etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-832, CLOUDSTACK-812,CLOUDSTACK-808

This commit is contained in:
unknown 2013-04-24 23:06:25 +05:30
parent 7e5fd88f7c
commit b7f5197c85
9 changed files with 425 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
docs/en-US/about-working-with-vms.xml
View File

@ -3,37 +3,62 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="about-working-with-vms">
<title>About Working with Virtual Machines</title>
<para>&PRODUCT; provides administrators with complete control over the lifecycle of all guest VMs executing in the cloud. &PRODUCT; provides several guest management operations for end users and administrators. VMs may be stopped, started, rebooted, and destroyed.</para>
<para>Guest VMs have a name and group. VM names and groups are opaque to &PRODUCT; and are available for end users to organize their VMs. Each VM can have three names for use in different contexts. Only two of these names can be controlled by the user:</para>
<itemizedlist>
<listitem><para>Instance name a unique, immutable ID that is generated by &PRODUCT;, and can not be modified by the user. This name conforms to the requirements in IETF RFC 1123.</para></listitem>
<listitem><para>Display name the name displayed in the &PRODUCT; web UI. Can be set by the user. Defaults to instance name.</para></listitem>
<listitem><para>Name host name that the DHCP server assigns to the VM. Can be set by the user. Defaults to instance name</para></listitem>
</itemizedlist>
<para>Guest VMs can be configured to be Highly Available (HA). An HA-enabled VM is monitored by the system. If the system detects that the VM is down, it will attempt to restart the VM, possibly on a different host. For more information, see HA-Enabled Virtual Machines on </para>
<para>Each new VM is allocated one public IP address. When the VM is started, &PRODUCT; automatically creates a static NAT between this public IP address and the private IP address of the VM.</para>
<para>If elastic IP is in use (with the NetScaler load balancer), the IP address initially allocated to the new VM is not marked as elastic. The user must replace the automatically configured IP with a specifically acquired elastic IP, and set up the static NAT mapping between this new IP and the guest VMs private IP. The VMs original IP address is then released and returned to the pool of available public IPs.</para>
<para>&PRODUCT; cannot distinguish a guest VM that was shut down by the user (such as with the “shutdown” command in Linux) from a VM that shut down unexpectedly. If an HA-enabled VM is shut down from inside the VM, &PRODUCT; will restart it. To shut down an HA-enabled VM, you must go through the &PRODUCT; UI or API.</para>
<title>About Working with Virtual Machines</title>
<para>&PRODUCT; provides administrators with complete control over the lifecycle of all guest VMs
executing in the cloud. &PRODUCT; provides several guest management operations for end users and
administrators. VMs may be stopped, started, rebooted, and destroyed.</para>
<para>Guest VMs have a name and group. VM names and groups are opaque to &PRODUCT; and are
available for end users to organize their VMs. Each VM can have three names for use in different
contexts. Only two of these names can be controlled by the user:</para>
<itemizedlist>
<listitem>
<para>Instance name &ndash; a unique, immutable ID that is generated by &PRODUCT; and can not
be modified by the user. This name conforms to the requirements in IETF RFC 1123.</para>
</listitem>
<listitem>
<para>Display name &ndash; the name displayed in the &PRODUCT; web UI. Can be set by the user.
Defaults to instance name.</para>
</listitem>
<listitem>
<para>Name &ndash; host name that the DHCP server assigns to the VM. Can be set by the user.
Defaults to instance name</para>
</listitem>
</itemizedlist>
<note>
<para>You can append the display name of a guest VM to its internal name. For more information,
see <xref linkend="append-displayname-vms"/>.</para>
</note>
<para>Guest VMs can be configured to be Highly Available (HA). An HA-enabled VM is monitored by
the system. If the system detects that the VM is down, it will attempt to restart the VM,
possibly on a different host. For more information, see HA-Enabled Virtual Machines on </para>
<para>Each new VM is allocated one public IP address. When the VM is started, &PRODUCT;
automatically creates a static NAT between this public IP address and the private IP address of
the VM.</para>
<para>If elastic IP is in use (with the NetScaler load balancer), the IP address initially
allocated to the new VM is not marked as elastic. The user must replace the automatically
configured IP with a specifically acquired elastic IP, and set up the static NAT mapping between
this new IP and the guest VMs private IP. The VMs original IP address is then released and
returned to the pool of available public IPs. Optionally, you can also decide not to allocate a
public IP to a VM in an EIP-enabled Basic zone. For more information on Elastic IP, see <xref
linkend="elastic-ip"/>.</para>
<para>&PRODUCT; cannot distinguish a guest VM that was shut down by the user (such as with the
“shutdown” command in Linux) from a VM that shut down unexpectedly. If an HA-enabled VM is shut
down from inside the VM, &PRODUCT; will restart it. To shut down an HA-enabled VM, you must go
through the &PRODUCT; UI or API.</para>
</section>

84
docs/en-US/append-displayname-vms.xml Normal file
View File

@ -0,0 +1,84 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="append-displayname-vms">
<title>Appending a Display Name to the Guest VMs Internal Name</title>
<para>Every guest VM has an internal name. The host uses the internal name to identify the guest
VMs. &PRODUCT; gives you an option to provide a guest VM with a display name. You can set this
display name as the internal name so that the vCenter can use it to identify the guest VM. A new
global parameter, vm.instancename.flag, has now been added to achieve this functionality.</para>
<para>The default format of the internal name is
i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;, where instance.name is a global
parameter. However, If vm.instancename.flag is set to true, and if a display name is provided
during the creation of a guest VM, the display name is appended to the internal name of the
guest VM on the host. This makes the internal name format as
i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;displayName&gt;. The default value of vm.instancename.flag
is set to false. This feature is intended to make the correlation between instance names and
internal names easier in large data center deployments.</para>
<para>The following table explains how a VM name is displayed in different scenarios.</para>
<informaltable>
<tgroup cols="5" align="left" colsep="1" rowsep="1">
<colspec colnum="1" colname="c1" colwidth="1.0*"/>
<colspec colnum="2" colname="c2" colwidth="1.31*"/>
<colspec colnum="3" colname="c3" colwidth="1.07*"/>
<colspec colnum="4" colname="c4" colwidth="2.6*"/>
<colspec colnum="5" colname="c5" colwidth="4.65*"/>
<thead>
<row>
<entry><para>User-Provided Display Name </para></entry>
<entry><para>vm.instancename.flag</para></entry>
<entry><para>Hostname on the VM</para></entry>
<entry><para>Name on vCenter</para></entry>
<entry><para>Internal Name</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>Yes</para></entry>
<entry><para>True</para></entry>
<entry><para>Display name</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-displayName</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-displayName</para></entry>
</row>
<row>
<entry><para>No</para></entry>
<entry><para>True</para></entry>
<entry><para>UUID</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
</row>
<row>
<entry><para>Yes</para></entry>
<entry><para>False</para></entry>
<entry><para>Display name</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
</row>
<row>
<entry><para>No</para></entry>
<entry><para>False</para></entry>
<entry><para>UUID</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
<entry><para>i-&lt;user_id&gt;-&lt;vm_id&gt;-&lt;instance.name&gt;</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>

45
docs/en-US/creating-network-offerings.xml
View File

@ -193,6 +193,51 @@
<para condition="admin">For more information, see <xref linkend="system-service-offerings"/>.</para>
<para condition="install">For more information, see the Administration Guide.</para>
</listitem>
<listitem>
<para><emphasis role="bold">LB Isolation</emphasis>: Specify what type of load balancer
isolation you want for the network: Shared or Dedicated.</para>
<para><emphasis role="bold">Dedicated</emphasis>: If you select dedicated LB isolation, a
dedicated load balancer device is assigned for the network from the pool of dedicated
load balancer devices provisioned in the zone. If no sufficient dedicated load balancer
devices are available in the zone, network creation fails. Dedicated device is a good
choice for the high-traffic networks that make full use of the device's
resources.</para>
<para><emphasis role="bold">Shared</emphasis>: If you select shared LB isolation, a shared
load balancer device is assigned for the network from the pool of shared load balancer
devices provisioned in the zone. While provisioning &PRODUCT; picks the shared load
balancer device that is used by the least number of accounts. Once the device reaches
its maximum capacity, the device will not be allocated to a new account.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Mode</emphasis>: You can select either Inline mode or Side by
Side mode:</para>
<para><emphasis role="bold">Inline mode</emphasis>: Supported only for Juniper SRX
firewall and BigF5 load balancer devices. In inline mode, a firewall device is placed in
front of a load balancing device. The firewall acts as the gateway for all the incoming
traffic, then redirect the load balancing traffic to the load balancer behind it. The
load balancer in this case will not have the direct access to the public network. </para>
<para><emphasis role="bold">Side by Side</emphasis>: In side by side mode, a firewall
device is deployed in parallel with the load balancer device. So the traffic to the load
balancer public IP is not routed through the firewall, and therefore, is exposed to the
public network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Associate Public IP</emphasis>: Select this option if you want
to assign a public IP address to the VMs deployed in the guest network. This option is
available only if</para>
<itemizedlist>
<listitem>
<para>Guest network is shared.</para>
</listitem>
<listitem>
<para>StaticNAT is enabled.</para>
</listitem>
<listitem>
<para>Elastic IP is enabled.</para>
</listitem>
</itemizedlist>
<para>For information on Elastic IP, see <xref linkend="elastic-ip"/>.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Redundant router capability</emphasis>. Available only when
Virtual Router is selected as the Source NAT provider. Select this option if you want to

90
docs/en-US/elastic-ip.xml Normal file
View File

@ -0,0 +1,90 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="elastic-ip">
<title>About Elastic IP</title>
<para>Elastic IP (EIP) addresses are the IP addresses that are associated with an account, and act
as static IP addresses. The account owner has complete control over the Elastic IP addresses
that belong to the account. You can allocate an Elastic IP to a VM of your choice from the EIP
pool of your account. Later if required you can reassign the IP address to a different VM. This
feature is extremely helpful during VM failure. Instead of replacing the VM which is down, the
IP address can be reassigned to a new VM in your account. Elastic IP service provides Static NAT
(1:1) service in an EIP-enabled basic zone. The default network offering,
DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network with EIP and ELB network
services if a NetScaler device is deployed in your zone. Similar to the public IP address,
Elastic IP addresses are also mapped to their associated private IP addresses by using Stactic
NAT.</para>
<para>The EIP work flow is as follows:</para>
<itemizedlist>
<listitem>
<para>When a user VM is deployed, a public IP is automatically acquired from the pool of
public IPs configured in the zone. This IP is owned by the VM's account.</para>
</listitem>
<listitem>
<para>Each VM will have its own private IP. When the user VM starts, Static NAT is provisioned
on the NetScaler device by using the Inbound Network Address Translation (INAT) and Reverse
NAT (RNAT) rules between the public IP and the private IP.</para>
<note>
<para>Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the destination
IP address is replaced in the packets from the public network, such as the Internet, with
the private IP address of a VM in the private network. Reverse NAT (RNAT) is a type of NAT
supported by NetScaler, in which the source IP address is replaced in the packets
generated by a VM in the private network with the public IP address.</para>
</note>
<para/>
</listitem>
<listitem>
<para>This default public IP will be released in two cases:</para>
<itemizedlist>
<listitem>
<para>When the VM is stopped. When the VM starts, it again receives a new public IP, not
necessarily the same one allocated initially, from the pool of Public IPs.</para>
</listitem>
<listitem>
<para>The user acquires a public IP (Elastic IP). This public IP is associated with the
account, but will not be mapped to any private IP. However, the user can enable Static
NAT to associate this IP to the private IP of a VM in the account. The Static NAT rule
for the public IP can be disabled at any time. When Static NAT is disabled, a new public
IP is allocated from the pool, which is not necessarily be the same one allocated
initially.</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<para>However, for the deployments where public IPs are limited resources, you have the
flexibility to choose not to allocate a public IP by default. You can use the Associate Public
IP option to turn on or off the automatic public IP assignment in the EIP-enabled Basic zones.
If you turn off the automatic public IP assignment while creating a network offering, only a
private IP is assigned to a VM when the VM is deployed with that network offering. Later, the
user can acquire an IP for the VM and enable static NAT.</para>
<para condition="admin">For more information on the Associate Public IP option, see <xref
linkend="creating-network-offerings"/>.</para>
<para condition="install">For more information on the Associate Public IP option, see the
Administration Guide.</para>
<note>
<para>The Associate Public IP feature is designed only for use with user VMs. The System VMs
continue to get both public IP and private by default, irrespective of the network offering
configuration.</para>
</note>
<para/>
<para>New deployments which use the default shared network offering with EIP and ELB services to
create a shared network in the Basic zone will continue allocating public IPs to each user
VM.</para>
</section>

83
docs/en-US/network-offerings.xml
View File

@ -22,25 +22,66 @@
under the License.
-->
<section id="network-offerings">
<title>Network Offerings</title>
<note><para>For the most up-to-date list of supported network services, see the &PRODUCT; UI or call listNetworkServices.</para></note>
<para>A network offering is a named set of network services, such as:</para>
<itemizedlist>
<listitem><para>DHCP</para></listitem>
<listitem><para>DNS</para></listitem>
<listitem><para>Source NAT</para></listitem>
<listitem><para>Static NAT</para></listitem>
<listitem><para>Port Forwarding</para></listitem>
<listitem><para>Load Balancing</para></listitem>
<listitem><para>Firewall</para></listitem>
<listitem><para>VPN</para></listitem>
<listitem><para>Optional) Name one of several available providers to use for a given service, such as Juniper for the firewall</para></listitem>
<listitem><para>(Optional) Network tag to specify which physical network to use</para></listitem>
</itemizedlist>
<para>When creating a new VM, the user chooses one of the available network offerings, and that determines which network services the VM can use.</para>
<para>The &PRODUCT; administrator can create any number of custom network offerings, in addition to the default network offerings provided by &PRODUCT;. By creating multiple custom network offerings, you can set up your cloud to offer different classes of service on a single multi-tenant physical network. For example, while the underlying physical wiring may be the same for two tenants, tenant A may only need simple firewall protection for their website, while tenant B may be running a web server farm and require a scalable firewall solution, load balancing solution, and alternate networks for accessing the database backend.</para>
<note><para>If you create load balancing rules while using a network service offering that includes an external load balancer device such as NetScaler, and later change the network service offering to one that uses the &PRODUCT; virtual router, you must create a firewall rule on the virtual router for each of your existing load balancing rules so that they continue to function.</para></note>
<para>When creating a new virtual network, the &PRODUCT; administrator chooses which network offering to enable for that network. Each virtual network is associated with one network offering. A virtual network can be upgraded or downgraded by changing its associated network offering. If you do this, be sure to reprogram the physical network to match.</para>
<para>&PRODUCT; also has internal network offerings for use by &PRODUCT; system VMs. These network offerings are not visible to users but can be modified by administrators.</para>
<xi:include href="creating-network-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<title>Network Offerings</title>
<note>
<para>For the most up-to-date list of supported network services, see the &PRODUCT; UI or call
listNetworkServices.</para>
</note>
<para>A network offering is a named set of network services, such as:</para>
<itemizedlist>
<listitem>
<para>DHCP</para>
</listitem>
<listitem>
<para>DNS</para>
</listitem>
<listitem>
<para>Source NAT</para>
</listitem>
<listitem>
<para>Static NAT</para>
</listitem>
<listitem>
<para>Port Forwarding</para>
</listitem>
<listitem>
<para>Load Balancing</para>
</listitem>
<listitem>
<para>Firewall</para>
</listitem>
<listitem>
<para>VPN</para>
</listitem>
<listitem>
<para>(Optional) Name one of several available providers to use for a given service, such as
Juniper for the firewall</para>
</listitem>
<listitem>
<para>(Optional) Network tag to specify which physical network to use</para>
</listitem>
</itemizedlist>
<para>When creating a new VM, the user chooses one of the available network offerings, and that
determines which network services the VM can use.</para>
<para>The &PRODUCT; administrator can create any number of custom network offerings, in addition
to the default network offerings provided by &PRODUCT;. By creating multiple custom network
offerings, you can set up your cloud to offer different classes of service on a single
multi-tenant physical network. For example, while the underlying physical wiring may be the same
for two tenants, tenant A may only need simple firewall protection for their website, while
tenant B may be running a web server farm and require a scalable firewall solution, load
balancing solution, and alternate networks for accessing the database backend.</para>
<note>
<para>If you create load balancing rules while using a network service offering that includes an
external load balancer device such as NetScaler, and later change the network service offering
to one that uses the &PRODUCT; virtual router, you must create a firewall rule on the virtual
router for each of your existing load balancing rules so that they continue to
function.</para>
</note>
<para>When creating a new virtual network, the &PRODUCT; administrator chooses which network
offering to enable for that network. Each virtual network is associated with one network
offering. A virtual network can be upgraded or downgraded by changing its associated network
offering. If you do this, be sure to reprogram the physical network to match.</para>
<para>&PRODUCT; also has internal network offerings for use by &PRODUCT; system VMs. These network
offerings are not visible to users but can be modified by administrators.</para>
<xi:include href="creating-network-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

1
docs/en-US/networks.xml
View File

@ -45,6 +45,7 @@
<xi:include href="ip-load-balancing.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="dns-dhcp.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="elastic-ip.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="inter-vlan-routing.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="configure-vpc.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="persistent-network.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>

13
docs/en-US/set-up-network-for-users.xml
View File

@ -1,5 +1,5 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
@ -21,11 +21,10 @@
specific language governing permissions and limitations
under the License.
-->
<chapter id="set-up-network-for-users">
<title>Setting Up Networking for Users</title>
<xi:include href="networks-for-users-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="about-virtual-networks.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="network-service-providers.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="network-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<title>Setting Up Networking for Users</title>
<xi:include href="networks-for-users-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="about-virtual-networks.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="network-service-providers.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="network-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</chapter>

132
docs/en-US/using-netscaler-load-balancers.xml
View File

@ -3,58 +3,88 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="using-netscaler-load-balancers">
<title>About Using a NetScaler Load Balancer</title>
<para>Citrix NetScaler is supported as an external network element for load balancing in zones that use advanced networking (also called advanced zones). Set up an external load balancer when you want to provide load balancing through means other than &PRODUCT;s provided virtual router.</para>
<para>The NetScaler can be set up in direct (outside the firewall) mode. It must be added before any load balancing rules are deployed on guest VMs in the zone.</para>
<para>The functional behavior of the NetScaler with &PRODUCT; is the same as described in the &PRODUCT; documentation for using an F5 external load balancer. The only exception is that the F5 supports routing domains, and NetScaler does not. NetScaler can not yet be used as a firewall.</para>
<para>The Citrix NetScaler comes in three varieties. The following table summarizes how these variants are treated in &PRODUCT;.</para>
<informaltable>
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<thead>
<row>
<entry><para>NetScaler ADC Type</para></entry>
<entry><para>Description of Capabilities</para></entry>
<entry><para>&PRODUCT; Supported Features</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>MPX</para></entry>
<entry><para>Physical appliance. Capable of deep packet inspection. Can act as application firewall and load balancer</para></entry>
<entry><para>In advanced zones, load balancer functionality fully supported without limitation. In basic zones, static NAT, elastic IP (EIP), and elastic load balancing (ELB) are also provided</para></entry>
</row>
<row>
<entry><para>VPX</para></entry>
<entry><para>Virtual appliance. Can run as VM on XenServer, ESXi, and Hyper-V hypervisors. Same functionality as MPX</para></entry>
<entry><para>Supported only on ESXi. Same functional support as for MPX. &PRODUCT; will treat VPX and MPX as the same device type</para></entry>
</row>
<row>
<entry><para>SDX</para></entry>
<entry><para>Physical appliance. Can create multiple fully isolated VPX instances on a single appliance to support multi-tenant usage</para></entry>
<entry><para>&PRODUCT; will dynamically provision, configure, and manage the lifecycle of VPX instances on the SDX. Provisioned instances are added into &PRODUCT; automatically no manual configuration by the administrator is required. Once a VPX instance is added into &PRODUCT;, it is treated the same as a VPX on an ESXi host.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<title>About Using a NetScaler Load Balancer</title>
<para>Citrix NetScaler is supported as an external network element for load balancing in zones
that use isolated networking in advanced zones. Set up an external load balancer when you want
to provide load balancing through means other than &PRODUCT;s provided virtual router.</para>
<note>
<para>In a Basic zone, load balancing service is supported only if Elastic IP or Elastic LB
services are enabled.</para>
</note>
<para>When NetScaler load balancer is used to provide EIP or ELB services in a Basic zone, ensure
that all guest VM traffic must enter and exit through the NetScaler device. When inbound traffic
goes through the NetScaler device, traffic is routed by using the NAT protocol depending on the
EIP/ELB configured on the public IP to the private IP. The traffic that is originated from the
guest VMs usually goes through the layer 3 router. To ensure that outbound traffic goes through
NetScaler device providing EIP/ELB, layer 3 router must have a policy-based routing. A
policy-based route must be set up so that all traffic originated from the guest VM's are
directed to NetScaler device. This is required to ensure that the outbound traffic from the
guest VM's is routed to a public IP by using NAT.For more information on Elastic IP, see <xref
linkend="elastic-ip"/>. </para>
<para>The NetScaler can be set up in direct (outside the firewall) mode. It must be added before
any load balancing rules are deployed on guest VMs in the zone.</para>
<para>The functional behavior of the NetScaler with &PRODUCT; is the same as described in the
&PRODUCT; documentation for using an F5 external load balancer. The only exception is that the
F5 supports routing domains, and NetScaler does not. NetScaler can not yet be used as a
firewall.</para>
<para>To install and enable an external load balancer for &PRODUCT; management, see <phrase
condition="install"><xref linkend="external-guest-lb-integration"/>.</phrase>
<phrase condition="admin">External Guest Load Balancer Integration in the Installation
Guide.</phrase>
</para>
<para>The Citrix NetScaler comes in three varieties. The following table summarizes how these
variants are treated in &PRODUCT;.</para>
<informaltable>
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<thead>
<row>
<entry><para>NetScaler ADC Type</para></entry>
<entry><para>Description of Capabilities</para></entry>
<entry><para>&PRODUCT; Supported Features</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>MPX</para></entry>
<entry><para>Physical appliance. Capable of deep packet inspection. Can act as application
firewall and load balancer</para></entry>
<entry><para>In advanced zones, load balancer functionality fully supported without
limitation. In basic zones, static NAT, elastic IP (EIP), and elastic load balancing
(ELB) are also provided.</para></entry>
</row>
<row>
<entry><para>VPX</para></entry>
<entry><para>Virtual appliance. Can run as VM on XenServer, ESXi, and Hyper-V hypervisors.
Same functionality as MPX</para></entry>
<entry><para>Supported on ESXi and XenServer. Same functional support as for MPX.
&PRODUCT; will treat VPX and MPX as the same device type.</para></entry>
</row>
<row>
<entry><para>SDX</para></entry>
<entry><para>Physical appliance. Can create multiple fully isolated VPX instances on a
single appliance to support multi-tenant usage</para></entry>
<entry><para>&PRODUCT; will dynamically provision, configure, and manage the life cycle of
VPX instances on the SDX. Provisioned instances are added into &PRODUCT; automatically
no manual configuration by the administrator is required. Once a VPX instance is
added into &PRODUCT;, it is treated the same as a VPX on an ESXi host.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>

1
docs/en-US/virtual-machines.xml
View File

@ -28,6 +28,7 @@
<xi:include href="stopping-and-starting-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="vm-snapshots.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="changing-vm-name-os-group.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="append-displayname-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="changing-service-offering-for-vm.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="manual-live-migration.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="deleting-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>