - channel #cloudstack
Author Info
This document is written and maintained by ilya musayev, IRC: serverchief
Overview
Content Tools
Apps