etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merged over docs from master

This commit is contained in:
Alex Huang 2012-10-04 16:15:51 -07:00
parent 4763997ee9
commit bd384829da
96 changed files with 4807 additions and 1034 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/en-US/API_Developers_Guide.ent Normal file
View File

@ -0,0 +1,21 @@
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!ENTITY PRODUCT "CloudPlatform">
<!ENTITY BOOKID "Technical Documentation">
<!ENTITY YEAR "2012">
<!ENTITY HOLDER "Citrix">

5
docs/en-US/cloudstack_developers.xml → docs/en-US/API_Developers_Guide.xml
View File

@ -24,11 +24,10 @@
<book>
<bookinfo id="book-release-notes-3.0.4">
<title>&PRODUCT; Guide</title>
<subtitle>Revised August 9, 2012 10:48 pm Pacific</subtitle>
<title>&PRODUCT; API Developers Guide</title>
<productname>Apache CloudStack</productname>
<productnumber>4.0</productnumber>
<edition>1</edition>
<edition></edition>
<pubsnumber></pubsnumber>
<abstract>
<para>

0
docs/en-US/cloudstack_admin.ent → docs/en-US/Admin_Guide.ent
View File

0
docs/en-US/cloudstack_admin.xml → docs/en-US/Admin_Guide.xml
View File

46
docs/en-US/Book_Info_Admin.xml Normal file
View File

@ -0,0 +1,46 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<bookinfo id="book-cloudstack-admin">
<title> Apache CloudStack 4.0
Administrator's Guide</title>
<subtitle>Revised September 11, 2012 01:32 am Pacific</subtitle>
<productname></productname>
<productnumber></productnumber>
<pubsnumber></pubsnumber>
<abstract>
<para>If you have already installed &PRODUCT; or you want to learn more about the ongoing
operation and maintenance of a &PRODUCT;-powered cloud, read this documentation. It
will help you start using, configuring, and managing the ongoing operation of your cloud.</para>
</abstract>
<corpauthor>
<inlinemediaobject>
<imageobject>
<imagedata fileref="Common_Content/images/title_logo.png" format="PNG" />
</imageobject>
</inlinemediaobject>
</corpauthor>
<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>

0
docs/en-US/cloudstack_developers.ent → docs/en-US/CloudStack_Nicira_NVP_Guide.ent
View File

54
docs/en-US/CloudStack_Nicira_NVP_Guide.xml Normal file
View File

@ -0,0 +1,54 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<book>
<bookinfo id="cloudstack_plugin_niciranvp">
<title>&PRODUCT; Plugin Guide for the Nicira NVP Plugin</title>
<productname>Apache CloudStack</productname>
<productnumber>4.0</productnumber>
<edition>1</edition>
<pubsnumber></pubsnumber>
<abstract>
<para>
Plugin Guide for the Nicira NVP Plugin.
</para>
</abstract>
<corpauthor>
<inlinemediaobject>
<imageobject>
<imagedata fileref="Common_Content/images/title_logo.svg" format="SVG" />
</imageobject>
</inlinemediaobject>
</corpauthor>
<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
<xi:include href="plugin-niciranvp-about.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="plugin-niciranvp-usage.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="plugin-niciranvp-troubleshooting.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="plugin-niciranvp-revisions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</book>

0
docs/en-US/cloudstack_installation.ent → docs/en-US/Installation_Guide.ent
View File

0
docs/en-US/cloudstack_installation.xml → docs/en-US/Installation_Guide.xml
View File

92
docs/en-US/add-additional-guest-network.xml
View File

@ -3,41 +3,63 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-additional-guest-network">
<title>Adding an Additional Guest Network</title>
<itemizedlist>
<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user. </para></listitem>
<listitem><para>In the left navigation, choose Network</para></listitem>
<listitem><para>Click Add guest network. Provide the following information: </para>
<itemizedlist>
<listitem><para>Name. The name of the network. This will be user-visible. </para></listitem>
<listitem><para>Description. The description of the network. This will be user-visible.</para></listitem>
<listitem><para>Network offering. If the administrator has configured multiple network offerings, select the one you want to use for this network.</para></listitem>
<listitem><para>Pod. The name of the pod this network applies to. Each pod in a basic zone is a broadcast domain, and therefore each pod has a different IP range for the guest network. The administrator must configure the IP range for each pod. </para></listitem>
<listitem><para>VLAN ID. The VLAN tag for this network.</para></listitem>
<listitem><para>Gateway. The gateway that the guests should use.</para></listitem>
<listitem><para>Netmask. The netmask in use on the subnet the guests will use.</para></listitem>
<listitem><para>Start IP/End IP. Enter the first and last IP addresses that define a range that &PRODUCT; can assign to guests. We strongly recommend the use of multiple NICs. If multiple NICs are used, they may be in a different subnet. If one NIC is used, these IPs should be in the same CIDR as the pod CIDR.</para></listitem></itemizedlist></listitem>
<listitem><para>Click Create.</para></listitem>
</itemizedlist>
</section>
<title>Adding an Additional Guest Network</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>Click Add guest network. Provide the following information: </para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: The name of the network. This will be
user-visible. </para>
</listitem>
<listitem>
<para><emphasis role="bold">Display Text</emphasis>: The description of the network. This
will be user-visible.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Zone</emphasis>. The name of the zone this network applies to.
Each zone is a broadcast domain, and therefore each zone has a different IP range for
the guest network. The administrator must configure the IP range for each zone.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network offering</emphasis>: If the administrator has
configured multiple network offerings, select the one you want to use for this
network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Gateway</emphasis>: The gateway that the guests should
use.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Netmask</emphasis>: The netmask in use on the subnet the
guests will use.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click Create.</para>
</listitem>
</orderedlist>
</section>

53
docs/en-US/add-clusters-kvm-xenserver.xml Normal file
View File

@ -0,0 +1,53 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-clusters-kvm-xenserver">
<title>Add Cluster: KVM or XenServer</title>
<para>These steps assume you have already installed the hypervisor on the hosts and logged in to
the &PRODUCT; UI.</para>
<orderedlist>
<listitem>
<para>In the left navigation, choose Infrastructure. In Zones, click View More, then click the
zone in which you want to add the cluster.</para>
</listitem>
<listitem>
<para>Click the Compute tab.</para>
</listitem>
<listitem>
<para>In the Clusters node of the diagram, click View All.</para>
</listitem>
<listitem>
<para>Click Add Cluster.</para>
</listitem>
<listitem>
<para>Choose the hypervisor type for this cluster.</para>
</listitem>
<listitem>
<para>Choose the pod in which you want to create the cluster.</para>
</listitem>
<listitem>
<para>Enter a name for the cluster. This can be text of your choosing and is not used by
&PRODUCT;.</para>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>

121
docs/en-US/add-clusters-vsphere.xml Normal file
View File

@ -0,0 +1,121 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-clusters-vsphere">
<title>Add Cluster: vSphere</title>
<para>Host management for vSphere is done through a combination of vCenter and the &PRODUCT; admin
UI. &PRODUCT; requires that all hosts be in a &PRODUCT; cluster, but the cluster may consist of
a single host. As an administrator you must decide if you would like to use clusters of one host
or of multiple hosts. Clusters of multiple hosts allow for features like live migration.
Clusters also require shared storage such as NFS or iSCSI.</para>
<para>For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding
the entire cluster to &PRODUCT;. Follow these requirements:</para>
<itemizedlist>
<listitem>
<para>Do not put more than 8 hosts in a vSphere cluster</para>
</listitem>
<listitem>
<para>Make sure the hypervisor hosts do not have any VMs already running before you add them
to &PRODUCT;.</para>
</listitem>
</itemizedlist>
<para>To add a vSphere cluster to &PRODUCT;:</para>
<orderedlist>
<listitem>
<para>Create the cluster of hosts in vCenter. Follow the vCenter instructions to do this. You
will create a cluster that looks something like this in vCenter.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vsphere-client.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Log in to the UI.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Infrastructure. In Zones, click View More, then click the
zone in which you want to add the cluster.</para>
</listitem>
<listitem>
<para>Click the Compute tab, and click View All on Pods. Choose the pod to which you want to
add the cluster.</para>
</listitem>
<listitem>
<para>Click View Clusters.</para>
</listitem>
<listitem>
<para>Click Add Cluster.</para>
</listitem>
<listitem>
<para>In Hypervisor, choose VMware.</para>
</listitem>
<listitem>
<para>Provide the following information in the dialog. The fields below make reference to
values from vCenter.</para>
<itemizedlist>
<listitem>
<para>Cluster Name. Enter the name of the cluster you created in vCenter. For example,
"cloud.cluster.2.2.1"</para>
</listitem>
<listitem>
<para>vCenter Host. Enter the hostname or IP address of the vCenter server. </para>
</listitem>
<listitem>
<para>vCenter Username. Enter the username that &PRODUCT; should use to connect to
vCenter. This user must have all administrative privileges.</para>
</listitem>
<listitem>
<para>vCenter Password. Enter the password for the user named above</para>
</listitem>
<listitem>
<para>vCenter Datacenter. Enter the vCenter datacenter that the cluster is in. For
example, "cloud.dc.VM".</para>
<para>If you have enabled Nexus dvSwitch in the environment, the following parameters for
dvSwitch configuration are displayed:</para>
</listitem>
<listitem>
<para>Nexus dvSwitch IP Address: The IP address of the Nexus VSM appliance.</para>
</listitem>
<listitem>
<para>Nexus dvSwitch Username: The username required to access the Nexus VSM
applicance.</para>
</listitem>
<listitem>
<para>Nexus dvSwitch Password: The password associated with the username specified
above.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-cluster.png"/>
</imageobject>
<textobject>
<phrase>addcluster.png: add cluster</phrase>
</textobject>
</mediaobject>
<para>There might be a slight delay while the cluster is provisioned. It will
automatically display in the UI</para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
</section>

104
docs/en-US/add-gateway-vpc.xml Normal file
View File

@ -0,0 +1,104 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-gateway-vpc">
<title>Adding a Private Gateway to a VPC</title>
<para>A private gateway can be added by the root admin only. The VPC private network has 1:1
relationship with the NIC of the physical network. No gateways with duplicated VLAN and IP are
allowed in the same data center.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to configure load balancing
rules.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Private Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ACLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select Private Gateways.</para>
<para>The Gateways page is displayed.</para>
</listitem>
<listitem>
<para>Click Add new gateway:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-new-gateway-vpc.png"/>
</imageobject>
<textobject>
<phrase>add-new-gateway-vpc.png: adding a private gateway for the VPC.</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Physical Network</emphasis>: The physical network you have
created in the zone.</para>
</listitem>
<listitem>
<para><emphasis role="bold">IP Address</emphasis>: The IP address associated with the VPC
gateway.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Gateway</emphasis>: The gateway through which the traffic is
routed to and from the VPC.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Netmask</emphasis>: The netmask associated with the VPC
gateway.</para>
</listitem>
<listitem>
<para><emphasis role="bold">VLAN</emphasis>: The VLAN associated with the VPC
gateway.</para>
</listitem>
</itemizedlist>
<para>The new gateway appears in the list. You can repeat these steps to add more gateway for
this VPC.</para>
</listitem>
</orderedlist>
</section>

170
docs/en-US/add-ingress-egress-rules.xml
View File

@ -3,57 +3,129 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-ingress-egress-rules">
<title>Adding Ingress and Egress Rules to a Security Group</title>
<itemizedlist>
<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user. </para></listitem>
<listitem><para>In the left navigation, choose Network</para></listitem>
<listitem><para>In Select view, choose Security Groups, then click the security group you want .</para></listitem>
<listitem><para>To add an ingress rule, click the Ingress Rules tab and fill out the following fields to specify what network traffic is allowed into VM instances in this security group. If no ingress rules are specified, then no traffic will be allowed in, except for responses to any traffic that has been allowed out through an egress rule.</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Add by CIDR/Account</emphasis>. Indicate whether the source of the traffic will be defined by IP address (CIDR) or an existing security group in a &PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from all VMs in another security group</para></listitem>
<listitem><para><emphasis role="bold">Protocol</emphasis>. The networking protocol that sources will use to send traffic to the security group. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data.</para></listitem>
<listitem><para><emphasis role="bold">Start Port, End Port</emphasis>. (TCP, UDP only) A range of listening ports that are the destination for the incoming traffic. If you are opening a single port, use the same number in both fields.</para></listitem>
<listitem><para><emphasis role="bold">ICMP Type, ICMP Code</emphasis>. (ICMP only) The type of message and error code that will be accepted.</para></listitem>
<listitem><para><emphasis role="bold">CIDR</emphasis>. (Add by CIDR only) To accept only traffic from IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.</para></listitem>
<listitem><para><emphasis role="bold">Account, Security Group</emphasis>. (Add by Account only) To accept only traffic from another security group, enter the &PRODUCT; account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter the same name you used in step 7.</para></listitem>
</itemizedlist>
<para>The following example allows inbound HTTP access from anywhere:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/http-access.png" />
</imageobject>
<textobject><phrase>httpaccess.png: allows inbound HTTP access from anywhere</phrase></textobject>
</mediaobject>
<title>Adding Ingress and Egress Rules to a Security Group</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network</para>
</listitem>
<listitem>
<para>In Select view, choose Security Groups, then click the security group you want .</para>
</listitem>
<listitem>
<para>To add an ingress rule, click the Ingress Rules tab and fill out the following fields to
specify what network traffic is allowed into VM instances in this security group. If no
ingress rules are specified, then no traffic will be allowed in, except for responses to any
traffic that has been allowed out through an egress rule.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Add by CIDR/Account</emphasis>. Indicate whether the source of
the traffic will be defined by IP address (CIDR) or an existing security group in a
&PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from
all VMs in another security group</para>
</listitem>
<listitem><para>To add an egress rule, click the Egress Rules tab and fill out the following fields to specify what type of traffic is allowed to be sent out of VM instances in this security group. If no egress rules are specified, then all traffic will be allowed out. Once egress rules are specified, the following types of traffic are allowed out: traffic specified in egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been allowed in through an ingress rule</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Add by CIDR/Account</emphasis>. Indicate whether the destination of the traffic will be defined by IP address (CIDR) or an existing security group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing traffic to all VMs in another security group.</para></listitem>
<listitem><para><emphasis role="bold">Protocol</emphasis>. The networking protocol that VMs will use to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data.</para></listitem>
<listitem><para><emphasis role="bold">Start Port, End Port</emphasis>. (TCP, UDP only) A range of listening ports that are the destination for the outgoing traffic. If you are opening a single port, use the same number in both fields.</para></listitem>
<listitem><para><emphasis role="bold">ICMP Type, ICMP Code</emphasis>. (ICMP only) The type of message and error code that will be sent</para></listitem>
<listitem><para><emphasis role="bold">CIDR</emphasis>. (Add by CIDR only) To send traffic only to IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.</para></listitem>
<listitem><para><emphasis role="bold">Account, Security Group</emphasis>. (Add by Account only) To allow traffic to be sent to another security group, enter the &PRODUCT; account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter its name.</para></listitem>
</itemizedlist></listitem>
<listitem><para>Click Add.</para></listitem>
</itemizedlist>
<listitem>
<para><emphasis role="bold">Protocol</emphasis>. The networking protocol that sources will
use to send traffic to the security group. TCP and UDP are typically used for data
exchange and end-user communications. ICMP is typically used to send error messages or
network monitoring data.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Start Port, End Port</emphasis>. (TCP, UDP only) A range of
listening ports that are the destination for the incoming traffic. If you are opening a
single port, use the same number in both fields.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ICMP Type, ICMP Code</emphasis>. (ICMP only) The type of
message and error code that will be accepted.</para>
</listitem>
<listitem>
<para><emphasis role="bold">CIDR</emphasis>. (Add by CIDR only) To accept only traffic
from IP addresses within a particular address block, enter a CIDR or a comma-separated
list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example,
192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Account, Security Group</emphasis>. (Add by Account only) To
accept only traffic from another security group, enter the &PRODUCT; account and name of
a security group that has already been defined in that account. To allow traffic between
VMs within the security group you are editing now, enter the same name you used in step
7.</para>
</listitem>
</itemizedlist>
<para>The following example allows inbound HTTP access from anywhere:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/http-access.png"/>
</imageobject>
<textobject>
<phrase>httpaccess.png: allows inbound HTTP access from anywhere</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>To add an egress rule, click the Egress Rules tab and fill out the following fields to
specify what type of traffic is allowed to be sent out of VM instances in this security
group. If no egress rules are specified, then all traffic will be allowed out. Once egress
rules are specified, the following types of traffic are allowed out: traffic specified in
egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been
allowed in through an ingress rule</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Add by CIDR/Account</emphasis>. Indicate whether the
destination of the traffic will be defined by IP address (CIDR) or an existing security
group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing
traffic to all VMs in another security group.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Protocol</emphasis>. The networking protocol that VMs will use
to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user
communications. ICMP is typically used to send error messages or network monitoring
data.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Start Port, End Port</emphasis>. (TCP, UDP only) A range of
listening ports that are the destination for the outgoing traffic. If you are opening a
single port, use the same number in both fields.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ICMP Type, ICMP Code</emphasis>. (ICMP only) The type of
message and error code that will be sent</para>
</listitem>
<listitem>
<para><emphasis role="bold">CIDR</emphasis>. (Add by CIDR only) To send traffic only to IP
addresses within a particular address block, enter a CIDR or a comma-separated list of
CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22.
To allow all CIDRs, set to 0.0.0.0/0.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Account, Security Group</emphasis>. (Add by Account only) To
allow traffic to be sent to another security group, enter the &PRODUCT; account and name
of a security group that has already been defined in that account. To allow traffic
between VMs within the security group you are editing now, enter its name.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click Add.</para>
</listitem>
</orderedlist>
</section>

222
docs/en-US/add-iso.xml
View File

@ -3,89 +3,149 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-iso">
<title>Adding an ISO</title>
<para>To make additional operating system or other software available for use with guest VMs, you can add an ISO. The ISO is typically thought of as an operating system image, but you can also add ISOs for other types of software, such as desktop applications that you want to be installed as part of a template.</para>
<orderedlist>
<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user.</para></listitem>
<listitem><para>In the left navigation bar, click Templates.</para></listitem>
<listitem><para>In Select View, choose ISOs.</para></listitem>
<listitem><para>Click Add ISO.</para></listitem>
<listitem><para>In the Add ISO screen, provide the following:</para>
<itemizedlist>
<listitem><para>Name. Short name for the ISO image. (E.g. CentOS 6.2 64 bit).</para></listitem>
<listitem><para>Description. Display test for the ISO image. (E.g. CentOS 6.2 64 bit).</para></listitem>
<listitem><para>URL. The URL that hosts the ISO image. The Management Server must be able to access this location via HTTP. If needed you can place the ISO image directly on the Management Server</para></listitem>
<listitem><para>Zone. Choose the zone where you want the ISO to be available, or All Zones to make it available throughout &PRODUCT;.</para></listitem>
<listitem><para>Bootable. Whether or not a guest could boot off this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not bootable.</para></listitem>
<listitem><para>OS Type. This helps &PRODUCT; and the hypervisor perform certain operations and make assumptions that improve the performance of the guest. Select one of the following.</para>
<itemizedlist>
<listitem><para>If the operating system of your desired ISO image is listed, choose it.</para></listitem>
<listitem><para>If the OS Type of the ISO is not listed or if the ISO is not bootable, choose Other.</para></listitem>
<listitem><para>(XenServer only) If you want to boot from this ISO in PV mode, choose Other PV (32-bit) or Other PV (64-bit)</para></listitem>
<listitem><para>(KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have an IDE root disk. The PV-enabled types are:</para>
<informaltable>
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<tbody>
<row>
<entry><para>Fedora 13</para></entry>
<entry><para>Fedora 12</para></entry>
<entry><para>Fedora 11</para></entry>
</row>
<row>
<entry><para>Fedora 10</para></entry>
<entry><para>Fedora 9</para></entry>
<entry><para>Other PV</para></entry>
</row>
<row>
<entry><para>Debian GNU/Linux</para></entry>
<entry><para>CentOS 5.3</para></entry>
<entry><para>CentOS 5.4</para></entry>
</row>
<row>
<entry><para>CentOS 5.5</para></entry>
<entry><para>Red Hat Enterprise Linux 5.3</para></entry>
<entry><para>Red Hat Enterprise Linux 5.4</para></entry>
</row>
<row>
<entry><para>Red Hat Enterprise Linux 5.5</para></entry>
<entry><para>Red Hat Enterprise Linux 6</para></entry>
<entry></entry>
</row>
</tbody>
</tgroup>
</informaltable></listitem>
</itemizedlist>
<note><para>Note: It is not recommended to choose an older version of the OS than the version in the image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not work. In these cases, choose Other.</para></note>
</listitem>
<listitem><para>Extractable. Choose Yes if the ISO should be available for extraction.</para></listitem>
<listitem><para>Public. Choose Yes if this ISO should be available to other users.</para></listitem>
<listitem><para>Featured. Choose Yes if you would like this ISO to be more prominent for users to select. The ISO will appear in the Featured ISOs list. Only an administrator can make an ISO Featured.</para></listitem>
</itemizedlist></listitem>
<listitem><para>Click OK.</para>
<para>The Management Server will download the ISO. Depending on the size of the ISO, this may take a long time. The ISO status column will display Ready once it has been successfully downloaded into secondary storage. Clicking Refresh updates the download percentage.</para>
<title>Adding an ISO</title>
<para>To make additional operating system or other software available for use with guest VMs, you
can add an ISO. The ISO is typically thought of as an operating system image, but you can also
add ISOs for other types of software, such as desktop applications that you want to be installed
as part of a template.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation bar, click Templates.</para>
</listitem>
<listitem>
<para>In Select View, choose ISOs.</para>
</listitem>
<listitem>
<para>Click Add ISO.</para>
</listitem>
<listitem>
<para>In the Add ISO screen, provide the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Short name for the ISO image. For example,
CentOS 6.2 64-bit.</para>
</listitem>
<listitem><para><emphasis role="bold">Important</emphasis>: Wait for the ISO to finish downloading. If you move on to the next task and try to use the ISO right away, it will appear to fail. The entire ISO must be available before &PRODUCT; can work with it</para></listitem>
</orderedlist>
<listitem>
<para><emphasis role="bold">Description</emphasis>: Display test for the ISO image. For
example, CentOS 6.2 64-bit.</para>
</listitem>
<listitem>
<para><emphasis role="bold">URL</emphasis>: The URL that hosts the ISO image. The
Management Server must be able to access this location via HTTP. If needed you can place
the ISO image directly on the Management Server</para>
</listitem>
<listitem>
<para><emphasis role="bold">Zone</emphasis>: Choose the zone where you want the ISO to be
available, or All Zones to make it available throughout &PRODUCT;.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Bootable</emphasis>: Whether or not a guest could boot off
this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not
bootable.</para>
</listitem>
<listitem>
<para><emphasis role="bold">OS Type</emphasis>: This helps &PRODUCT; and the hypervisor
perform certain operations and make assumptions that improve the performance of the
guest. Select one of the following.</para>
<itemizedlist>
<listitem>
<para>If the operating system of your desired ISO image is listed, choose it.</para>
</listitem>
<listitem>
<para>If the OS Type of the ISO is not listed or if the ISO is not bootable, choose
Other.</para>
</listitem>
<listitem>
<para>(XenServer only) If you want to boot from this ISO in PV mode, choose Other PV
(32-bit) or Other PV (64-bit)</para>
</listitem>
<listitem>
<para>(KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO
will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have
an IDE root disk. The PV-enabled types are:</para>
<informaltable>
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<tbody>
<row>
<entry><para>Fedora 13</para></entry>
<entry><para>Fedora 12</para></entry>
<entry><para>Fedora 11</para></entry>
</row>
<row>
<entry><para>Fedora 10</para></entry>
<entry><para>Fedora 9</para></entry>
<entry><para>Other PV</para></entry>
</row>
<row>
<entry><para>Debian GNU/Linux</para></entry>
<entry><para>CentOS 5.3</para></entry>
<entry><para>CentOS 5.4</para></entry>
</row>
<row>
<entry><para>CentOS 5.5</para></entry>
<entry><para>Red Hat Enterprise Linux 5.3</para></entry>
<entry><para>Red Hat Enterprise Linux 5.4</para></entry>
</row>
<row>
<entry><para>Red Hat Enterprise Linux 5.5</para></entry>
<entry><para>Red Hat Enterprise Linux 6</para></entry>
<entry/>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
</itemizedlist>
<note>
<para>It is not recommended to choose an older version of the OS than the version in the
image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not
work. In these cases, choose Other.</para>
</note>
</listitem>
<listitem>
<para><emphasis role="bold">Extractable</emphasis>: Choose Yes if the ISO should be
available for extraction.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public</emphasis>: Choose Yes if this ISO should be available
to other users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Featured</emphasis>: Choose Yes if you would like this ISO to
be more prominent for users to select. The ISO will appear in the Featured ISOs list.
Only an administrator can make an ISO Featured.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
<para>The Management Server will download the ISO. Depending on the size of the ISO, this may
take a long time. The ISO status column will display Ready once it has been successfully
downloaded into secondary storage. Clicking Refresh updates the download percentage.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Important</emphasis>: Wait for the ISO to finish downloading. If
you move on to the next task and try to use the ISO right away, it will appear to fail. The
entire ISO must be available before &PRODUCT; can work with it.</para>
</listitem>
</orderedlist>
</section>

110
docs/en-US/add-load-balancer-rule.xml
View File

@ -3,44 +3,80 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-load-balancer-rule">
<title>Adding a Load Balancer Rule</title>
<orderedlist>
<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user. </para></listitem>
<listitem><para>In the left navigation, choose Network.</para></listitem>
<listitem><para>Click the name of the network where you want to load balance the traffic.</para></listitem>
<listitem><para>Click View IP Addresses.</para></listitem>
<listitem><para>Click the IP address for which you want to create the rule, then click the Configuration tab.</para></listitem>
<listitem><para>In the Load Balancing node of the diagram, click View All.</para></listitem>
<listitem><para>Fill in the following:</para>
<itemizedlist>
<listitem><para>Name. A name for the load balancer rule.</para></listitem>
<listitem><para>Public Port. The port receiving incoming traffic to be balanced.</para></listitem>
<listitem><para>Private Port. The port that the VMs will use to receive the traffic.</para></listitem>
<listitem><para>Algorithm. Choose the load balancing algorithm you want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are not familiar with these choices, you will find plenty of information about them on the Internet.</para></listitem>
<listitem><para>Stickiness. (Optional) Click Configure and choose the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer Rules.</para></listitem>
</itemizedlist></listitem>
<listitem><para>Click Add VMs, then select two or more VMs that will divide the load of incoming traffic, and click Apply.</para>
<para>The new load balancer rule appears in the list. You can repeat these steps to add more load balancer rules for this IP address.</para>
</listitem>
</orderedlist>
<title>Adding a Load Balancer Rule</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>Click the name of the network where you want to load balance the traffic.</para>
</listitem>
<listitem>
<para>Click View IP Addresses.</para>
</listitem>
<listitem>
<para>Click the IP address for which you want to create the rule, then click the Configuration
tab.</para>
</listitem>
<listitem>
<para>In the Load Balancing node of the diagram, click View All.</para>
<para>In a Basic zone, you can also create a load balancing rule without acquiring or
selecting an IP address. &PRODUCT; internally assign an IP when you create the load
balancing rule, which is listed in the IP Addresses page when the rule is created. </para>
<para>To do that, select the name of the network, then click Add Load Balancer tab. Continue
with <xref linkend="config-lb"/>.</para>
</listitem>
<listitem id="config-lb">
<para>Fill in the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A name for the load balancer rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public Port</emphasis>: The port receiving incoming traffic to
be balanced.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Private Port</emphasis>: The port that the VMs will use to
receive the traffic.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>: Choose the load balancing algorithm you
want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are
not familiar with these choices, you will find plenty of information about them on the
Internet.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Stickiness</emphasis>: (Optional) Click Configure and choose
the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer
Rules.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click Add VMs, then select two or more VMs that will divide the load of incoming
traffic, and click Apply.</para>
<para>The new load balancer rule appears in the list. You can repeat these steps to add more
load balancer rules for this IP address.</para>
</listitem>
</orderedlist>
</section>

2
docs/en-US/add-members-to-projects.xml
View File

@ -29,5 +29,7 @@
<listitem><para>If invitations have been enabled, you can send invitations to new members.</para></listitem>
<listitem><para>If invitations are not enabled, you can add members directly through the UI.</para></listitem>
</itemizedlist>
<xi:include href="send-projects-membership-invitation.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="add-projects-members-from-ui.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</section>

29
docs/en-US/add-more-clusters.xml Normal file
View File

@ -0,0 +1,29 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-more-clusters">
<title>Add More Clusters (Optional)</title>
<para>You need to tell &PRODUCT; about the hosts that it will manage. Hosts exist inside clusters,
so before you begin adding hosts to the cloud, you must add at least one cluster.</para>
<xi:include href="about-clusters.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="add-clusters-kvm-xenserver.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="add-clusters-ovm.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="add-clusters-vsphere.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

108
docs/en-US/add-primary-storage.xml Normal file
View File

@ -0,0 +1,108 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-primary-storage">
<title>Adding Primary Storage</title>
<note>
<para>Ensure that nothing stored on the server. Adding the server to CloudStack will destroy any
existing data.</para>
</note>
<para>When you create a new zone, the first primary storage is added as part of that procedure.
You can add primary storage servers at any time, such as when adding a new cluster or adding
more servers to an existing cluster.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Infrastructure. In Zones, click View More, then click the
zone in which you want to add the primary storage.</para>
</listitem>
<listitem>
<para>Click the Compute tab.</para>
</listitem>
<listitem>
<para>In the Primary Storage node of the diagram, click View All.</para>
</listitem>
<listitem>
<para>Click Add Primary Storage.</para>
</listitem>
<listitem>
<para>Provide the following information in the dialog. The information required varies
depending on your choice in Protocol.</para>
<itemizedlist>
<listitem>
<para>Pod. The pod for the storage device.</para>
</listitem>
<listitem>
<para>Cluster. The cluster for the storage device.</para>
</listitem>
<listitem>
<para>Name. The name of the storage device</para>
</listitem>
<listitem>
<para>Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS
or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or
NFS</para>
</listitem>
<listitem>
<para>Server (for NFS, iSCSI, or PreSetup). The IP address or DNS name of the storage
device</para>
</listitem>
<listitem>
<para>Server (for VMFS). The IP address or DNS name of the vCenter server.</para>
</listitem>
<listitem>
<para>Path (for NFS). In NFS this is the exported path from the server.</para>
</listitem>
<listitem>
<para>Path (for VMFS). In vSphere this is a combination of the datacenter name and the
datastore name. The format is "/" datacenter name "/" datastore name. For example,
"/cloud.dc.VM/cluster1datastore".</para>
</listitem>
<listitem>
<para>Path (for SharedMountPoint). With KVM this is the path on each host that is where
this primary storage is mounted. For example, "/mnt/primary".</para>
</listitem>
<listitem>
<para>SR Name-Label (for PreSetup). Enter the name-label of the SR that has been set up
outside &PRODUCT;.</para>
</listitem>
<listitem>
<para>Target IQN (for iSCSI). In iSCSI this is the IQN of the target. For example,
iqn.1986-03.com.sun:02:01ec9bb549-1271378984</para>
</listitem>
<listitem>
<para>Lun # (for iSCSI). In iSCSI this is the LUN number. For example, 3.</para>
</listitem>
<listitem>
<para>Tags (optional). The comma-separated list of tags for this storage device. It should
be an equivalent set or superset of the tags on your disk offerings</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For
example, if cluster A provides primary storage that has tags T1 and T2, all other clusters
in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>

48
docs/en-US/add-secondary-storage.xml Normal file
View File

@ -0,0 +1,48 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-secondary-storage">
<title>Adding Secondary Storage</title>
<note>
<para>Be sure there is nothing stored on the server. Adding the server to CloudStack will
destroy any existing data.</para>
</note>
<para>When you create a new zone, the first secondary storage is added as part of that procedure.
You can add secondary storage servers at any time to add more servers to an existing
zone.</para>
<orderedlist>
<listitem>
<para>If you are going to use Swift for cloud-wide secondary storage, you must add the Swift
storage to &PRODUCT; before you add the local zone secondary storage servers.</para>
</listitem>
<listitem>
<para>To prepare for local zone secondary storage, you should have created and mounted an NFS
share during Management Server installation.</para>
</listitem>
<listitem>
<para>Make sure you prepared the system VM template during Management Server
installation.</para>
</listitem>
<listitem>
<para>4. Now that the secondary storage server for per-zone storage is prepared, add it to
&PRODUCT;. Secondary storage is added as part of the procedure for adding a new zone.</para>
</listitem>
</orderedlist>
</section>

70
docs/en-US/add-security-group.xml
View File

@ -3,37 +3,47 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-security-group">
<title>Adding a Security Group</title>
<para>A user or administrator can change the network offering that is associated with an existing guest network.</para>
<itemizedlist>
<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user. </para></listitem>
<listitem><para>In the left navigation, choose Network</para></listitem>
<listitem><para>In Select view, choose Security Groups.</para></listitem>
<listitem><para>Click Add Security Group.</para></listitem>
<listitem><para>Provide a name and description.</para></listitem>
<listitem><para>Click OK.</para>
<para>The new security group appears in the Security Groups Details tab.</para></listitem>
<listitem><para>To make the security group useful, continue to Adding Ingress and Egress Rules to a Security Group.</para></listitem>
</itemizedlist>
<title>Adding a Security Group</title>
<para>A user or administrator can define a new security group.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network</para>
</listitem>
<listitem>
<para>In Select view, choose Security Groups.</para>
</listitem>
<listitem>
<para>Click Add Security Group.</para>
</listitem>
<listitem>
<para>Provide a name and description.</para>
</listitem>
<listitem>
<para>Click OK.</para>
<para>The new security group appears in the Security Groups Details tab.</para>
</listitem>
<listitem>
<para>To make the security group useful, continue to Adding Ingress and Egress Rules to a
Security Group.</para>
</listitem>
</orderedlist>
</section>

89
docs/en-US/add-tier.xml Normal file
View File

@ -0,0 +1,89 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-tier">
<title>Adding Tiers</title>
<para>Tiers are distinct locations within a VPC that act as isolated networks, which do not have
access to other tiers by default. Tiers are set up on different VLANs that can communicate with
each other by using a virtual router. Tiers provide inexpensive, low latency network
connectivity to other tiers within the VPC.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPC that you have created for the account is listed in the page.</para>
<note>
<para>The end users can see their own VPCs, while root and domain admin can see any VPC they
are authorized to see.</para>
</note>
</listitem>
<listitem>
<para>Click the Configure button of the VPC for which you want to set up tiers.</para>
<para>The Add new tier dialog is displayed, as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-tier.png"/>
</imageobject>
<textobject>
<phrase>add-tier.png: adding a tier to a vpc.</phrase>
</textobject>
</mediaobject>
<para>If you have already created tiers, the VPC diagram is displayed. Click Create Tier to
add a new tier.</para>
</listitem>
<listitem>
<para>Specify the following:</para>
<para>All the fields are mandatory.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A unique name for the tier you create.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network Offering</emphasis>: The following default network
offerings are listed: DefaultIsolatedNetworkOfferingForVpcNetworksNoLB,
DefaultIsolatedNetworkOfferingForVpcNetworks</para>
<para>In a VPC, only one tier can be created by using LB-enabled network offering.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Gateway</emphasis>: The gateway for the tier you create.
Ensure that the gateway is within the Super CIDR range that you specified while creating
the VPC, and is not overlapped with the CIDR of any existing tier within the VPC.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Netmask</emphasis>: The netmask for the tier you create. </para>
<para>For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is
10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is
255.255.255.0.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
<listitem>
<para>Continue with configuring access control list for the tier.</para>
</listitem>
</orderedlist>
</section>

45
docs/en-US/add-vm-to-tier.xml Normal file
View File

@ -0,0 +1,45 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-vm-to-tier">
<title>Deploying VMs to the Tier</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed.</para>
</listitem>
<listitem>
<para>Click the Add VM button of the tier for which you want to add a VM.</para>
<para>The Add Instance page is displayed.</para>
<para>Follow the on-screen instruction to add an instance. For information on adding an
instance, see Adding Instances section in the Installation Guide.</para>
</listitem>
</orderedlist>
</section>

75
docs/en-US/add-vpc.xml Normal file
View File

@ -0,0 +1,75 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="add-vpc">
<title>Adding a Virtual Private Cloud</title>
<para>When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC
network address space. You specify this set of addresses in the form of a Classless Inter-Domain
Routing (CIDR) block.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
</listitem>
<listitem>
<para>Click Add VPC. The Add VPC page is displayed as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-vpc.png"/>
</imageobject>
<textobject>
<phrase>add-vpc.png: adding a vpc.</phrase>
</textobject>
</mediaobject>
<para>Provide the following information:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A short name for the VPC that you are
creating.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: A brief description of the VPC.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Zone</emphasis>: Choose the zone where you want the VPC to be
available.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Super CIDR for Guest Networks</emphasis>: Defines the CIDR
range for all the tiers (guest networks) within a VPC. When you create a tier, ensure
that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918
compliant.</para>
</listitem>
<listitem>
<para><emphasis role="bold">DNS domain for Guest Networks</emphasis>: If you want to
assign a special domain name, specify the DNS suffix. This parameter is applied to all
the tiers within the VPC. That implies, all the tiers you create in the VPC belong to
the same DNS domain. If the parameter is not specified, a DNS domain name is generated
automatically. </para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
</section>

487
docs/en-US/added-API-commands.xml
View File

@ -3,165 +3,332 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="added-API-commands">
<title>Added API commands</title>
<para>Added in 3.0.3:</para>
<itemizedlist>
<listitem><para>enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)</para></listitem>
<listitem><para>disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)</para></listitem>
<listitem><para>deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)</para></listitem>
<listitem><para>listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well as the IP address of the Nexus 1000v dvSwitch.)</para></listitem>
</itemizedlist>
<para>Added in 3.0.2:</para>
<itemizedlist>
<listitem><para>changeServiceForSystemVm</para>
<para>Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.1:</para>
<itemizedlist>
<listitem><para>changeServiceForSystemVm</para>
<para>Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.0:</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1" />
<colspec colname="c2" />
<colspec colname="c3" />
<tbody>
<row>
<entry><para>assignVirtualMachine (Move a user VM to another user under same domain.)</para></entry>
<entry><para>restoreVirtualMachine (Restore a VM to original template or specific snapshot)</para></entry>
<entry><para>createLBStickinessPolicy (Creates a Load Balancer stickiness policy )</para></entry>
</row>
<row>
<entry><para>deleteLBStickinessPolicy (Deletes a LB stickiness policy.)</para></entry>
<entry><para>listLBStickinessPolicies (Lists LBStickiness policies.)</para></entry>
<entry><para>ldapConfig (Configure the LDAP context for this site.)</para></entry>
</row>
<row>
<entry><para>addSwift (Adds Swift.)</para></entry>
<entry><para>listSwifts (List Swift.)</para></entry>
<entry><para>migrateVolume (Migrate volume)</para></entry>
</row>
<row>
<entry><para>updateStoragePool (Updates a storage pool.)</para></entry>
<entry><para>authorizeSecurityGroupEgress (Authorizes a particular egress rule for this security group)</para></entry>
<entry><para>revokeSecurityGroupEgress (Deletes a particular egress rule from this security group)</para></entry>
</row>
<row>
<entry><para>createNetworkOffering (Creates a network offering.)</para></entry>
<entry><para>deleteNetworkOffering (Deletes a network offering.)</para></entry>
<entry><para>createProject (Creates a project)</para></entry>
</row>
<row>
<entry><para>deleteProject (Deletes a project)</para></entry>
<entry><para>updateProject (Updates a project)</para></entry>
<entry><para>activateProject (Activates a project)</para></entry>
</row>
<row>
<entry><para>suspendProject (Suspends a project)</para></entry>
<entry><para>listProjects (Lists projects and provides detailed information for listed projects)</para></entry>
<entry><para>addAccountToProject (Adds acoount to a project)</para></entry>
</row>
<row>
<entry><para>deleteAccountFromProject (Deletes account from the project)</para></entry>
<entry><para>listProjectAccounts (Lists project's accounts)</para></entry>
<entry><para>listProjectInvitations (Lists an account's invitations to join projects)</para></entry>
</row>
<row>
<entry><para>updateProjectInvitation (Accepts or declines project invitation)</para></entry>
<entry><para>deleteProjectInvitation (Deletes a project invitation)</para></entry>
<entry><para>updateHypervisorCapabilities (Updates a hypervisor capabilities.)</para></entry>
</row>
<row>
<entry><para>listHypervisorCapabilities (Lists all hypervisor capabilities.)</para></entry>
<entry><para>createPhysicalNetwork (Creates a physical network)</para></entry>
<entry><para>deletePhysicalNetwork (Deletes a Physical Network.)</para></entry>
</row>
<row>
<entry><para>listPhysicalNetworks (Lists physical networks)</para></entry>
<entry><para>updatePhysicalNetwork (Updates a physical network)</para></entry>
<entry><para>listSupportedNetworkServices (Lists all network services provided by &PRODUCT; or for the given Provider.)</para></entry>
</row>
<row>
<entry><para>addNetworkServiceProvider (Adds a network serviceProvider to a physical network)</para></entry>
<entry><para>deleteNetworkServiceProvider (Deletes a Network Service Provider.)</para></entry>
<entry><para>listNetworkServiceProviders (Lists network serviceproviders for a given physical network.)</para></entry>
</row>
<row>
<entry><para>updateNetworkServiceProvider (Updates a network serviceProvider of a physical network)</para></entry>
<entry><para>addTrafficType (Adds traffic type to a physical network)</para></entry>
<entry><para>deleteTrafficType (Deletes traffic type of a physical network)</para></entry>
</row>
<row>
<entry><para>listTrafficTypes (Lists traffic types of a given physical network.)</para></entry>
<entry><para>updateTrafficType (Updates traffic type of a physical network)</para></entry>
<entry><para>listTrafficTypeImplementors (Lists implementors of implementor of a network traffic type or implementors of all network traffic types)</para></entry>
</row>
<row>
<entry><para>createStorageNetworkIpRange (Creates a Storage network IP range.)</para></entry>
<entry><para>deleteStorageNetworkIpRange (Deletes a storage network IP Range.)</para></entry>
<entry><para>listStorageNetworkIpRange (List a storage network IP range.)</para></entry>
</row>
<row>
<entry><para>updateStorageNetworkIpRange (Update a Storage network IP range, only allowed when no IPs in this range have been allocated.)</para></entry>
<entry><para>listUsageTypes (List Usage Types)</para></entry>
<entry><para>addF5LoadBalancer (Adds a F5 BigIP load balancer device)</para></entry>
</row>
<row>
<entry><para>configureF5LoadBalancer (configures a F5 load balancer device)</para></entry>
<entry><para>deleteF5LoadBalancer ( delete a F5 load balancer device)</para></entry>
<entry><para>listF5LoadBalancers (lists F5 load balancer devices)</para></entry>
</row>
<row>
<entry><para>listF5LoadBalancerNetworks (lists network that are using a F5 load balancer device)</para></entry>
<entry><para>addSrxFirewall (Adds a SRX firewall device)</para></entry>
<entry><para>deleteSrxFirewall ( delete a SRX firewall device)</para></entry>
</row>
<row>
<entry><para>listSrxFirewalls (lists SRX firewall devices in a physical network)</para></entry>
<entry><para>listSrxFirewallNetworks (lists network that are using SRX firewall device)</para></entry>
<entry><para>addNetscalerLoadBalancer (Adds a netscaler load balancer device)</para></entry>
</row>
<row>
<entry><para>deleteNetscalerLoadBalancer ( delete a netscaler load balancer device)</para></entry>
<entry><para>configureNetscalerLoadBalancer (configures a netscaler load balancer device)</para></entry>
<entry><para>listNetscalerLoadBalancers (lists netscaler load balancer devices)</para></entry>
</row>
<row>
<entry><para>listNetscalerLoadBalancerNetworks (lists network that are using a netscaler load balancer device)</para></entry>
<entry><para>createVirtualRouterElement (Create a virtual router element.)</para></entry>
<entry><para>configureVirtualRouterElement (Configures a virtual router element.)</para></entry>
</row>
<row>
<entry><para>listVirtualRouterElements (Lists all available virtual router elements.)</para></entry>
<entry><para></para></entry>
<entry><para></para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
<section id="added-API-commands">
<title>Added API commands</title>
<para>Added in 4.0</para>
<itemizedlist>
<listitem>
<para>createCounter (Adds metric counter)</para>
</listitem>
<listitem>
<para>deleteCounter (Deletes a counter)</para>
</listitem>
<listitem>
<para>listCounters (List the counters)</para>
</listitem>
<listitem>
<para>createCondition (Creates a condition)</para>
</listitem>
<listitem>
<para>deleteCondition (Removes a condition)</para>
</listitem>
<listitem>
<para>listConditions (List Conditions for the specific user)</para>
</listitem>
<listitem>
<para>createTags. Add tags to one or more resources. Example:
<programlisting>command=createTags
&amp;resourceIds=1,10,12
&amp;resourceType=userVm
&amp;tags[0].key=region
&amp;tags[0].value=canada
&amp;tags[1].key=city
&amp;tags[1].value=Toronto </programlisting></para>
</listitem>
<listitem>
<para>deleteTags. Remove tags from one or more resources. Example:
<programlisting>command=deleteTags
&amp;resourceIds=1,12
&amp;resourceType=Snapshot
&amp;tags[0].key=city </programlisting></para>
</listitem>
<listitem>
<para>listTags (Show currently defined resource tags)</para>
</listitem>
<listitem>
<para>createVPC (Creates a VPC)</para>
</listitem>
<listitem>
<para>listVPCs (Lists VPCs)</para>
</listitem>
<listitem>
<para>deleteVPC (Deletes a VPC)</para>
</listitem>
<listitem>
<para>updateVPC (Updates a VPC)</para>
</listitem>
<listitem>
<para>restartVPC (Restarts a VPC)</para>
</listitem>
<listitem>
<para>createVPCOffering (Creates VPC offering)</para>
</listitem>
<listitem>
<para>updateVPCOffering (Updates VPC offering)</para>
</listitem>
<listitem>
<para>deleteVPCOffering (Deletes VPC offering)</para>
</listitem>
<listitem>
<para>listVPCOfferings (Lists VPC offerings)</para>
</listitem>
<listitem>
<para>createPrivateGateway (Creates a private gateway)</para>
</listitem>
<listitem>
<para>listPrivateGateways (List private gateways)</para>
</listitem>
<listitem>
<para>deletePrivateGateway (Deletes a Private gateway)</para>
</listitem>
<listitem>
<para>createNetworkACL (Creates a ACL rule the given network (the network has to belong to
VPC))</para>
</listitem>
<listitem>
<para>deleteNetworkACL (Deletes a Network ACL)</para>
</listitem>
<listitem>
<para>listNetworkACLs (Lists all network ACLs)</para>
</listitem>
<listitem>
<para>createStaticRoute (Creates a static route)</para>
</listitem>
<listitem>
<para>deleteStaticRoute (Deletes a static route)</para>
</listitem>
<listitem>
<para>listStaticRoutes (Lists all static routes)</para>
</listitem>
<listitem>
<para>createVpnCustomerGateway (Creates site to site vpn customer gateway)</para>
</listitem>
<listitem>
<para>createVpnGateway (Creates site to site vpn local gateway)</para>
</listitem>
<listitem>
<para>createVpnConnection (Create site to site vpn connection)</para>
</listitem>
<listitem>
<para>deleteVpnCustomerGateway (Delete site to site vpn customer gateway)</para>
</listitem>
<listitem>
<para>deleteVpnGateway (Delete site to site vpn gateway)</para>
</listitem>
<listitem>
<para>deleteVpnConnection (Delete site to site vpn connection)</para>
</listitem>
<listitem>
<para>updateVpnCustomerGateway (Update site to site vpn customer gateway)</para>
</listitem>
<listitem>
<para>resetVpnConnection (Reset site to site vpn connection)</para>
</listitem>
<listitem>
<para>listVpnCustomerGateways (Lists site to site vpn customer gateways)</para>
</listitem>
<listitem>
<para>listVpnGateways (Lists site 2 site vpn gateways)</para>
</listitem>
<listitem>
<para>listVpnConnections (Lists site to site vpn connection gateways)</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.3:</para>
<itemizedlist>
<listitem>
<para>enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)</para>
</listitem>
<listitem>
<para>disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)</para>
</listitem>
<listitem>
<para>deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)</para>
</listitem>
<listitem>
<para>listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well
as the IP address of the Nexus 1000v dvSwitch.)</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.2:</para>
<itemizedlist>
<listitem>
<para>changeServiceForSystemVm</para>
<para>Changes the service offering for a system VM (console proxy or secondary storage). The
system VM must be in a "Stopped" state for this command to take effect.</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.1:</para>
<itemizedlist>
<listitem>
<para>changeServiceForSystemVm</para>
<para>Changes the service offering for a system VM (console proxy or secondary storage). The
system VM must be in a "Stopped" state for this command to take effect.</para>
</listitem>
</itemizedlist>
<para>Added in 3.0.0:</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<tbody>
<row>
<entry><para>assignVirtualMachine (Move a user VM to another user under same
domain.)</para></entry>
<entry><para>restoreVirtualMachine (Restore a VM to original template or specific
snapshot)</para></entry>
<entry><para>createLBStickinessPolicy (Creates a Load Balancer stickiness policy
)</para></entry>
</row>
<row>
<entry><para>deleteLBStickinessPolicy (Deletes a LB stickiness policy.)</para></entry>
<entry><para>listLBStickinessPolicies (Lists LBStickiness policies.)</para></entry>
<entry><para>ldapConfig (Configure the LDAP context for this site.)</para></entry>
</row>
<row>
<entry><para>addSwift (Adds Swift.)</para></entry>
<entry><para>listSwifts (List Swift.)</para></entry>
<entry><para>migrateVolume (Migrate volume)</para></entry>
</row>
<row>
<entry><para>updateStoragePool (Updates a storage pool.)</para></entry>
<entry><para>authorizeSecurityGroupEgress (Authorizes a particular egress rule for this
security group)</para></entry>
<entry><para>revokeSecurityGroupEgress (Deletes a particular egress rule from this
security group)</para></entry>
</row>
<row>
<entry><para>createNetworkOffering (Creates a network offering.)</para></entry>
<entry><para>deleteNetworkOffering (Deletes a network offering.)</para></entry>
<entry><para>createProject (Creates a project)</para></entry>
</row>
<row>
<entry><para>deleteProject (Deletes a project)</para></entry>
<entry><para>updateProject (Updates a project)</para></entry>
<entry><para>activateProject (Activates a project)</para></entry>
</row>
<row>
<entry><para>suspendProject (Suspends a project)</para></entry>
<entry><para>listProjects (Lists projects and provides detailed information for listed
projects)</para></entry>
<entry><para>addAccountToProject (Adds acoount to a project)</para></entry>
</row>
<row>
<entry><para>deleteAccountFromProject (Deletes account from the project)</para></entry>
<entry><para>listProjectAccounts (Lists project's accounts)</para></entry>
<entry><para>listProjectInvitations (Lists an account's invitations to join
projects)</para></entry>
</row>
<row>
<entry><para>updateProjectInvitation (Accepts or declines project
invitation)</para></entry>
<entry><para>deleteProjectInvitation (Deletes a project invitation)</para></entry>
<entry><para>updateHypervisorCapabilities (Updates a hypervisor
capabilities.)</para></entry>
</row>
<row>
<entry><para>listHypervisorCapabilities (Lists all hypervisor
capabilities.)</para></entry>
<entry><para>createPhysicalNetwork (Creates a physical network)</para></entry>
<entry><para>deletePhysicalNetwork (Deletes a Physical Network.)</para></entry>
</row>
<row>
<entry><para>listPhysicalNetworks (Lists physical networks)</para></entry>
<entry><para>updatePhysicalNetwork (Updates a physical network)</para></entry>
<entry><para>listSupportedNetworkServices (Lists all network services provided by
&PRODUCT; or for the given Provider.)</para></entry>
</row>
<row>
<entry><para>addNetworkServiceProvider (Adds a network serviceProvider to a physical
network)</para></entry>
<entry><para>deleteNetworkServiceProvider (Deletes a Network Service
Provider.)</para></entry>
<entry><para>listNetworkServiceProviders (Lists network serviceproviders for a given
physical network.)</para></entry>
</row>
<row>
<entry><para>updateNetworkServiceProvider (Updates a network serviceProvider of a physical
network)</para></entry>
<entry><para>addTrafficType (Adds traffic type to a physical network)</para></entry>
<entry><para>deleteTrafficType (Deletes traffic type of a physical network)</para></entry>
</row>
<row>
<entry><para>listTrafficTypes (Lists traffic types of a given physical
network.)</para></entry>
<entry><para>updateTrafficType (Updates traffic type of a physical network)</para></entry>
<entry><para>listTrafficTypeImplementors (Lists implementors of implementor of a network
traffic type or implementors of all network traffic types)</para></entry>
</row>
<row>
<entry><para>createStorageNetworkIpRange (Creates a Storage network IP
range.)</para></entry>
<entry><para>deleteStorageNetworkIpRange (Deletes a storage network IP
Range.)</para></entry>
<entry><para>listStorageNetworkIpRange (List a storage network IP range.)</para></entry>
</row>
<row>
<entry><para>updateStorageNetworkIpRange (Update a Storage network IP range, only allowed
when no IPs in this range have been allocated.)</para></entry>
<entry><para>listUsageTypes (List Usage Types)</para></entry>
<entry><para>addF5LoadBalancer (Adds a F5 BigIP load balancer device)</para></entry>
</row>
<row>
<entry><para>configureF5LoadBalancer (configures a F5 load balancer device)</para></entry>
<entry><para>deleteF5LoadBalancer ( delete a F5 load balancer device)</para></entry>
<entry><para>listF5LoadBalancers (lists F5 load balancer devices)</para></entry>
</row>
<row>
<entry><para>listF5LoadBalancerNetworks (lists network that are using a F5 load balancer
device)</para></entry>
<entry><para>addSrxFirewall (Adds a SRX firewall device)</para></entry>
<entry><para>deleteSrxFirewall ( delete a SRX firewall device)</para></entry>
</row>
<row>
<entry><para>listSrxFirewalls (lists SRX firewall devices in a physical
network)</para></entry>
<entry><para>listSrxFirewallNetworks (lists network that are using SRX firewall
device)</para></entry>
<entry><para>addNetscalerLoadBalancer (Adds a netscaler load balancer
device)</para></entry>
</row>
<row>
<entry><para>deleteNetscalerLoadBalancer ( delete a netscaler load balancer
device)</para></entry>
<entry><para>configureNetscalerLoadBalancer (configures a netscaler load balancer
device)</para></entry>
<entry><para>listNetscalerLoadBalancers (lists netscaler load balancer
devices)</para></entry>
</row>
<row>
<entry><para>listNetscalerLoadBalancerNetworks (lists network that are using a netscaler
load balancer device)</para></entry>
<entry><para>createVirtualRouterElement (Create a virtual router element.)</para></entry>
<entry><para>configureVirtualRouterElement (Configures a virtual router
element.)</para></entry>
</row>
<row>
<entry><para>listVirtualRouterElements (Lists all available virtual router
elements.)</para></entry>
<entry><para/></entry>
<entry><para/></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>

546
docs/en-US/advanced-zone-configuration.xml
View File

@ -1,182 +1,380 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE bookinfo PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="advanced-zone-configuration">
<title>Advanced Zone Configuration</title>
<orderedlist>
<listitem><para>After you select Advanced in the Add Zone wizard and click Next, you will be asked to enter the following details. Then click Next.</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Name.</emphasis> A name for the zone.</para></listitem>
<listitem><para><emphasis role="bold">DNS 1 and 2.</emphasis> These are DNS servers for use by guest VMs in the zone. These DNS servers will be accessed via the public network you will add later. The public IP addresses for the zone must have a route to the DNS server named here.</para></listitem>
<listitem><para><emphasis role="bold">Internal DNS 1 and Internal DNS 2.</emphasis> These are DNS servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will be accessed via the management traffic network interface of the System VMs. The private IP address you provide for the pods must have a route to the internal DNS server named here.</para></listitem>
<listitem><para><emphasis role="bold">Network Domain.</emphasis> (Optional) If you want to assign a special domain name to the guest VM network, specify the DNS suffix.</para></listitem>
<listitem><para><emphasis role="bold">Guest CIDR.</emphasis> This is the CIDR that describes the IP addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24. As a matter of good practice you should set different CIDRs for different zones. This will make it easier to set up VPNs between networks in different zones.</para></listitem>
<listitem><para><emphasis role="bold">Hypervisor.</emphasis> (Introduced in version 3.0.1) Choose the hypervisor for the first cluster in the zone. You can add clusters with different hypervisors later, after you finish adding the zone.</para></listitem>
<listitem><para><emphasis role="bold">Public.</emphasis> A public zone is available to all users. A zone that is not public will be assigned to a particular domain. Only users in that domain will be allowed to create guest VMs in this zone.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>Choose which traffic types will be carried by the physical network.</para>
<para>The traffic types are management, public, guest, and storage traffic. For more information about the types, roll over the icons to display their tool tips, or see <xref linkend="advanced-zone-network-traffic-types" />. This screen starts out with one network already configured. If you have multiple physical networks, you need to add more. Drag and drop traffic types onto a greyed-out network and it will become active. You can move the traffic icons from one network to another; for example, if the default traffic types shown for Network 1 do not match your actual setup, you can move them down. You can also change the network names if desired.</para>
</listitem>
<listitem><para>(Introduced in version 3.0.1) Assign a network traffic label to each traffic type on each physical network. These labels must match the labels you have already defined on the hypervisor host. To assign each label, click the Edit button under the traffic type icon within each physical network. A popup dialog appears where you can type the label, then click OK.</para>
<para>These traffic labels will be defined only for the hypervisor selected for the first cluster. For all other hypervisors, the labels can be configured after the zone is created.</para>
<para>(VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify the corresponding Ethernet port profile names as network traffic label for each traffic type on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere Cluster with Nexus 1000v Virtual Switch.</para>
</listitem>
<listitem><para>Click Next.</para>
</listitem>
<listitem><para>Configure the IP range for public Internet traffic. Enter the following details, then click Add. If desired, you can repeat this step to add more public Internet IP ranges. When done, click Next.</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Gateway.</emphasis> The gateway in use for these IP addresses.</para></listitem>
<listitem><para><emphasis role="bold">Netmask.</emphasis> The netmask associated with this IP range.</para></listitem>
<listitem><para><emphasis role="bold">VLAN.</emphasis> The VLAN that will be used for public traffic.</para></listitem>
<listitem><para><emphasis role="bold">Start IP/End IP.</emphasis> A range of IP addresses that are assumed to be accessible from the Internet and will be allocated for access to guest networks.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later. For an overview of what a pod is, see <xref linkend="about-pods" />.</para>
<para>To configure the first pod, enter the following, then click Next:</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Pod Name.</emphasis> A name for the pod.</para></listitem>
<listitem><para><emphasis role="bold">Reserved system gateway.</emphasis> The gateway for the hosts in that pod.</para></listitem>
<listitem><para><emphasis role="bold">Reserved system netmask.</emphasis> The network prefix that defines the pod's subnet. Use CIDR notation.</para></listitem>
<listitem><para><emphasis role="bold">Start/End Reserved System IP.</emphasis> The IP range in the management network that &PRODUCT; uses to manage various system VMs, such as Secondary Storage VMs, Console Proxy VMs, and DHCP. For more information, see <xref linkend="system-reserved-ip-addresses" />.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN Allocation Example ), then click Next.</para>
</listitem>
<listitem><para>In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters later. For an overview of what a cluster is, see <xref linkend="about-clusters" />.</para>
<para>To configure the first cluster, enter the following, then click Next:</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Hypervisor.</emphasis> (Version 3.0.0 only; in 3.0.1, this field is read only) Choose the type of hypervisor software that all hosts in this cluster will run. If you choose VMware, additional fields appear so you can give information about a vSphere cluster. For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add Cluster: vSphere .</para></listitem>
<listitem><para><emphasis role="bold">Cluster name.</emphasis> Enter a name for the cluster. This can be text of your choosing and is not used by &PRODUCT;.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts later. For an overview of what a host is, see <xref linkend="about-hosts" />.</para>
<note><para>When you deploy &PRODUCT;, the hypervisor host must not have any VMs already running.</para></note>
<para>Before you can configure the host, you need to install the hypervisor software on the host. You will need to know which version of the hypervisor software version is supported by &PRODUCT; and what additional configuration is required to ensure the host will work with &PRODUCT;. To find these installation details, see:</para>
<itemizedlist>
<listitem><para>Citrix XenServer Installation for &PRODUCT;</para></listitem>
<listitem><para>VMware vSphere Installation and Configuration</para></listitem>
<listitem><para>KVM Installation and Configuration</para></listitem>
<listitem><para>Oracle VM (OVM) Installation and Configuration</para></listitem>
</itemizedlist>
<para>To configure the first host, enter the following, then click Next:</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Host Name.</emphasis> The DNS name or IP address of the host.</para></listitem>
<listitem><para><emphasis role="bold">Username.</emphasis> Usually root.</para></listitem>
<listitem><para><emphasis role="bold">Password.</emphasis> This is the password for the user named above (from your XenServer or KVM install).</para></listitem>
<listitem><para><emphasis role="bold">Host Tags.</emphasis> (Optional) Any labels that you use to categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag (set in the ha.tag global configuration parameter) if you want this host to be used only for VMs with the "high availability" feature enabled. For more information, see HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration Guide.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>In a new cluster, &PRODUCT; adds the first primary storage server for you. You can always add more servers later. For an overview of what primary storage is, see <xref linkend="about-primary-storage" />.</para>
<para>To configure the first primary storage server, enter the following, then click Next:</para>
<itemizedlist>
<listitem><para><emphasis role="bold">Name.</emphasis> The name of the storage device.</para></listitem>
<listitem><para><emphasis role="bold">Protocol.</emphasis> For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on what you choose here.</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1" />
<colspec colname="c2" />
<tbody>
<row>
<entry><para>NFS</para></entry>
<entry>
<itemizedlist>
<listitem><para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of the storage device.</para></listitem>
<listitem><para><emphasis role="bold">Path.</emphasis> The exported path from the server.</para></listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.</para>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
</itemizedlist>
</entry>
</row>
<row>
<entry><para>iSCSI</para></entry>
<entry>
<itemizedlist>
<listitem><para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of the storage device.</para></listitem>
<listitem><para><emphasis role="bold">Target IQN.</emphasis> The IQN of the target. For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.</para></listitem>
<listitem><para><emphasis role="bold">Lun.</emphasis> The LUN number. For example, 3.</para></listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.</para>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
</itemizedlist>
</entry>
</row>
<row>
<entry><para>preSetup</para></entry>
<entry>
<itemizedlist>
<listitem><para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of the storage device.</para></listitem>
<listitem><para><emphasis role="bold">SR Name-Label.</emphasis> Enter the name-label of the SR that has been set up outside &PRODUCT;.</para></listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.</para>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
</itemizedlist>
</entry>
</row>
<row>
<entry><para>SharedMountPoint</para></entry>
<entry>
<itemizedlist>
<listitem><para><emphasis role="bold">Path.</emphasis> The path on each host that is where this primary storage is mounted. For example, "/mnt/primary".</para></listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.</para>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
</itemizedlist>
</entry>
</row>
<row>
<entry><para>VMFS</para></entry>
<entry>
<itemizedlist>
<listitem><para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of the vCenter server.</para></listitem>
<listitem><para><emphasis role="bold">Path.</emphasis> A combination of the datacenter name and the datastore name. The format is "/" datacenter name "/" datastore name. For example, "/cloud.dc.VM/cluster1datastore".</para></listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.</para>
<para>The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.</para>
</listitem>
</itemizedlist>
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
</itemizedlist>
</listitem>
<listitem><para>In a new zone, &PRODUCT; adds the first secondary storage server for you. For an overview of what secondary storage is, see <xref linkend="about-secondary-storage" />.</para>
<para>Before you can fill out this screen, you need to prepare the secondary storage by setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding Secondary Storage :</para>
<itemizedlist>
<listitem><para><emphasis role="bold">NFS Server.</emphasis> The IP address of the server.</para></listitem>
<listitem><para><emphasis role="bold">Path.</emphasis> The exported path from the server.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>Click Launch.</para>
</listitem>
</orderedlist>
<title>Advanced Zone Configuration</title>
<orderedlist>
<listitem>
<para>After you select Advanced in the Add Zone wizard and click Next, you will be asked to
enter the following details. Then click Next.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name.</emphasis> A name for the zone.</para>
</listitem>
<listitem>
<para><emphasis role="bold">DNS 1 and 2.</emphasis> These are DNS servers for use by guest
VMs in the zone. These DNS servers will be accessed via the public network you will add
later. The public IP addresses for the zone must have a route to the DNS server named
here.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Internal DNS 1 and Internal DNS 2.</emphasis> These are DNS
servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such
as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will
be accessed via the management traffic network interface of the System VMs. The private
IP address you provide for the pods must have a route to the internal DNS server named
here.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network Domain.</emphasis> (Optional) If you want to assign a
special domain name to the guest VM network, specify the DNS suffix.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest CIDR.</emphasis> This is the CIDR that describes the IP
addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24.
As a matter of good practice you should set different CIDRs for different zones. This
will make it easier to set up VPNs between networks in different zones.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Hypervisor.</emphasis> (Introduced in version 3.0.1) Choose
the hypervisor for the first cluster in the zone. You can add clusters with different
hypervisors later, after you finish adding the zone.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public.</emphasis> A public zone is available to all users. A
zone that is not public will be assigned to a particular domain. Only users in that
domain will be allowed to create guest VMs in this zone.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Choose which traffic types will be carried by the physical network.</para>
<para>The traffic types are management, public, guest, and storage traffic. For more
information about the types, roll over the icons to display their tool tips, or see <xref
linkend="advanced-zone-network-traffic-types"/>. This screen starts out with one network
already configured. If you have multiple physical networks, you need to add more. Drag and
drop traffic types onto a greyed-out network and it will become active. You can move the
traffic icons from one network to another; for example, if the default traffic types shown
for Network 1 do not match your actual setup, you can move them down. You can also change
the network names if desired.</para>
</listitem>
<listitem>
<para>(Introduced in version 3.0.1) Assign a network traffic label to each traffic type on
each physical network. These labels must match the labels you have already defined on the
hypervisor host. To assign each label, click the Edit button under the traffic type icon
within each physical network. A popup dialog appears where you can type the label, then
click OK.</para>
<para>These traffic labels will be defined only for the hypervisor selected for the first
cluster. For all other hypervisors, the labels can be configured after the zone is
created.</para>
<para>(VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify
the corresponding Ethernet port profile names as network traffic label for each traffic type
on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere
Cluster with Nexus 1000v Virtual Switch.</para>
</listitem>
<listitem>
<para>Click Next.</para>
</listitem>
<listitem>
<para>Configure the IP range for public Internet traffic. Enter the following details, then
click Add. If desired, you can repeat this step to add more public Internet IP ranges. When
done, click Next.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Gateway.</emphasis> The gateway in use for these IP
addresses.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Netmask.</emphasis> The netmask associated with this IP
range.</para>
</listitem>
<listitem>
<para><emphasis role="bold">VLAN.</emphasis> The VLAN that will be used for public
traffic.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Start IP/End IP.</emphasis> A range of IP addresses that are
assumed to be accessible from the Internet and will be allocated for access to guest
networks.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later.
For an overview of what a pod is, see <xref linkend="about-pods"/>.</para>
<para>To configure the first pod, enter the following, then click Next:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Pod Name.</emphasis> A name for the pod.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Reserved system gateway.</emphasis> The gateway for the hosts
in that pod.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Reserved system netmask.</emphasis> The network prefix that
defines the pod's subnet. Use CIDR notation.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Start/End Reserved System IP.</emphasis> The IP range in the
management network that &PRODUCT; uses to manage various system VMs, such as Secondary
Storage VMs, Console Proxy VMs, and DHCP. For more information, see <xref
linkend="system-reserved-ip-addresses"/>.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN
Allocation Example ), then click Next.</para>
</listitem>
<listitem>
<para>In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters
later. For an overview of what a cluster is, see <xref linkend="about-clusters"/>.</para>
<para>To configure the first cluster, enter the following, then click Next:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Hypervisor.</emphasis> (Version 3.0.0 only; in 3.0.1, this
field is read only) Choose the type of hypervisor software that all hosts in this
cluster will run. If you choose VMware, additional fields appear so you can give
information about a vSphere cluster. For vSphere servers, we recommend creating the
cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add
Cluster: vSphere .</para>
</listitem>
<listitem>
<para><emphasis role="bold">Cluster name.</emphasis> Enter a name for the cluster. This
can be text of your choosing and is not used by &PRODUCT;.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts
later. For an overview of what a host is, see <xref linkend="about-hosts"/>.</para>
<note>
<para>When you deploy &PRODUCT;, the hypervisor host must not have any VMs already
running.</para>
</note>
<para>Before you can configure the host, you need to install the hypervisor software on the
host. You will need to know which version of the hypervisor software version is supported by
&PRODUCT; and what additional configuration is required to ensure the host will work with
&PRODUCT;. To find these installation details, see:</para>
<itemizedlist>
<listitem>
<para>Citrix XenServer Installation for &PRODUCT;</para>
</listitem>
<listitem>
<para>VMware vSphere Installation and Configuration</para>
</listitem>
<listitem>
<para>KVM Installation and Configuration</para>
</listitem>
<listitem>
<para>Oracle VM (OVM) Installation and Configuration</para>
</listitem>
</itemizedlist>
<para>To configure the first host, enter the following, then click Next:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Host Name.</emphasis> The DNS name or IP address of the
host.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Username.</emphasis> Usually root.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Password.</emphasis> This is the password for the user named
above (from your XenServer or KVM install).</para>
</listitem>
<listitem>
<para><emphasis role="bold">Host Tags.</emphasis> (Optional) Any labels that you use to
categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag
(set in the ha.tag global configuration parameter) if you want this host to be used only
for VMs with the "high availability" feature enabled. For more information, see
HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration
Guide.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In a new cluster, &PRODUCT; adds the first primary storage server for you. You can
always add more servers later. For an overview of what primary storage is, see <xref
linkend="about-primary-storage"/>.</para>
<para>To configure the first primary storage server, enter the following, then click
Next:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name.</emphasis> The name of the storage device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Protocol.</emphasis> For XenServer, choose either NFS, iSCSI,
or PreSetup. For KVM, choose NFS or SharedMountPoint. For vSphere choose either VMFS
(iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on
what you choose here.</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<tbody>
<row>
<entry><para>NFS</para></entry>
<entry>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of
the storage device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Path.</emphasis> The exported path from the
server.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated
list of tags for this storage device. It should be an equivalent set or
superset of the tags on your disk offerings.</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be
identical. For example, if cluster A provides primary storage that has tags T1
and T2, all other clusters in the Zone must also provide primary storage that
has tags T1 and T2.</para>
</entry>
</row>
<row>
<entry><para>iSCSI</para></entry>
<entry>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of
the storage device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Target IQN.</emphasis> The IQN of the target.
For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Lun.</emphasis> The LUN number. For example,
3.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated
list of tags for this storage device. It should be an equivalent set or
superset of the tags on your disk offerings.</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be
identical. For example, if cluster A provides primary storage that has tags T1
and T2, all other clusters in the Zone must also provide primary storage that
has tags T1 and T2.</para>
</entry>
</row>
<row>
<entry><para>preSetup</para></entry>
<entry>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of
the storage device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">SR Name-Label.</emphasis> Enter the name-label
of the SR that has been set up outside &PRODUCT;.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated
list of tags for this storage device. It should be an equivalent set or
superset of the tags on your disk offerings.</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be
identical. For example, if cluster A provides primary storage that has tags T1
and T2, all other clusters in the Zone must also provide primary storage that
has tags T1 and T2.</para>
</entry>
</row>
<row>
<entry><para>SharedMountPoint</para></entry>
<entry>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Path.</emphasis> The path on each host that is
where this primary storage is mounted. For example, "/mnt/primary".</para>
</listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated
list of tags for this storage device. It should be an equivalent set or
superset of the tags on your disk offerings.</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be
identical. For example, if cluster A provides primary storage that has tags T1
and T2, all other clusters in the Zone must also provide primary storage that
has tags T1 and T2.</para>
</entry>
</row>
<row>
<entry><para>VMFS</para></entry>
<entry>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Server.</emphasis> The IP address or DNS name of
the vCenter server.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Path.</emphasis> A combination of the datacenter
name and the datastore name. The format is "/" datacenter name "/"
datastore name. For example, "/cloud.dc.VM/cluster1datastore".</para>
</listitem>
<listitem>
<para><emphasis role="bold">Tags (optional).</emphasis> The comma-separated
list of tags for this storage device. It should be an equivalent set or
superset of the tags on your disk offerings.</para>
</listitem>
</itemizedlist>
<para>The tag sets on primary storage across clusters in a Zone must be
identical. For example, if cluster A provides primary storage that has tags T1
and T2, all other clusters in the Zone must also provide primary storage that
has tags T1 and T2.</para>
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>In a new zone, &PRODUCT; adds the first secondary storage server for you. For an
overview of what secondary storage is, see <xref linkend="about-secondary-storage"/>.</para>
<para>Before you can fill out this screen, you need to prepare the secondary storage by
setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding
Secondary Storage :</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">NFS Server.</emphasis> The IP address of the server.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Path.</emphasis> The exported path from the server.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click Launch.</para>
</listitem>
</orderedlist>
</section>

41
docs/en-US/advanced-zone-physical-network-configuration.xml
View File

@ -3,26 +3,27 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="advanced-zone-physical-network-configuration">
<title>Advanced Zone Physical Network Configuration</title>
<para>Within a zone that uses advanced networking, you need to tell the Management Server how the physical network is set up to carry different kinds of traffic in isolation.</para>
</section>
<title>Advanced Zone Physical Network Configuration</title>
<para>Within a zone that uses advanced networking, you need to tell the Management Server how the
physical network is set up to carry different kinds of traffic in isolation.</para>
<xi:include href="configure-guest-traffic-in-advanced-zone.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="configure-public-traffic-in-an-advanced-zone.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

38
docs/en-US/api-overview.xml Normal file
View File

@ -0,0 +1,38 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="api-overview">
<title>&PRODUCT; API</title>
<para>The &PRODUCT; API is a low level API that has been used to implement the &PRODUCT; web UIs.
It is also a good basis for implementing other popular APIs such as EC2/S3 and emerging DMTF
standards.</para>
<para>Many &PRODUCT; API calls are asynchronous. These will return a Job ID immediately when
called. This Job ID can be used to query the status of the job later. Also, status calls on
impacted resources will provide some indication of their state.</para>
<para>The API has a REST-like query basis and returns results in XML or JSON.</para>
<para>See <ulink
url="http://docs.cloudstack.org/CloudStack_Documentation/Developer's_Guide%3A_CloudStack">the
Developers Guide</ulink> and <ulink
url="http://docs.cloudstack.org/CloudStack_Documentation/API_Reference%3A_CloudStack">the API
Reference</ulink>.</para>
<xi:include href="provisioning-auth-api.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="allocators.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="user-data-and-meta-data.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</chapter>

50
docs/en-US/automatic-snapshot-creation-retention.xml
View File

@ -3,28 +3,34 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="automatic-snapshot-creation-retention">
<title>Automatic Snapshot Creation and Retention</title>
<para>(Supported for the following hypervisors: <emphasis role="bold">XenServer</emphasis>, <emphasis role="bold">VMware vSphere</emphasis>, and <emphasis role="bold">KVM</emphasis>)</para>
<para>Users can set up a recurring snapshot policy to automatically create multiple snapshots of a disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly interval. One snapshot policy can be set up per disk volume. For example, a user can set up a daily snapshot at 02:30.</para>
<para>With each snapshot schedule, users can also specify the number of scheduled snapshots to be retained. Older snapshots that exceed the retention limit are automatically deleted. This user-defined limit must be equal to or lower than the global limit set by the &PRODUCT; administrator. See <xref linkend="globally-configured-limits"/>. The limit applies only to those snapshots that are taken as part of an automatic recurring snapshot policy. Additional manual snapshots can be created and retained.</para>
</section>
<title>Automatic Snapshot Creation and Retention</title>
<para>(Supported for the following hypervisors: <emphasis role="bold">XenServer</emphasis>,
<emphasis role="bold">VMware vSphere</emphasis>, and <emphasis role="bold"
>KVM</emphasis>)</para>
<para>Users can set up a recurring snapshot policy to automatically create multiple snapshots of a
disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly
interval. One snapshot policy can be set up per disk volume. For example, a user can set up a
daily snapshot at 02:30.</para>
<para>With each snapshot schedule, users can also specify the number of scheduled snapshots to be
retained. Older snapshots that exceed the retention limit are automatically deleted. This
user-defined limit must be equal to or lower than the global limit set by the &PRODUCT;
administrator. See <xref linkend="globally-configured-limits"/>. The limit applies only to those
snapshots that are taken as part of an automatic recurring snapshot policy. Additional manual
snapshots can be created and retained.</para>
</section>

184
docs/en-US/change-to-behavior-of-list-commands.xml
View File

@ -1,89 +1,109 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="change-to-behavior-of-list-commands">
<title>Change to Behavior of List Commands</title>
<para>There was a major change in how our List* API commands work in CloudStack 3.0 compared to 2.2.x. The rules below apply only for managed resources those that belong to an account, domain, or project. They are irrelevant for the List* commands displaying unmanaged (system) resources, such as hosts, clusters, and external network resources.</para>
<para>When no parameters are passed in to the call, the caller sees only resources owned by the caller (even when the caller is the administrator). Previously, the administrator saw everyone else's resources by default.</para>
<para>When accountName and domainId are passed in:</para>
<itemizedlist>
<listitem><para>The caller sees the resources dedicated to the account specified.</para></listitem>
<listitem><para>If the call is executed by a regular user, the user is authorized to specify only the user's own account and domainId.</para></listitem>
<listitem><para>If the caller is a domain administrator, CloudStack performs an authorization check to see whether the caller is permitted to view resources for the given account and domainId.</para></listitem>
</itemizedlist>
<para>When projectId is passed in, only resources belonging to that project are listed.</para>
<para>When domainId is passed in, the call returns only resources belonging to the domain specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the regular user can see only resources owned by that user, the root administrator can list anything, and a domain administrator is authorized to see only resources of the administrator's own domain and subdomains.</para>
<para>To see all resources the caller is authorized to see, except for Project resources, use the parameter listAll=true.</para>
<para>To see all Project resources the caller is authorized to see, use the parameter projectId=-1.</para>
<para>There is one API command that doesn't fall under the rules above completely: the listTemplates command. This command has its own flags defining the list rules:</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1" />
<colspec colname="c2" />
<thead>
<row>
<entry><para>listTemplates Flag</para></entry>
<entry><para>Description</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>featured</para></entry>
<entry><para>Returns templates that have been marked as featured and public.</para></entry>
</row>
<row>
<entry><para>self</para></entry>
<entry><para>Returns templates that have been registered or created by the calling user.</para></entry>
</row>
<row>
<entry><para>selfexecutable</para></entry>
<entry><para>Same as self, but only returns templates that are ready to be deployed with.</para></entry>
</row>
<row>
<entry><para>sharedexecutable</para></entry>
<entry><para>Ready templates that have been granted to the calling user by another user.</para></entry>
</row>
<row>
<entry><para>executable</para></entry>
<entry><para>Templates that are owned by the calling user, or public templates, that can be used to deploy a new VM.</para></entry>
</row>
<row>
<entry><para>community</para></entry>
<entry><para>Returns templates that have been marked as public but not featured.</para></entry>
</row>
<row>
<entry><para>all</para></entry>
<entry><para>Returns all templates (only usable by admins).</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>The &PRODUCT; UI on a general view will display all resources that the logged-in user is authorized to see, except for project resources. To see the project resources, select the project view.</para>
</section>
<title>Change to Behavior of List Commands</title>
<para>There was a major change in how our List* API commands work in CloudStack 3.0 compared to
2.2.x. The rules below apply only for managed resources those that belong to an account,
domain, or project. They are irrelevant for the List* commands displaying unmanaged (system)
resources, such as hosts, clusters, and external network resources.</para>
<para>When no parameters are passed in to the call, the caller sees only resources owned by the
caller (even when the caller is the administrator). Previously, the administrator saw everyone
else's resources by default.</para>
<para>When accountName and domainId are passed in:</para>
<itemizedlist>
<listitem>
<para>The caller sees the resources dedicated to the account specified.</para>
</listitem>
<listitem>
<para>If the call is executed by a regular user, the user is authorized to specify only the
user's own account and domainId.</para>
</listitem>
<listitem>
<para>If the caller is a domain administrator, CloudStack performs an authorization check to
see whether the caller is permitted to view resources for the given account and
domainId.</para>
</listitem>
</itemizedlist>
<para>When projectId is passed in, only resources belonging to that project are listed.</para>
<para>When domainId is passed in, the call returns only resources belonging to the domain
specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the
regular user can see only resources owned by that user, the root administrator can list
anything, and a domain administrator is authorized to see only resources of the administrator's
own domain and subdomains.</para>
<para>To see all resources the caller is authorized to see, except for Project resources, use the
parameter listAll=true.</para>
<para>To see all Project resources the caller is authorized to see, use the parameter
projectId=-1.</para>
<para>There is one API command that doesn't fall under the rules above completely: the
listTemplates command. This command has its own flags defining the list rules:</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<thead>
<row>
<entry><para>listTemplates Flag</para></entry>
<entry><para>Description</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>featured</para></entry>
<entry><para>Returns templates that have been marked as featured and
public.</para></entry>
</row>
<row>
<entry><para>self</para></entry>
<entry><para>Returns templates that have been registered or created by the calling
user.</para></entry>
</row>
<row>
<entry><para>selfexecutable</para></entry>
<entry><para>Same as self, but only returns templates that are ready to be deployed
with.</para></entry>
</row>
<row>
<entry><para>sharedexecutable</para></entry>
<entry><para>Ready templates that have been granted to the calling user by another
user.</para></entry>
</row>
<row>
<entry><para>executable</para></entry>
<entry><para>Templates that are owned by the calling user, or public templates, that can
be used to deploy a new VM.</para></entry>
</row>
<row>
<entry><para>community</para></entry>
<entry><para>Returns templates that have been marked as public but not
featured.</para></entry>
</row>
<row>
<entry><para>all</para></entry>
<entry><para>Returns all templates (only usable by admins).</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>The &PRODUCT; UI on a general view will display all resources that the logged-in user is
authorized to see, except for project resources. To see the project resources, select the
project view.</para>
<xi:include href="changed-apicommands-4.0.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

268
docs/en-US/changed-apicommands-4.0.xml Normal file
View File

@ -0,0 +1,268 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="changed-apicommands-4.0">
<title>Changed API Commands in 4.0</title>
<informaltable>
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colwidth="1" colname="1" colnum="1"/>
<colspec colwidth="2*" colname="2" colnum="2"/>
<thead>
<row>
<entry><para>API Commands</para></entry>
<entry><para>Description</para></entry>
</row>
</thead>
<tbody>
<row>
<entry>
<para>copyTemplate</para>
<para>prepareTemplate</para>
<para>registerTemplate</para>
<para>updateTemplate</para>
<para>createProject</para>
<para>activateProject</para>
<para>suspendProject</para>
<para>updateProject</para>
<para>listProjectAccounts</para>
<para>createVolume</para>
<para>migrateVolume</para>
<para>attachVolume</para>
<para>detachVolume</para>
<para>uploadVolume</para>
<para>createSecurityGroup</para>
<para>registerIso</para>
<para>copyIso</para>
<para>updateIso</para>
<para>createIpForwardingRule</para>
<para>listIpForwardingRules</para>
<para>createLoadBalancerRule</para>
<para>updateLoadBalancerRule</para>
<para>createSnapshot</para>
</entry>
<entry>
<para>The commands in this list have a single new response parameter, and no other
changes.</para>
<para>New response parameter: tags(*)</para>
<note>
<para>Many other commands also have the new tags(*) parameter in addition to other
changes; those commands are listed separately.</para>
</note></entry>
</row>
<row>
<entry>
<para>rebootVirtualMachine</para>
<para>attachIso</para>
<para>detachIso</para>
<para>listLoadBalancerRuleInstances</para>
<para>resetPasswordForVirtualMachine</para>
<para>changeServiceForVirtualMachine</para>
<para>recoverVirtualMachine</para>
<para>startVirtualMachine</para>
<para>migrateVirtualMachine</para>
<para>deployVirtualMachine</para>
<para>assignVirtualMachine</para>
<para>updateVirtualMachine</para>
<para>restoreVirtualMachine</para>
<para>stopVirtualMachine</para>
<para>destroyVirtualMachine</para>
</entry>
<entry>
<para>The commands in this list have two new response parameters, and no other
changes.</para>
<para>New response parameters: keypair, tags(*)</para>
</entry>
</row>
<row>
<entry>
<para>listSecurityGroups</para>
<para>listFirewallRules</para>
<para>listPortForwardingRules</para>
<para>listSnapshots</para>
<para>listIsos</para>
<para>listProjects</para>
<para>listTemplates</para>
<para>listLoadBalancerRules</para>
</entry>
<entry><para>The commands in this list have the following new parameters, and no other
changes.</para>
<para>New request parameter: tags (optional)</para>
<para>New response parameter: tags(*)</para>
</entry>
</row>
<row>
<entry>
<para>listF5LoadBalancerNetworks</para>
<para>listNetscalerLoadBalancerNetworks</para>
<para>listSrxFirewallNetworks</para>
<para>updateNetwork</para>
</entry>
<entry>
<para>The commands in this list have three new response parameters, and no other
changes.</para>
<para>New response parameters: canusefordeploy, vpcid, tags(*)</para>
</entry>
</row>
<row>
<entry>
<para>createZone</para>
<para>updateZone</para>
</entry>
<entry><para>The commands in this list have the following new parameters, and no other
changes.</para>
<para>New request parameter: localstorageenabled (optional)</para>
<para>New response parameter: localstorageenabled</para>
</entry>
</row>
<row>
<entry><para>listZones</para></entry>
<entry><para>New response parameter: localstorageenabled</para></entry>
</row>
<row>
<entry>
<para>rebootRouter</para>
<para>changeServiceForRouter</para>
<para>startRouter</para>
<para>destroyRouter</para>
<para>stopRouter</para>
</entry>
<entry><para>The commands in this list have two new response parameters, and no other
changes.</para>
<para>New response parameters: vpcid, nic(*)</para></entry>
</row>
<row>
<entry>
<para>updateAccount</para>
<para>disableAccount</para>
<para>listAccounts</para>
<para>markDefaultZoneForAccount</para>
<para>enableAccount</para>
</entry>
<entry><para>The commands in this list have three new response parameters, and no other
changes.</para>
<para>New response parameters: vpcavailable, vpclimit, vpctotal</para></entry>
</row>
<row>
<entry><para>listRouters</para></entry>
<entry>
<para>New request parameters: forvpc (optional), vpcid (optional)</para>
<para>New response parameters: vpcid, nic(*)</para>
</entry>
</row>
<row>
<entry><para>listNetworkOfferings</para></entry>
<entry>
<para>New request parameters: forvpc (optional)</para>
<para>New response parameters: forvpc </para>
</entry>
</row>
<row>
<entry><para>listVolumes</para></entry>
<entry>
<para>New request parameters: details (optional), tags (optional)</para>
<para>New response parameters: tags(*)</para>
</entry>
</row>
<row>
<entry><para>addTrafficMonitor</para></entry>
<entry>
<para>New request parameters: excludezones (optional), includezones (optional)</para>
</entry>
</row>
<row>
<entry><para>createNetwork</para></entry>
<entry>
<para>New request parameters: vpcid (optional)</para>
<para>New response parameters: canusefordeploy, vpcid, tags(*)</para>
</entry>
</row>
<row>
<entry><para>listPublicIpAddresses</para></entry>
<entry>
<para>New request parameters: tags (optional), vpcid (optional)</para>
<para>New response parameters: vpcid, tags(*)</para>
</entry>
</row>
<row>
<entry><para>listNetworks</para></entry>
<entry>
<para>New request parameters: canusefordeploy (optional), forvpc (optional), tags
(optional), vpcid (optional)</para>
<para>New response parameters: canusefordeploy, vpcid, tags(*)</para>
</entry>
</row>
<row>
<entry><para>restartNetwork</para></entry>
<entry>
<para>New response parameters: vpcid, tags(*)</para>
</entry>
</row>
<row>
<entry><para>enableStaticNat</para></entry>
<entry>
<para>New request parameter: networkid (optional)</para>
</entry>
</row>
<row>
<entry><para>createDiskOffering</para></entry>
<entry>
<para>New request parameter: storagetype (optional)</para>
<para>New response parameter: storagetype</para>
</entry>
</row>
<row>
<entry><para>listDiskOfferings</para></entry>
<entry>
<para>New response parameter: storagetype</para>
</entry>
</row>
<row>
<entry><para>updateDiskOffering</para></entry>
<entry>
<para>New response parameter: storagetype</para>
</entry>
</row>
<row>
<entry><para>createFirewallRule</para></entry>
<entry>
<para>Changed request parameters: ipaddressid (old version - optional, new version -
required)</para>
<para>New response parameter: tags(*)</para>
</entry>
</row>
<row>
<entry><para>listVirtualMachines</para></entry>
<entry>
<para>New request parameters: isoid (optional), tags (optional), templateid
(optional)</para>
<para>New response parameters: keypair, tags(*)</para>
</entry>
</row>
<row>
<entry><para>updateStorageNetworkIpRange</para></entry>
<entry>
<para>New response parameters: id, endip, gateway, netmask, networkid, podid, startip,
vlan, zoneid</para>
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>

29
docs/en-US/choosing_a_deployment_architecture.xml Normal file
View File

@ -0,0 +1,29 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="choosing_a_deployment_architecture">
<title>Choosing a Deployment Architecture</title>
<para>The architecture used in a deployment will vary depending on the size and purpose of the deployment. This section contains examples of deployment architecture, including a small-scale deployment useful for test and trial deployments and a fully-redundant large-scale setup for production deployments.</para>
<xi:include href="small_scale_deployment.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="large_scale_redundant_setup.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="separate_storage_network.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="multi_node_management_server.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="multi_site_deployment.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>

79
docs/en-US/cloudstack.xml
View File

@ -1,53 +1,56 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<book>
<bookinfo>
<title>CloudStack Guide</title>
<subtitle>Revised September 18, 2012 10:48 am Pacific</subtitle>
<productname>Apache CloudStack (incubating)</productname>
<productnumber>3.0</productnumber>
<edition>1</edition>
<pubsnumber></pubsnumber>
<abstract>
<para>Complete technical documentation for Apache CloudStack.</para>
</abstract>
<corpauthor>
<inlinemediaobject>
<imageobject>
<imagedata fileref="Common_Content/images/title_logo.svg" format="SVG" />
</imageobject>
</inlinemediaobject>
</corpauthor>
<xi:include href="Common_Content/Legal_Notice.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</bookinfo>
<xi:include href="Book_Info_Build_All.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="concepts.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="accounts.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="user-services-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="installation.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="ui.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="cloud-infrastructure-concepts.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="provisioning-steps.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="admin-guide.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="set-up-network-for-users.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="xenserver-install.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="kvm-install.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="vmware-install.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="projects.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="virtual-machines.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="working-with-hosts.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="working-with-templates.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="storage.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="work-with-usage.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="networks.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="working-with-system-vm.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="sys-reliability-and-ha.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="manage-cloud.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="api-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="tuning.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="troubleshooting.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="developer-guide.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</book>
<xi:include href="time-zones.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="event-types.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="alerts.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</book>

40
docs/en-US/compute-disk-service-offerings.xml
View File

@ -5,33 +5,32 @@
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="compute-disk-service-offerings">
<title>Compute and Disk Service Offerings</title>
<para>A service offering is a set of virtual hardware features such as CPU core count and speed, memory, and disk size. The CloudPlatform administrator can set up various offerings, and then end users choose from the available offerings when they create a new VM. A service offering includes the following elements:</para>
<para>A service offering is a set of virtual hardware features such as CPU core count and speed, memory, and disk size. The &PRODUCT; administrator can set up various offerings, and then end users choose from the available offerings when they create a new VM. A service offering includes the following elements:</para>
<itemizedlist>
<listitem><para>CPU, memory, and network resource guarantees</para></listitem>
<listitem><para>How resources are metered</para></listitem>
<listitem><para>How the resource usage is charged</para></listitem>
<listitem><para>How often the charges are generated</para></listitem>
</itemizedlist>
<para>For example, one service offering might allow users to create a virtual machine instance that is equivalent to a 1 GHz Intel Core 2 CPU, with 1 GB memory at $0.20/hour, with network traffic metered at $0.10/GB. Based on the users selected offering, CloudPlatform emits usage records that can be integrated with billing systems. CloudPlatform separates service offerings into compute offerings and disk offerings. The computing service offering specifies:</para>
<para>For example, one service offering might allow users to create a virtual machine instance that is equivalent to a 1 GHz Intel® Core 2 CPU, with 1 GB memory at $0.20/hour, with network traffic metered at $0.10/GB. Based on the users selected offering, &PRODUCT; emits usage records that can be integrated with billing systems. &PRODUCT; separates service offerings into compute offerings and disk offerings. The computing service offering specifies:</para>
<itemizedlist>
<listitem><para>Guest CPU</para></listitem>
<listitem><para>Guest RAM</para></listitem>
@ -43,4 +42,9 @@
<listitem><para>Disk size (optional). An offering without a disk size will allow users to pick their own</para></listitem>
<listitem><para>Tags on the data disk</para></listitem>
</itemizedlist>
<xi:include href="creating-compute-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="creating-disk-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="modify-delete-service-offerings.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</section>

139
docs/en-US/configure-acl.xml Normal file
View File

@ -0,0 +1,139 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="configure-acl">
<title>Configuring Access Control List</title>
<para>Define Network Access Control List (ACL) on the VPC virtual router to control incoming
(ingress) and outgoing (egress) traffic between the VPC tiers, and the tiers and Internet. By
default, all incoming and outgoing traffic to the guest networks is blocked. To open the ports,
you must create a new network ACL. The network ACLs can be created for the tiers only if the
NetworkACL service is supported.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ACLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select Network ACLs.</para>
<para>The Network ACLs page is displayed.</para>
</listitem>
<listitem>
<para>Click Add Network ACLs.</para>
<para>To add an ACL rule, fill in the following fields to specify what kind of network traffic
is allowed in this tier. </para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">CIDR</emphasis>: The CIDR acts as the Source CIDR for the
Ingress rules, and Destination CIDR for the Egress rules. To accept traffic only from or
to the IP addresses within a particular address block, enter a CIDR or a comma-separated
list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example,
192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Protocol</emphasis>: The networking protocol that sources use
to send traffic to the tier. The TCP and UDP protocols are typically used for data
exchange and end-user communications. The ICMP protocol is typically used to send error
messages or network monitoring data.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Start Port</emphasis>, <emphasis role="bold">End
Port</emphasis> (TCP, UDP only): A range of listening ports that are the destination
for the incoming traffic. If you are opening a single port, use the same number in both
fields.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Select Tier</emphasis>: Select the tier for which you want to
add this ACL rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ICMP Type</emphasis>, <emphasis role="bold">ICMP
Code</emphasis> (ICMP only): The type of message and error code that will be
sent.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Traffic Type</emphasis>: Select the traffic type you want to
apply. </para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Egress</emphasis>: To add an egress rule, select Egress
from the Traffic type drop-down box and click Add. This specifies what type of
traffic is allowed to be sent out of VM instances in this tier. If no egress rules
are specified, all traffic from the tier is allowed out at the VPC virtual router.
Once egress rules are specified, only the traffic specified in egress rules and the
responses to any traffic that has been allowed in through an ingress rule are
allowed out. No egress rule is required for the VMs in a tier to communicate with
each other.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Ingress</emphasis>: To add an ingress rule, select Ingress
from the Traffic type drop-down box and click Add. This specifies what network
traffic is allowed into the VM instances in this tier. If no ingress rules are
specified, then no traffic will be allowed in, except for responses to any traffic
that has been allowed out through an egress rule.</para>
</listitem>
</itemizedlist>
<note>
<para>By default, all incoming and outgoing traffic to the guest networks is blocked. To
open the ports, create a new network ACL.</para>
</note>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click Add. The ACL rule is added.</para>
<para>To view the list of ACL rules you have added, click the desired tier from the Network
ACLs page, then select the Network ACL tab.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/network-acl.png"/>
</imageobject>
<textobject>
<phrase>network-acl.png: adding, editing, deleting an ACL rule.</phrase>
</textobject>
</mediaobject>
<para>You can edit the tags assigned to the ACL rules and delete the ACL rules you have
created. Click the appropriate button in the Actions column.</para>
</listitem>
</orderedlist>
</section>

111
docs/en-US/configure-guest-traffic-in-advanced-zone.xml
View File

@ -3,48 +3,77 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="configure-guest-traffic-in-advanced-zone">
<title>Configure Guest Traffic in an Advanced Zone</title>
<para>These steps assume you have already logged in to the &PRODUCT; UI. To configure the base guest network:</para>
<orderedlist>
<listitem><para>In the left navigation, choose Infrastructure. On Zones, click View More, then click the zone to which you want to add a network.</para></listitem>
<listitem><para>Click the Network tab.</para></listitem>
<listitem><para>Click Add network.</para></listitem>
<listitem><para>Provide the following information:</para>
<itemizedlist>
<listitem><para>Name. The name of the network. This will be user-visible</para></listitem>
<listitem><para>Description: The description of the network. This will be user-visible</para></listitem>
<listitem><para>VLAN ID: Enter an administrator-configured VLAN ID so you can create different networks for use by different VM users in the zone</para></listitem>
<listitem><para>Scope: Choose account-specific or domain-specific if you would like to make the network accessible to only a single account or domain. Choose zone-wide if all accounts with access to the zone should be able to access the network.</para></listitem>
<listitem><para>Domain/Account: If Scope is account-specific, enter the domain and account name for the account</para></listitem>
<listitem><para>Network offering: If the administrator has configured multiple network offerings, select the one you want to use for this network</para></listitem>
<listitem><para>Gateway: The gateway that the guests should use</para></listitem>
<listitem><para>Netmask: The netmask in use on the subnet the guests will use</para></listitem>
<listitem><para>Start IP/End IP: Enter the first and last IP addresses that define a range that &PRODUCT; can assign to guests. If one NIC is used, these IPs should be in the same CIDR as the pod CIDR. If multiple NICs are used, they may be in a different subnet.</para></listitem>
<listitem><para>Network Domain: (Optional) If you want to assign a special domain name to this network, specify the DNS suffix.</para></listitem>
</itemizedlist>
<title>Configure Guest Traffic in an Advanced Zone</title>
<para>These steps assume you have already logged in to the &PRODUCT; UI. To configure the base
guest network:</para>
<orderedlist>
<listitem>
<para>In the left navigation, choose Infrastructure. On Zones, click View More, then click the
zone to which you want to add a network.</para>
</listitem>
<listitem>
<para>Click the Network tab.</para>
</listitem>
<listitem>
<para>Click Add guest network.</para>
<para>The Add guest network window is displayed:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-guest-network.png"/>
</imageobject>
<textobject>
<phrase>networksetupzone.png: Depicts network setup in a single zone</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Provide the following information:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>. The name of the network. This will be
user-visible</para>
</listitem>
<listitem><para>Click OK.</para></listitem>
</orderedlist>
</section>
<listitem>
<para><emphasis role="bold">Display Text</emphasis>: The description of the network. This
will be user-visible</para>
</listitem>
<listitem>
<para><emphasis role="bold">Zone</emphasis>: The zone in which you are configuring the
guest network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network offering</emphasis>: If the administrator has
configured multiple network offerings, select the one you want to use for this
network</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Gateway</emphasis>: The gateway that the guests should
use</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Netmask</emphasis>: The netmask in use on the subnet the
guests will use</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>

11
docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
View File

@ -3,7 +3,6 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
@ -11,9 +10,7 @@
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -21,8 +18,8 @@
specific language governing permissions and limitations
under the License.
-->
<section id="configure-public-traffic-in-an-advanced-zone">
<title>Configure Public Traffic in an Advanced Zone</title>
<para>In a zone that uses advanced networking, you need to configure at least one range of IP addresses for Internet traffic.</para>
</section>
<title>Configure Public Traffic in an Advanced Zone</title>
<para>In a zone that uses advanced networking, you need to configure at least one range of IP
addresses for Internet traffic.</para>
</section>

17
docs/en-US/configuring-projects.xml
View File

@ -1,9 +1,4 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
@ -21,9 +16,17 @@
specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "file:///C:/Program%20Files%20(x86)/Publican/DocBook_DTD/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<section id="configuring-projects">
<title>Configuring Projects</title>
<para>Before &PRODUCT; users start using projects, the &PRODUCT; administrator must set up various systems to support them, including membership invitations, limits on project resources, and controls on who can create projects</para>
<para>Before CloudPlatform users start using projects, the CloudPlatform administrator must set
up various systems to support them, including membership invitations, limits on project
resources, and controls on who can create projects.</para>
<xi:include href="set-up-invitations.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="set-resource-limits-for-projects.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="set-projects-creator-permissions.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</section>

103
docs/en-US/create-vpn-connection-vpc.xml Normal file
View File

@ -0,0 +1,103 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="create-vpn-connection-vpc">
<title>Creating a VPN Connection</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you create for the account are listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ASLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select Site-to-Site VPN.</para>
<para>The Site-to-Site VPN page is displayed.</para>
</listitem>
<listitem>
<para>From the Select View drop-down, ensure that VPN Connection is selected.</para>
</listitem>
<listitem>
<para>Click Create VPN Connection.</para>
<para> The Create VPN Connection dialog is displayed:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/create-vpn-connection.png"/>
</imageobject>
<textobject>
<phrase>createvpnconnection.png: creating a vpn connection to the customer
gateway.</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Select the desired customer gateway, then click OK to confirm.</para>
<para>Within a few moments, the VPN Connection is displayed.</para>
<para>The following information on the VPN connection is displayed:</para>
<itemizedlist>
<listitem>
<para>IP Address</para>
</listitem>
<listitem>
<para>Gateway</para>
</listitem>
<listitem>
<para>State</para>
</listitem>
<listitem>
<para>IPSec Preshared Key</para>
</listitem>
<listitem>
<para>IKE Policy</para>
</listitem>
<listitem>
<para>ESP Policy</para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
</section>

191
docs/en-US/create-vpn-customer-gateway.xml Normal file
View File

@ -0,0 +1,191 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="create-vpn-customer-gateway">
<title>Creating and Updating a VPN Customer Gateway</title>
<note>
<para>A VPN customer gateway can be connected to only one VPN gateway at a time.</para>
</note>
<para>To add a VPN Customer Gateway:</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPN Customer Gateway.</para>
</listitem>
<listitem>
<para>Click Add site-to-site VPN.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-vpn-customer-gateway.png"/>
</imageobject>
<textobject>
<phrase>addvpncustomergateway.png: adding a customer gateway.</phrase>
</textobject>
</mediaobject>
<para>Provide the following information:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: A unique name for the VPN customer gateway
you create.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Gateway</emphasis>: The IP address for the remote
gateway.</para>
</listitem>
<listitem>
<para><emphasis role="bold">CIDR list</emphasis>: The guest CIDR list of the remote
subnets. Enter a CIDR or a comma-separated list of CIDRs. Ensure that a guest CIDR list
is not overlapped with the VPCs CIDR, or another guest CIDR. The CIDR must be
RFC1918-compliant.</para>
</listitem>
<listitem>
<para><emphasis role="bold">IPsec Preshared Key</emphasis>: Preshared keying is a method
where the endpoints of the VPN share a secret key. This key value is used to
authenticate the customer gateway and the VPC VPN gateway to each other. </para>
<note>
<para>The IKE peers (VPN end points) authenticate each other by computing and sending a
keyed hash of data that includes the Preshared key. If the receiving peer is able to
create the same hash independently by using its Preshared key, it knows that both
peers must share the same secret, thus authenticating the customer gateway.</para>
</note>
</listitem>
<listitem>
<para><emphasis role="bold">IKE Encryption</emphasis>: The Internet Key Exchange (IKE)
policy for phase-1. The supported encryption algorithms are AES128, AES192, AES256, and
3DES. Authentication is accomplished through the Preshared Keys.</para>
<note>
<para>The phase-1 is the first phase in the IKE process. In this initial negotiation
phase, the two VPN endpoints agree on the methods to be used to provide security for
the underlying IP traffic. The phase-1 authenticates the two VPN gateways to each
other, by confirming that the remote gateway has a matching Preshared Key.</para>
</note>
</listitem>
<listitem>
<para><emphasis role="bold">IKE Hash</emphasis>: The IKE hash for phase-1. The supported
hash algorithms are SHA1 and MD5.</para>
</listitem>
<listitem>
<para><emphasis role="bold">IKE DH</emphasis>: A public-key cryptography protocol which
allows two parties to establish a shared secret over an insecure communications channel.
The 1536-bit Diffie-Hellman group is used within IKE to establish session keys. The
supported options are None, Group-5 (1536-bit) and Group-2 (1024-bit).</para>
</listitem>
<listitem>
<para><emphasis role="bold">ESP Encryption</emphasis>: Encapsulating Security Payload
(ESP) algorithm within phase-2. The supported encryption algorithms are AES128, AES192,
AES256, and 3DES.</para>
<note>
<para>The phase-2 is the second phase in the IKE process. The purpose of IKE phase-2 is
to negotiate IPSec security associations (SA) to set up the IPSec tunnel. In phase-2,
new keying material is extracted from the Diffie-Hellman key exchange in phase-1, to
provide session keys to use in protecting the VPN data flow.</para>
</note>
</listitem>
<listitem>
<para><emphasis role="bold">ESP Hash</emphasis>: Encapsulating Security Payload (ESP) hash
for phase-2. Supported hash algorithms are SHA1 and MD5.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Perfect Forward Secrecy</emphasis>: Perfect Forward Secrecy
(or PFS) is the property that ensures that a session key derived from a set of long-term
public and private keys will not be compromised. This property enforces a new
Diffie-Hellman key exchange. It provides the keying material that has greater key
material life and thereby greater resistance to cryptographic attacks. The available
options are None, Group-5 (1536-bit) and Group-2 (1024-bit). The security of the key
exchanges increase as the DH groups grow larger, as does the time of the
exchanges.</para>
<note>
<para>When PFS is turned on, for every negotiation of a new phase-2 SA the two gateways
must generate a new set of phase-1 keys. This adds an extra layer of protection that
PFS adds, which ensures if the phase-2 SAs have expired, the keys used for new
phase-2 SAs have not been generated from the current phase-1 keying material.</para>
</note>
</listitem>
<listitem>
<para><emphasis role="bold">IKE Lifetime (seconds)</emphasis>: The phase-1 lifetime of the
security association in seconds. Default is 86400 seconds (1 day). Whenever the time
expires, a new phase-1 exchange is performed.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ESP Lifetime (seconds)</emphasis>: The phase-2 lifetime of the
security association in seconds. Default is 3600 seconds (1 hour). Whenever the value is
exceeded, a re-key is initiated to provide a new IPsec encryption and authentication
session keys.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Dead Peer Detection</emphasis>: A method to detect an
unavailable Internet Key Exchange (IKE) peer. Select this option if you want the virtual
router to query the liveliness of its IKE peer at regular intervals. Its recommended to
have the same configuration of DPD on both side of VPN connection.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
<formalpara>
<title>Updating and Removing a VPN Customer Gateway</title>
<para>You can update a customer gateway either with no VPN connection, or related VPN connection
is in error state.</para>
</formalpara>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPN Customer Gateway.</para>
</listitem>
<listitem>
<para>Select the VPN customer gateway you want to work with.</para>
</listitem>
<listitem>
<para>To modify the required parameters, click the Edit VPN Customer Gateway button<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/edit-icon.png"/>
</imageobject>
<textobject>
<phrase>edit.png: button to edit a VPN customer gateway</phrase>
</textobject>
</inlinemediaobject></para>
</listitem>
<listitem>
<para>To remove the VPN customer gateway, click the Delete VPN Customer Gateway button<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/delete-button.png"/>
</imageobject>
<textobject>
<phrase>delete.png: button to remove a VPN customer gateway</phrase>
</textobject>
</inlinemediaobject></para>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>

80
docs/en-US/create-vpn-gateway-for-vpc.xml Normal file
View File

@ -0,0 +1,80 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="create-vpn-gateway-for-vpc">
<title>Creating a VPN gateway for the VPC</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ACLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select Site-to-Site VPN.</para>
<para>If you are creating the VPN gateway for the first time, selecting Site-to-Site VPN
prompts you to create a VPN gateway.</para>
</listitem>
<listitem>
<para>In the confirmation dialog, click Yes to confirm.</para>
<para>Within a few moments, the VPN gateway is created. You will be prompted to view the
details of the VPN gateway you have created. Click Yes to confirm.</para>
<para>The following details are displayed in the VPN Gateway page:</para>
<itemizedlist>
<listitem>
<para>IP Address</para>
</listitem>
<listitem>
<para>Account</para>
</listitem>
<listitem>
<para>Domain</para>
</listitem>
</itemizedlist>
</listitem>
</orderedlist>
</section>

108
docs/en-US/create-vr-network-offering.xml Normal file
View File

@ -0,0 +1,108 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="create-vr-network-offering">
<title>Creating and Changing a Virtual Router Network Offering</title>
<para>To create the network offering in association with a virtual router system service
offering:</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a user or admin.</para>
</listitem>
<listitem>
<para>First, create a system service offering, for example: VRsystemofferingHA.</para>
<para>For more information on creating a system service offering, see <xref
linkend="creating-system-service-offerings"/>.</para>
</listitem>
<listitem>
<para>From the Select Offering drop-down, choose Network Offering.</para>
</listitem>
<listitem>
<para>Click Add Network Offering.</para>
</listitem>
<listitem>
<para>In the dialog, make the following choices:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>. Any desired name for the network
offering.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>. A short description of the offering
that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Network Rate</emphasis>. Allowed data transfer rate in MB per
second.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Traffic Type</emphasis>. The type of network traffic that will
be carried on the network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Guest Type</emphasis>. Choose whether the guest network is
isolated or shared. For a description of these terms, see <xref
linkend="about-virtual-networks"/>.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Specify VLAN</emphasis>. (Isolated guest networks only)
Indicate whether a VLAN should be specified when this offering is used.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Supported Services</emphasis>. Select one or more of the
possible network services. For some services, you must also choose the service provider;
for example, if you select Load Balancer, you can choose the &PRODUCT; virtual router or
any other load balancers that have been configured in the cloud. Depending on which
services you choose, additional fields may appear in the rest of the dialog box. For
more information, see <xref linkend="creating-network-offerings"/></para>
</listitem>
<listitem>
<para><emphasis role="bold">System Offering</emphasis>. Choose the system service offering
that you want virtual routers to use in this network. In this case, the default “System
Offering For Software Router” and the custom “VRsystemofferingHA” are available and
displayed.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK and the network offering is created.</para>
</listitem>
</orderedlist>
<para>To change the network offering of a guest network to the virtual router service
offering:</para>
<orderedlist>
<listitem>
<para>Select Network from the left navigation pane.</para>
</listitem>
<listitem>
<para>Select the guest network that you want to offer this network service to.</para>
</listitem>
<listitem>
<para>Click the Edit button.</para>
</listitem>
<listitem>
<para>From the Network Offering drop-down, select the virtual router network offering you have
just created.</para>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>

74
docs/en-US/creating-compute-offerings.xml
View File

@ -5,23 +5,22 @@
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="creating-compute-offerings">
<title>Creating a New Compute Offering</title>
<para>To create a new compute offering:</para>
@ -32,19 +31,36 @@
<listitem><para>Click Add Compute Offering.</para></listitem>
<listitem><para>In the dialog, make the following choices:</para>
<itemizedlist>
<listitem><para>Name. Any desired name for the service offering.</para></listitem>
<listitem><para>Description. A short description of the offering that can be displayed to users</para></listitem>
<listitem><para>Storage type. The type of disk that should be allocated. Local allocates from storage attached directly to the host where the system VM is running. Shared allocates from storage accessible via NFS.</para></listitem>
<listitem><para># of CPU cores. The number of cores which should be allocated to a system VM with this offering</para></listitem>
<listitem><para>CPU (in MHz). The CPU speed of the cores that the system VM is allocated. For example, "2000" would provide for a 2 GHz clock.</para></listitem>
<listitem><para>Memory (in MB). The amount of memory in megabytes that the system VM should be allocated. For example, "2048" would provide for a 2 GB RAM allocation.</para></listitem>
<listitem><para>Network Rate. Allowed data transfer rate in MB per second.</para></listitem>
<listitem><para>Offer HA. If yes, the administrator can choose to have the system VM be monitored and as highly available as possible.</para></listitem>
<listitem><para>Storage Tags. The tags that should be associated with the primary storage used by the system VM.</para></listitem>
<listitem><para>Host Tags. (Optional) Any tags that you use to organize your hosts</para></listitem>
<listitem><para>CPU cap. Whether to limit the level of CPU usage even if spare capacity is available.</para></listitem>
<listitem><para>Public. Indicate whether the service offering should be available all domains or only some domains. Choose Yes to make it available to all domains. Choose No to limit the scope to a subdomain; &PRODUCT; will then prompt for the subdomain's name.</para></listitem>
<listitem><para><emphasis role="bold">Name</emphasis>: Any desired name for the service offering.</para></listitem>
<listitem><para><emphasis role="bold">Description</emphasis>: A short description of the offering that can be
displayed to users</para></listitem>
<listitem><para><emphasis role="bold">Storage type</emphasis>: The type of disk that should be allocated.
Local allocates from storage attached directly to the host where the system
VM is running. Shared allocates from storage accessible via NFS.</para></listitem>
<listitem><para><emphasis role="bold"># of CPU cores</emphasis>: The number of cores which should be allocated
to a system VM with this offering</para></listitem>
<listitem><para><emphasis role="bold">CPU (in MHz)</emphasis>: The CPU speed of the cores that the system VM
is allocated. For example, “2000” would provide for a 2 GHz clock.</para></listitem>
<listitem><para><emphasis role="bold">Memory (in MB)</emphasis>: The amount of memory in megabytes that the
system VM should be allocated. For example, “2048” would provide for a 2 GB
RAM allocation.</para></listitem>
<listitem><para><emphasis role="bold">Network Rate</emphasis>: Allowed data transfer rate in MB per
second.</para></listitem>
<listitem><para><emphasis role="bold">Offer HA</emphasis>: If yes, the administrator can choose to have the
system VM be monitored and as highly available as possible.</para></listitem>
<listitem><para><emphasis role="bold">Storage Tags</emphasis>: The tags that should be associated with the
primary storage used by the system VM.</para></listitem>
<listitem><para><emphasis role="bold">Host Tags</emphasis>: (Optional) Any tags that you use to organize your
hosts</para></listitem>
<listitem><para><emphasis role="bold">CPU cap</emphasis>: Whether to limit the level of CPU usage even if
spare capacity is available.</para></listitem>
<listitem><para><emphasis role="bold">Public</emphasis>: Indicate whether the service offering should be
available all domains or only some domains. Choose Yes to make it available
to all domains. Choose No to limit the scope to a subdomain; &PRODUCT;
will then prompt for the subdomain's name.</para></listitem>
</itemizedlist></listitem>
<listitem><para>Click Add.</para></listitem>
</orderedlist>
</section>

89
docs/en-US/delete-reset-vpn.xml Normal file
View File

@ -0,0 +1,89 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="delete-reset-vpn">
<title>Restarting and Removing a VPN Connection</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ASLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select Site-to-Site VPN.</para>
<para>The Site-to-Site VPN page is displayed.</para>
</listitem>
<listitem>
<para>From the Select View drop-down, ensure that VPN Connection is selected.</para>
<para>All the VPN connections you created are displayed.</para>
</listitem>
<listitem>
<para>Select the VPN connection you want to work with.</para>
<para> The Details tab is displayed.</para>
</listitem>
<listitem>
<para>To remove a VPN connection, click the Delete VPN connection button<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/remove-vpn.png"/>
</imageobject>
<textobject>
<phrase>remove-vpn.png: button to remove a VPN connection</phrase>
</textobject>
</inlinemediaobject></para>
<para>To restart a VPN connection, click the Reset VPN connection button present in the
Details tab.<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/reset-vpn.png"/>
</imageobject>
<textobject>
<phrase>reset-vpn.png: button to reset a VPN connection</phrase>
</textobject>
</inlinemediaobject></para>
</listitem>
</orderedlist>
</section>

97
docs/en-US/enable-disable-static-nat-vpc.xml Normal file
View File

@ -0,0 +1,97 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="enable-disable-static-nat-vpc">
<title>Enabling or Disabling Static NAT on a VPC</title>
<para>A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to
allow Internet traffic to it. This section tells how to enable or disable static NAT for a
particular IP address in a VPC.</para>
<para>If port forwarding rules are already in effect for an IP address, you cannot enable static
NAT to that IP.</para>
<para>If a guest VM is part of more than one network, static NAT rules will function only if they
are defined on the default network.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC to which you want to deploy the VMs.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ACLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select IP Addresses.</para>
<para>The IP Addresses page is displayed.</para>
</listitem>
<listitem>
<para>Click the IP you want to work with.</para>
</listitem>
<listitem>
<para>In the Details tab,click the Static NAT button.<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/enable-disable.png"/>
</imageobject>
<textobject>
<phrase>enable-disable.png: button to enable Statid NAT.</phrase>
</textobject>
</inlinemediaobject>The button toggles between Enable and Disable, depending on whether
static NAT is currently enabled for the IP address.</para>
</listitem>
<listitem>
<para>If you are enabling static NAT, a dialog appears as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/select-vm-staticnat-vpc.png"/>
</imageobject>
<textobject>
<phrase>select-vmstatic-nat.png: selecting a tier to apply staticNAT.</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Select the tier and the destination VM, then click Apply.</para>
</listitem>
</orderedlist>
</section>

54
docs/en-US/global-config.xml Normal file
View File

@ -0,0 +1,54 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="global-config">
<title>Setting Global Configuration Parameters</title>
<para>&PRODUCT; provides parameters that you can set to control many aspects of the cloud. When
&PRODUCT; is first installed, and periodically thereafter, you might need to modify these
settings.</para>
<orderedlist>
<listitem>
<para>Log in to the UI as administrator.</para>
</listitem>
<listitem>
<para>In the left navigation bar, click Global Settings.</para>
</listitem>
<listitem>
<para>In Select View, choose one of the following:</para>
<itemizedlist>
<listitem>
<para>Global Settings. This displays a list of the parameters with brief descriptions and
current values.</para>
</listitem>
<listitem>
<para>Hypervisor Capabilities. This displays a list of hypervisor versions with the
maximum number of guests supported for each.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Use the search box to narrow down the list to those you are interested in.</para>
</listitem>
<listitem>
<para>Click the Edit icon to modify a value. If you are viewing Hypervisor Capabilities, you
must click the name of the hypervisor first to display the editing screen.</para>
</listitem>
</orderedlist>
</section>

2
docs/en-US/hypervisor-host-install-flow.xml
View File

@ -31,4 +31,4 @@
<xi:include href="hypervisor-host-install-network.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="hypervisor-host-install-firewall.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="hypervisor-host-install-agent.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</section>
</section>

2
docs/en-US/hypervisor-host-install-libvirt.xml
View File

@ -63,4 +63,4 @@
<programlisting language="Bash">service libvirt-bin restart</programlisting>
</listitem>
</orderedlist>
</section>
</section>

2
docs/en-US/hypervisor-host-install-overview.xml
View File

@ -34,4 +34,4 @@
<listitem><para>Configure Security Policies (AppArmor and SELinux)</para></listitem>
<listitem><para>Install and configure the Agent</para></listitem>
</orderedlist>
</section>
</section>

2
docs/en-US/hypervisor-host-install-prepare-os.xml
View File

@ -50,4 +50,4 @@
</listitem>
<listitem><para>Repeat all of these steps on every hypervisor host.</para></listitem>
</orderedlist>
</section>
</section>

2
docs/en-US/hypervisor-host-install-security-policies.xml
View File

@ -67,4 +67,4 @@
</orderedlist>
</listitem>
</orderedlist>
</section>
</section>

BIN
docs/en-US/images/remove-vpc.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 815 B

BIN
docs/en-US/images/remove-vpn.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 735 B

BIN
docs/en-US/images/reset-vpn.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 860 B

42
docs/en-US/large_scale_redundant_setup.xml Normal file
View File

@ -0,0 +1,42 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="large_scale_redundant_setup">
<title>Large-Scale Redundant Setup</title>
<mediaobject>
<imageobject>
<imagedata fileref="./images/large_scale_redundant_setup.png" />
</imageobject>
<textobject><phrase>Large-Scale Redundant Setup</phrase></textobject>
</mediaobject>
<para>This diagram illustrates the network architecture of a large-scale &PRODUCT; deployment.</para>
<itemizedlist>
<listitem><para>A layer-3 switching layer is at the core of the data center. A router redundancy protocol like VRRP should be deployed. Typically high-end core switches also include firewall modules. Separate firewall appliances may also be used if the layer-3 switch does not have integrated firewall capabilities. The firewalls are configured in NAT mode. The firewalls provide the following functions:</para>
<itemizedlist>
<listitem><para>Forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.</para></listitem>
<listitem><para>When the cloud spans multiple zones, the firewalls should enable site-to-site VPN such that servers in different zones can directly reach each other.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>A layer-2 access switch layer is established for each pod. Multiple switches can be stacked to increase port count. In either case, redundant pairs of layer-2 switches should be deployed.</para></listitem>
<listitem><para>The Management Server cluster (including front-end load balancers, Management Server nodes, and the MySQL database) is connected to the management network through a pair of load balancers.</para></listitem>
<listitem><para>Secondary storage servers are connected to the management network.</para></listitem>
<listitem><para>Each pod contains storage and computing servers. Each storage and computing server should have redundant NICs connected to separate layer-2 access switches.</para></listitem>
</itemizedlist>
</section>

36
docs/en-US/multi_node_management_server.xml Normal file
View File

@ -0,0 +1,36 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="multi_node_management_server">
<title>Multi-Node Management Server</title>
<para>The &PRODUCT; Management Server is deployed on one or more front-end servers connected to a single MySQL database. Optionally a pair of hardware load balancers distributes requests from the web. A backup management server set may be deployed using MySQL replication at a remote site to add DR capabilities.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/multi_node_management_server.png" />
</imageobject>
<textobject><phrase>Multi-Node Management Server</phrase></textobject>
</mediaobject>
<para>The administrator must decide the following.</para>
<itemizedlist>
<listitem><para>Whether or not load balancers will be used.</para></listitem>
<listitem><para>How many Management Servers will be deployed.</para></listitem>
<listitem><para>Whether MySQL replication will be deployed to enable disaster recovery.</para></listitem>
</itemizedlist>
</section>

50
docs/en-US/multi_site_deployment.xml Normal file
View File

@ -0,0 +1,50 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="multi_site_deployment">
<title>Multi-Site Deployment</title>
<para>The &PRODUCT; platform scales well into multiple sites through the use of zones. The following diagram shows an example of a multi-site deployment.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/example_of_a_multi_site_deployment.png" />
</imageobject>
<textobject><phrase>Example Of A Multi-Site Deployment</phrase></textobject>
</mediaobject>
<para>Data Center 1 houses the primary Management Server as well as zone 1. The MySQL database is replicated in real time to the secondary Management Server installation in Data Center 2.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/separate_storage_network.png" />
</imageobject>
<textobject><phrase>Separate Storage Network</phrase></textobject>
</mediaobject>
<para>This diagram illustrates a setup with a separate storage network. Each server has four NICs, two connected to pod-level network switches and two connected to storage network switches.</para>
<para>There are two ways to configure the storage network:</para>
<itemizedlist>
<listitem><para> Bonded NIC and redundant switches can be deployed for NFS. In NFS deployments, redundant switches and bonded NICs still result in one network (one CIDR block+ default gateway address).</para></listitem>
<listitem><para> iSCSI can take advantage of two separate storage networks (two CIDR blocks each with its own default gateway). Multipath iSCSI client can failover and load balance between separate storage networks.</para></listitem>
</itemizedlist>
<mediaobject>
<imageobject>
<imagedata fileref="./images/NIC_bonding_and_multipath_IO.png" />
</imageobject>
<textobject><phrase>NIC Bonding And Multipath I/O</phrase></textobject>
</mediaobject>
<para> This diagram illustrates the differences between NIC bonding and Multipath I/O (MPIO). NIC bonding configuration involves only one network. MPIO involves two separate networks.</para>
</section>

48
docs/en-US/networks.xml Normal file
View File

@ -0,0 +1,48 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="networks">
<title>Managing Networks and Traffic</title>
<para>In a &PRODUCT;, guest VMs can communicate with each other using shared infrastructure with
the security and user perception that the guests have a private LAN. The &PRODUCT; virtual
router is the main component providing networking features for guest traffic. </para>
<xi:include href="guest-traffic.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="networking-in-a-pod.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="networking-in-a-zone.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="basic-zone-physical-network-configuration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="advanced-zone-physical-network-configuration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="using-multiple-guest-networks.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="security-groups.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="external-firewalls-and-load-balancers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="load-balancer-rules.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="guest-ip-ranges.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="acquire-new-ip-address.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="release-ip-address.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="static-nat.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="ip-forwarding-firewalling.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="ip-load-balancing.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="dns-dhcp.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="inter-vlan-routing.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="configure-vpc.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</chapter>

28
docs/en-US/plugin-niciranvp-about.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="About-the-Nicira-NVP-Plugin" >
<title>The Nicira NVP Plugin</title>
<xi:include href="plugin-niciranvp-introduction.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="plugin-niciranvp-features.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
</chapter>

47
docs/en-US/plugin-niciranvp-devicemanagement.xml Normal file
View File

@ -0,0 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Device-management">
<title>Device-management</title>
<para>In CloudStack 4.0.x each Nicira NVP setup is considered a "device" that can be added and removed from a physical network. To complete the configuration of the Nicira NVP plugin a device needs to be added to the physical network using the "addNiciraNVPDevice" API call. The plugin is now enabled on the physical network and any guest networks created on that network will be provisioned using the Nicra NVP Controller.</para>
<para>The plugin introduces a set of new API calls to manage the devices, see below or refer to the API reference.</para>
<itemizedlist>
<listitem><para>addNiciraNvpDevice</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>physicalnetworkid: the UUID of the physical network on which the device is configured</para></listitem>
<listitem><para>hostname: the IP address of the NVP controller</para></listitem>
<listitem><para>username: the username for access to the NVP API</para></listitem>
<listitem><para>password: the password for access to the NVP API</para></listitem>
<listitem><para>transportzoneuuid: the UUID of the transportzone</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>deleteNiciraNVPDevice</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>nvpdeviceid: the UUID of the device</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>listNiciraNVPDevices</para></listitem>
</itemizedlist>
</section>

29
docs/en-US/plugin-niciranvp-features.xml Normal file
View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Features-of-the-Nicira-NVP-Plugin">
<title>Features of the Nicira NVP Plugin</title>
<para>In CloudStack release 4.0.x this plugin supports the Connectivity service. This service is responsible for creating Layer 2 networks supporting the networks created by Guests. In other words when an tennant creates a new network, instead of the traditional VLAN a logical network will be created by sending the appropriate calls to the Nicira NVP Controller.</para>
<para>The plugin has been tested with Nicira NVP versions 2.1.0, 2.2.0 and 2.2.1</para>
<note><para>In CloudStack 4.0.x only the XenServer hypervisor is supported for use in combination with Nicira NVP</para></note>
<note><para>In CloudStack 4.0.x the UI components for this plugin are not complete, configuration is done by sending commands to the API</para></note>
</section>

31
docs/en-US/plugin-niciranvp-guide.xml Normal file
View File

@ -0,0 +1,31 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="niciranvp-plugin-guide">
<title>Plugin Guide for the Nicira NVP Plugin</title>
<xi:include href="plugin-niciranvp-about.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="plugin-niciranvp-usage.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="plugin-niciranvp-troubleshooting.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>

26
docs/en-US/plugin-niciranvp-introduction.xml Normal file
View File

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Introduction-to-the-Nicira-NVP-Plugin">
<title>Introduction to the Nicira NVP Plugin</title>
<para>The Nicira NVP plugin allows CloudStack to use the Nicira solution for virtualized network as a provider for CloudStack networks and services.</para>
</section>

36
docs/en-US/plugin-niciranvp-preparations.xml Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Prerequisites">
<title>Prerequisites</title>
<para>Before enabling the Nicira NVP plugin the NVP Controller needs to be configured. Please review the NVP User Guide on how to do that. </para>
<para>CloudStack needs to have at least one physical network with the isolation method set to "STT". This network should be enabled for the Guest traffic type.</para>
<note><para>The Guest traffic type should be configured with the traffic label that matches the name of the Integration Bridge on XenServer. See the Nicira NVP User Guide for more details on how to set this up in XenServer.</para></note>
<para>Make sure you have the following information ready:</para>
<itemizedlist>
<listitem><para>The IP address of the NVP Controller</para></listitem>
<listitem><para>The username to access the API</para></listitem>
<listitem><para>The password to access the API</para></listitem>
<listitem><para>The UUID of the Transport Zone that contains the hypervisors in this Zone</para></listitem>
<listitem><para>The UUID of the Physical Network that will used for the Guest networks</para></listitem>
</itemizedlist>
</section>

42
docs/en-US/plugin-niciranvp-provider.xml Normal file
View File

@ -0,0 +1,42 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Enabling-the-service-provider">
<title>Enabling the service provider</title>
<para>To allow CloudStack to use the Nicira NVP Plugin the network service provider needs to be enabled on the physical network. The following sequence of API calls will enable the network service provider</para>
<itemizedlist>
<listitem><para>addNetworkServiceProvider</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>name = "NiciraNVP"</para></listitem>
<listitem><para>physicalnetworkid = &lt;the uuid of the physical network&gt;</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>updateNetworkServiceProvider</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>id = &lt;the provider uuid returned by the previous call&gt;</para></listitem>
<listitem><para>state = "Enabled"</para></listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>

45
docs/en-US/plugin-niciranvp-revisions.xml Normal file
View File

@ -0,0 +1,45 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<appendix id="appe-cloudstack-Revision_History">
<title>Revision History</title>
<simpara>
<revhistory>
<revision>
<revnumber>0-0</revnumber>
<date>Wed Oct 03 2012</date>
<author>
<firstname>Hugo</firstname>
<surname>Trippaers</surname>
<email>hugo@apache.org</email>
</author>
<revdescription>
<simplelist>
<member>Documentation created for 4.0.x version of the NVP Plugin</member>
</simplelist>
</revdescription>
</revision>
</revhistory>
</simpara>
</appendix>

51
docs/en-US/plugin-niciranvp-tables.xml Normal file
View File

@ -0,0 +1,51 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="Database-tables">
<title>Database tables</title>
<para>The following tables are added to the cloud database for the Nicira NVP Plugin</para>
<itemizedlist>
<listitem><para>nicira_nvp_nic_map, contains a mapping from nic to logical switch port</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>id</para></listitem>
<listitem><para>logicalswitch, uuid of the logical switch this port is connected to</para></listitem>
<listitem><para>logicalswitchport, uuid of the logical switch port for this nic</para></listitem>
<listitem><para>nic, the CloudStack uuid for this nic, reference to the nics table</para></listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<itemizedlist>
<listitem><para>external_nicira_nvp_devices, contains all configured devices</para></listitem>
<listitem>
<itemizedlist>
<listitem><para>id</para></listitem>
<listitem><para>uuid</para></listitem>
<listitem><para>physical_network_id, the physical network this device is configured on</para></listitem>
<listitem><para>provider_name, set to "NiciraNvp"</para></listitem>
<listitem><para>device_name, display name for this device</para></listitem>
<listitem><para>host_id, reference to the host table with the device configuration</para></listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>

28
docs/en-US/plugin-niciranvp-troubleshooting.xml Normal file
View File

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="Troubleshooting-the-Nicira-NVP-Plugin" >
<title>Troubleshooting the Nicira NVP Plugin</title>
<xi:include href="plugin-niciranvp-uuidreferences.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="plugin-niciranvp-tables.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
</chapter>

29
docs/en-US/plugin-niciranvp-usage.xml Normal file
View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="Using-the-Nicira-NVP-Plugin" >
<title>Using the Nicira NVP Plugin</title>
<xi:include href="plugin-niciranvp-preparations.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="plugin-niciranvp-provider.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="plugin-niciranvp-devicemanagement.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
</chapter>

30
docs/en-US/plugin-niciranvp-uuidreferences.xml Normal file
View File

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
<!ENTITY % xinclude SYSTEM "http://www.docbook.org/xml/4.4/xinclude.mod">
%xinclude;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="UUID-references">
<title>UUID References</title>
<para>The plugin maintains several references in the CloudStack database to items created on the NVP Controller.</para>
<para>Every guest network this is created will have its broadcast type set to Lswitch and if the network is in state "Implemented", the broadcast URI will have the UUID of the Logical Switch that was created for this network on the NVP Controller.</para>
<para>The Nics that are connected to one of the Logical Switches will have their Logical Switch Port UUID listed in the nicira_nvp_nic_map table</para>
<note><para>All devices created on the NVP Controller will have a tag set to domain-account of the owner of the network, this string can be used to search for items in the NVP Controller.</para></note>
</section>

31
docs/en-US/projects-overview.xml Normal file
View File

@ -0,0 +1,31 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="projects-overview">
<title>Overview of Projects</title>
<para>Projects are used to organize people and resources. &PRODUCT; users within a single domain can group themselves into project teams so they can collaborate and share virtual resources such as VMs, snapshots, templates, data disks, and IP addresses. &PRODUCT; tracks resource usage per project as well as per user, so the usage can be billed to either a user account or a project. For example, a private cloud within a software company might have all members of the QA department assigned to one project, so the company can track the resources used in testing while the project members can more easily isolate their efforts from other users of the same cloud</para>
<para>You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators. Once you have created a project, you become that projects administrator, and you can add others within your domain to the project. &PRODUCT; can be set up either so that you can add people directly to a project, or so that you have to send an invitation which the recipient must accept. Project members can view and manage all virtual resources created by anyone in the project (for example, share VMs). A user can be a member of any number of projects and can switch views in the &PRODUCT; UI to show only project-related information, such as project VMs, fellow project members, project-related alerts, and so on.</para>
<para>The project administrator can pass on the role to another project member. The project administrator can also add more members, remove members from the project, set new resource limits (as long as they are below the global defaults set by the &PRODUCT; administrator), and delete the project. When the administrator removes a member from the project, resources created by that user, such as VM instances, remain with the project. This brings us to the subject of resource ownership and which resources can be used by a project.</para>
<para>Resources created within a project are owned by the project, not by any particular &PRODUCT; account, and they can be used only within the project. A user who belongs to one or more projects can still create resources outside of those projects, and those resources belong to the users account; they will not be counted against the projects usage or resource limits. You can create project-level networks to isolate traffic within the project and provide network services such as port forwarding, load balancing, VPN, and static NAT. A project can also make use of certain types of resources from outside the project, if those resources are shared. For example, a shared network or public template is available to any project in the domain. A project can get access to a private template if the templates owner will grant permission. A project can use any service offering or disk offering available in its domain; however, you can not create private service and disk offerings at the project level..</para>
</section>

48
docs/en-US/projects.xml
View File

@ -5,27 +5,31 @@
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="projects">
<title>Projects</title>
<para>Projects are used to organize people and resources. &PRODUCT; users within a single domain can group themselves into project teams so they can collaborate and share virtual resources such as VMs, snapshots, templates, data disks, and IP addresses. &PRODUCT; tracks resource usage per project as well as per user, so the usage can be billed to either a user account or a project. For example, a private cloud within a software company might have all members of the QA department assigned to one project, so the company can track the resources used in testing while the project members can more easily isolate their efforts from other users of the same cloud</para>
<para>You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators. Once you have created a project, you become that projects administrator, and you can add others within your domain to the project. &PRODUCT; can be set up either so that you can add people directly to a project, or so that you have to send an invitation which the recipient must accept. Project members can view and manage all virtual resources created by anyone in the project (for example, share VMs). A user can be a member of any number of projects and can switch views in the &PRODUCT; UI to show only project-related information, such as project VMs, fellow project members, project-related alerts, and so on.</para>
<para>The project administrator can pass on the role to another project member. The project administrator can also add more members, remove members from the project, set new resource limits (as long as they are below the global defaults set by the &PRODUCT; administrator), and delete the project. When the administrator removes a member from the project, resources created by that user, such as VM instances, remain with the project. This brings us to the subject of resource ownership and which resources can be used by a project.</para>
<para>Resources created within a project are owned by the project, not by any particular &PRODUCT; account, and they can be used only within the project. A user who belongs to one or more projects can still create resources outside of those projects, and those resources belong to the users account; they will not be counted against the projects usage or resource limits. You can create project-level networks to isolate traffic within the project and provide network services such as port forwarding, load balancing, VPN, and static NAT. A project can also make use of certain types of resources from outside the project, if those resources are shared. For example, a shared network or public template is available to any project in the domain. A project can get access to a private template if the templates owner will grant permission. A project can use any service offering or disk offering available in its domain; however, you can not create private service and disk offerings at the project level..</para>
</section>
<chapter id="projects">
<title>Using Projects to Organize Users and Resources</title>
<xi:include href="projects-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="configuring-projects.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="create-new-projects.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="add-members-to-projects.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="accept-membership-invite.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="suspend-project.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="use-project-view.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>

1
docs/en-US/provisioning-steps.xml
View File

@ -26,7 +26,6 @@
<title>Steps to Provisioning Your Cloud Infrastructure</title>
<para>This section tells how to add zones, pods, clusters, hosts, storage, and networks to your cloud. If you are unfamiliar with these entities, please begin by looking through <xref linkend="cloud-infrastructure-concepts" />.</para>
<xi:include href="provisioning-steps-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="changing-root-password.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="zone-add.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="pod-add.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="cluster-add.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />

25
docs/en-US/provisioning.xml Normal file
View File

@ -0,0 +1,25 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="provisioning">
<title>Provisioning Your Cloud Infrastructure</title>
<xi:include href="cloud-infrastructure-concepts.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="provisioning-steps.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</chapter>

26
docs/en-US/re-install-hosts.xml Normal file
View File

@ -0,0 +1,26 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="re-install-hosts">
<title>Re-Installing Hosts</title>
<para>You can re-install a host after placing it in maintenance mode and then removing it. If a
host is down and cannot be placed in maintenance mode, it should still be removed before the
re-install.</para>
</section>

80
docs/en-US/release-ip-for-vpc.xml Normal file
View File

@ -0,0 +1,80 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="release-ip-for-vpc">
<title>Releasing an IP Address Alloted to a VPC</title>
<para>The IP address is a limited resource. If you no longer need a particular IP, you can
disassociate it from its VPC and return it to the pool of available addresses. An IP address can
be released from its tier, only when all the networking ( port forwarding, load balancing, or
StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to
the same VPC.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC whose IP you want to release.</para>
<para>The VPC page is displayed where all the tiers you created are listed in a
diagram.</para>
</listitem>
<listitem>
<para>Click the Settings icon.</para>
<para>The following options are displayed.</para>
<itemizedlist>
<listitem>
<para>IP Addresses</para>
</listitem>
<listitem>
<para>Gateways</para>
</listitem>
<listitem>
<para>Site-to-Site VPN</para>
</listitem>
<listitem>
<para>Network ACLs</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Select IP Addresses.</para>
<para>The IP Addresses page is displayed.</para>
</listitem>
<listitem>
<para>Click the IP you want to release.</para>
</listitem>
<listitem>
<para>In the Details tab, click the Release IP button <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/release-ip-icon.png"/>
</imageobject>
<textobject>
<phrase>release-ip-icon.png: button to release an IP.</phrase>
</textobject>
</inlinemediaobject></para>
</listitem>
</orderedlist>
</section>

0
docs/en-US/release-notes-3.0.4.ent → docs/en-US/release-notes.ent
View File

55
docs/en-US/remove-tier.xml Normal file
View File

@ -0,0 +1,55 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="remove-tier">
<title>Removing Tiers</title>
<para>You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed,
only the resources of the tier are expunged. All the network rules (port forwarding, load
balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address
still be belonging to the same VPC.</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user.</para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPC that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Click the Configure button of the VPC for which you want to set up tiers.</para>
<para>The Configure VPC page is displayed. Locate the tier you want to work with.</para>
</listitem>
<listitem>
<para>Click the Remove VPC button:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/remove-tier.png"/>
</imageobject>
<textobject>
<phrase>remove-tier.png: removing a tier from a vpc.</phrase>
</textobject>
</mediaobject>
<para>Wait for some time for the tier to be removed.</para>
</listitem>
</orderedlist>
</section>

68
docs/en-US/remove-vpc.xml Normal file
View File

@ -0,0 +1,68 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="remove-vpc">
<title>Editing, Restarting, and Removing a Virtual Private Cloud</title>
<note>
<para>Ensure that all the tiers are removed before you remove a VPC.</para>
</note>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as an administrator or end user. </para>
</listitem>
<listitem>
<para>In the left navigation, choose Network.</para>
</listitem>
<listitem>
<para>In the Select view, select VPC.</para>
<para>All the VPCs that you have created for the account is listed in the page.</para>
</listitem>
<listitem>
<para>Select the VPC you want to work with.</para>
</listitem>
<listitem>
<para>To remove, click the Remove VPC button<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/remove-vpc.png"/>
</imageobject>
<textobject>
<phrase>remove-vpc.png: button to remove a VPC</phrase>
</textobject>
</inlinemediaobject></para>
<para>You can edit the name and description of a VPC. To do that, select the VPC, then click
the Edit button. <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/edit-icon.png"/>
</imageobject>
<textobject>
<phrase>edit-icon.png: button to edit a VPC</phrase>
</textobject>
</inlinemediaobject></para>
<para>To restart a VPC, select the VPC, then click the Restart button.<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/restart-vpc.png"/>
</imageobject>
<textobject>
<phrase>restart-vpc.png: button to restart a VPC</phrase>
</textobject>
</inlinemediaobject></para>
</listitem>
</orderedlist>
</section>

24
docs/en-US/separate_storage_network.xml Normal file
View File

@ -0,0 +1,24 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="separate_storage_network">
<title>Separate Storage Network</title>
<para>In the large-scale redundant setup described in the previous section, storage traffic can overload the management network. A separate storage network is optional for deployments. Storage protocols such as iSCSI are sensitive to network delays. A separate storage network ensures guest network traffic contention does not impact storage performance.</para>
</section>

82
docs/en-US/set-global-project-resource-limits.xml Normal file
View File

@ -0,0 +1,82 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="set-global-project-resource-limits">
<title>Setting the Global Project Resource Limits</title>
<orderedlist>
<listitem>
<para>Log in as administrator to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation, click Global Settings.</para>
</listitem>
<listitem>
<para>In the search box, type max.projects and click the search button.</para>
</listitem>
<listitem>
<para>In the search results, you will see the parameters you can use to set per-project
maximum resource amounts that apply to all projects in the cloud. No project can have more
resources, but an individual project can have lower limits. Click the edit button to set
each parameter. <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/edit-icon.png"/>
</imageobject>
<textobject>
<phrase>editbutton.png: Edits parameters</phrase>
</textobject>
</inlinemediaobject></para>
<informaltable>
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<tbody>
<row>
<entry><para>max.project.public.ips</para></entry>
<entry><para>Maximum number of public IP addresses that can be owned by any project in
the cloud. See About Public IP Addresses.</para></entry>
</row>
<row>
<entry><para>max.project.snapshots</para></entry>
<entry><para>Maximum number of snapshots that can be owned by any project in the
cloud. See Working with Snapshots.</para></entry>
</row>
<row>
<entry><para>max.project.templates</para></entry>
<entry><para>Maximum number of templates that can be owned by any project in the
cloud. See Working with Templates.</para></entry>
</row>
<row>
<entry><para>max.project.uservms</para></entry>
<entry><para>Maximum number of guest virtual machines that can be owned by any project
in the cloud. See Working With Virtual Machines.</para></entry>
</row>
<row>
<entry><para>max.project.volumes</para></entry>
<entry><para>Maximum number of data volumes that can be owned by any project in the
cloud. See Working with Volumes.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
<listitem>
<para>Restart the Management Server.</para>
<programlisting># service cloud-management restart</programlisting>
</listitem>
</orderedlist>
</section>

55
docs/en-US/set-per-project-resource-limits.xml Normal file
View File

@ -0,0 +1,55 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="set-per-project-resource-limits">
<title>Setting Per-Project Resource Limits</title>
<para>The &PRODUCT; root administrator or the domain administrator of the domain where the project
resides can set new resource limits for an individual project. The project owner can set
resource limits only if the owner is also a domain or root administrator.</para>
<para>The new limits must be below the global default limits set by the &PRODUCT; administrator
(as described in <xref linkend="set-resource-limits-for-projects"/>). If the project already
owns more of a given type of resource than the new maximum, the resources are not affected;
however, the project can not add any new resources of that type until the total drops below the
new limit.</para>
<orderedlist>
<listitem>
<para>Log in as administrator to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation, click Projects.</para>
</listitem>
<listitem>
<para>In Select View, choose Projects.</para>
</listitem>
<listitem>
<para>Click the name of the project you want to work with.</para>
</listitem>
<listitem>
<para>Click the Resources tab. This tab lists the current maximum amount that the project is
allowed to own for each type of resource.</para>
</listitem>
<listitem>
<para>Type new values for one or more resources.</para>
</listitem>
<listitem>
<para>Click Apply.</para>
</listitem>
</orderedlist>
</section>

91
docs/en-US/set-projects-creator-permissions.xml
View File

@ -3,45 +3,60 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="set-projects-creator-permissions">
<title>Setting Project Creator Permissions</title>
<para>You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators.</para>
<orderedlist>
<listitem><para>Log in as administrator to the &PRODUCT; UI.</para></listitem>
<listitem><para>In the left navigation, click Global Settings.</para></listitem>
<listitem><para>In the search box, type allow.user.create.projects.</para></listitem>
<listitem><para>Click the edit button to set the parameter. <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/edit-icon.png" />
</imageobject>
<textobject><phrase>editbutton.png: Edits parameters</phrase></textobject>
</inlinemediaobject></para><informaltable>
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<tbody>
<row>
<entry><para>allow.user.create.projects</para></entry>
<entry><para>Set to true to allow end users to create projects. Set to false if you want only the &PRODUCT; root administrator and domain administrators to create projects.</para></entry>
</row>
</tbody></tgroup></informaltable></listitem>
<listitem><para>Restart the Management Server.</para><programlisting># service cloud-management restart</programlisting></listitem>
</orderedlist>
<title>Setting Project Creator Permissions</title>
<para>You can configure &PRODUCT; to allow any user to create a new project, or you can restrict
that ability to just &PRODUCT; administrators.</para>
<orderedlist>
<listitem>
<para>Log in as administrator to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation, click Global Settings.</para>
</listitem>
<listitem>
<para>In the search box, type allow.user.create.projects.</para>
</listitem>
<listitem>
<para>Click the edit button to set the parameter.<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/edit-icon.png"/>
</imageobject>
<textobject>
<phrase>editbutton.png: Edits parameters</phrase>
</textobject>
</inlinemediaobject></para>
<informaltable>
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<tbody>
<row>
<entry><para>allow.user.create.projects</para></entry>
<entry><para>Set to true to allow end users to create projects. Set to false if you
want only the &PRODUCT; root administrator and domain administrators to create
projects.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
<listitem>
<para>Restart the Management Server.</para>
<programlisting># service cloud-management restart</programlisting>
</listitem>
</orderedlist>
</section>

42
docs/en-US/set-resource-limits-for-projects.xml
View File

@ -3,26 +3,30 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="set-resource-limits-for-projects">
<title>Setting Resource Limits for Projects</title>
<para>The &PRODUCT; administrator can set global default limits to control the amount of resources that can be owned by each project in the cloud. This serves to prevent uncontrolled usage of resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators can override these resource limits for individual projects with their domains, as long as the new limits are below the global defaults set by the &PRODUCT; root administrator. The root administrator can also set lower resource limits for any project in the cloud</para>
<title>Setting Resource Limits for Projects</title>
<para>The &PRODUCT; administrator can set global default limits to control the amount of resources
that can be owned by each project in the cloud. This serves to prevent uncontrolled usage of
resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators
can override these resource limits for individual projects with their domains, as long as the
new limits are below the global defaults set by the &PRODUCT; root administrator. The root
administrator can also set lower resource limits for any project in the cloud</para>
<xi:include href="set-per-project-resource-limits.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="set-global-project-resource-limits.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

37
docs/en-US/small_scale_deployment.xml Normal file
View File

@ -0,0 +1,37 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="small_scale_deployment">
<title>Small-Scale Deployment</title>
<mediaobject>
<imageobject>
<imagedata fileref="./images/small_scale_deployment.png" />
</imageobject>
<textobject><phrase>Small-Scale Deployment</phrase></textobject>
</mediaobject>
<para>This diagram illustrates the network architecture of a small-scale &PRODUCT; deployment.</para>
<itemizedlist>
<listitem><para>A firewall provides a connection to the Internet. The firewall is configured in NAT mode. The firewall forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.</para></listitem>
<listitem><para>A layer-2 switch connects all physical servers and storage.</para></listitem>
<listitem><para>A single NFS server functions as both the primary and secondary storage.</para></listitem>
<listitem><para>The Management Server is connected to the management network.</para></listitem>
</itemizedlist>
</section>

27
docs/en-US/storage-overview.xml Normal file
View File

@ -0,0 +1,27 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="storage-overview">
<title>Storage Overview</title>
<para>&PRODUCT; defines two types of storage: primary and secondary. Primary storage can be
accessed by either iSCSI or NFS. Additionally, direct attached storage may be used for primary
storage. Secondary storage is always accessed using NFS.</para>
<para>There is no ephemeral storage in &PRODUCT;. All volumes on all nodes are persistent.</para>
</section>

14
docs/en-US/suspend-project.xml
View File

@ -32,17 +32,21 @@
<listitem><para>In the left navigation, click Projects.</para></listitem>
<listitem><para>In Select View, choose Projects.</para></listitem>
<listitem><para>Click the name of the project.</para></listitem>
<listitem><para>Click one of the buttons:<inlinemediaobject>
<listitem><para>Click one of the buttons:</para><para>To delete, use <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/delete-button.png" />
</imageobject>
<textobject><phrase>deletebutton.png: Removes a member</phrase></textobject>
</inlinemediaobject></para>
<para><inlinemediaobject>
<textobject>
<phrase>deletebutton.png: Removes a project</phrase>
</textobject>
</inlinemediaobject></para>
<para>To suspend, use<inlinemediaobject>
<imageobject>
<imagedata fileref="./images/suspend-icon.png" />
</imageobject>
<textobject><phrase>deletebutton.png: Removes a member</phrase></textobject>
<textobject>
<phrase>deletebutton.png: suspends a project</phrase>
</textobject>
</inlinemediaobject></para></listitem>
</orderedlist>
</section>

2
docs/en-US/system-service-offerings.xml
View File

@ -26,4 +26,4 @@
<title>System Service Offerings</title>
<para>System service offerings provide a choice of CPU speed, number of CPUs, tags, and RAM size, just as other service offerings do. But rather than being used for virtual machine instances and exposed to users, system service offerings are used to change the default properties of virtual routers, console proxies, and other system VMs. System service offerings are visible only to the &PRODUCT; root administrator. &PRODUCT; provides default system service offerings. The &PRODUCT; root administrator can create additional custom system service offerings.</para>
<para>When &PRODUCT; creates a virtual router for a guest network, it uses default settings which are defined in the system service offering associated with the network offering. You can upgrade the capabilities of the virtual router by applying a new network offering that contains a different system service offering. All virtual routers in that network will begin using the settings from the new service offering.</para>
</section>
</section>

35
docs/en-US/ui.xml
View File

@ -5,24 +5,25 @@
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="ui">
<title>User Interface</title>
<xi:include href="log-in.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<title>User Interface</title>
<xi:include href="log-in.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="using-sshkeys.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>

119
docs/en-US/user-services-overview.xml
View File

@ -5,94 +5,35 @@
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="user-services-overview">
<title>User Services Overview</title>
<para>In addition to the physical and logical infrastructure of your cloud, and the &PRODUCT; software and servers, you also need a layer of user services so that people can actually make use of the cloud. This means not just a user UI, but a set of options and resources that users can choose from, such as templates for creating virtual machines, disk storage, and more. If you are running a commercial service, you will be keeping track of what services and resources users are consuming and charging them for that usage. Even if you do not charge anything for people to use your cloud say, if the users are strictly internal to your organization, or just friends who are sharing your cloud you can still keep track of what services they use and how much of them.</para>
<section id="offerings-and-templates">
<title>Service Offerings, Disk Offerings, Network Offerings, and Templates</title>
<para>A user creating a new instance can make a variety of choices about its characteristics and capabilities. &PRODUCT; provides several ways to present users with choices when creating a new instance:</para>
<itemizedlist>
<listitem><para>Service Offerings, defined by the &PRODUCT; administrator, provide a choice of CPU speed, number of CPUs, RAM size, tags on the root disk, and other choices. See Creating a New Compute Offering.</para></listitem>
<listitem><para>Disk Offerings, defined by the &PRODUCT; administrator, provide a choice of disk size for primary data storage. See Creating a New Disk Offering.</para></listitem>
<listitem><para>Network Offerings, defined by the &PRODUCT; administrator, describe the feature set that is available to end users from the virtual router or external networking devices on a given guest network. See Network Offerings.</para></listitem>
<listitem><para>Templates, defined by the &PRODUCT; administrator or by any &PRODUCT; user, are the base OS images that the user can choose from when creating a new instance. For example, &PRODUCT; includes CentOS as a template. See Working with Templates.</para></listitem>
</itemizedlist>
<para>In addition to these choices that are provided for users, there is another type of service offering which is available only to the &PRODUCT; root administrator, and is used for configuring virtual infrastructure resources. For more information, see Upgrading a Virtual Router with System Service Offerings.</para>
</section>
<section id="accounts-users-domains">
<title>Accounts, Users, and Domains</title>
<para>An account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account. Users are like aliases in the account. Users in the same account are not isolated from each other, but they are isolated from users in other accounts. Most installations need not surface the notion of users; they just have one user per account.</para>
<para>Accounts are grouped by domains. Domains usually contain accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains. For example, a service provider with several resellers could create a domain for each reseller.</para>
<para>Administrators are accounts with special privileges in the system. There may be multiple administrators in the system. Administrators can create or delete other administrators, and change the password for any user in the system. Root administrators have complete access to the system, including managing templates, service offerings, customer care administrators, and domains. Domain administrators can perform administrative operations for users who belong to that domain. Domain administrators do not have visibility into physical servers or other domains.</para>
</section>
<section id="using-ldap-server">
<title>Using an LDAP Server for User Authentication</title>
<para>You can use an external LDAP server such as Microsoft Active Directory or ApacheDS to authenticate &PRODUCT; end-users. Just map &PRODUCT; accounts to the corresponding LDAP accounts using a query filter. The query filter is written using the query syntax of the particular LDAP server, and can include special wildcard characters provided by &PRODUCT; for matching common values such as the users email address and name. &PRODUCT; will search the external LDAP directory tree starting at a specified base directory and return the distinguished name (DN) and password of the matching user. This information along with the given password is used to authenticate the user.</para>
<para>To set up LDAP authentication in &PRODUCT;, call the &PRODUCT; API command ldapConfig and provide the following:</para>
<itemizedlist>
<listitem><para>Hostname or IP address and listening port of the LDAP server</para></listitem>
<listitem><para>Base directory and query filter</para></listitem>
<listitem><para>Search user DN credentials, which give &PRODUCT; permission to search on the LDAP server</para></listitem>
<listitem><para>SSL keystore and password, if SSL is used</para></listitem>
</itemizedlist>
<section id="example-ldap-commands">
<title>Example LDAP Configuration Commands</title>
<para>To understand the examples in this section, you need to know the basic concepts behind calling the &PRODUCT; API, which are explained in the Developers Guide.</para>
<para>The following shows an example invocation of ldapConfig with an ApacheDS LDAP server.</para>
<programlisting>http://127.0.0.1:8080/client/api?command=ldapConfig&amp;hostname=127.0.0.1&amp;searchbase=ou%3Dtesting%2Co%3Dproject&amp;queryfilter=%28%26%28uid%3D%25u%29%29&amp;binddn=cn%3DJohn+Singh%2Cou%3Dtesting%2Co%project&amp;bindpass=secret&amp;port=10389&amp;ssl=true&amp;truststore=C%3A%2Fcompany%2Finfo%2Ftrusted.ks&amp;truststorepass=secret&amp;response=json&amp;apiKey=YourAPIKey&amp;signature=YourSignatureHash
</programlisting>
<para>The command must be URL-encoded. Here is the same example without the URL encoding:</para>
<programlisting>
http://127.0.0.1:8080/client/api?command=ldapConfig
&amp;hostname=127.0.0.1
&amp;searchbase=ou=testing,o=project
&amp;queryfilter=(&amp;(%uid=%u))
&amp;binddn=cn=John+Singh,ou=testing,o=project
&amp;bindpass=secret
&amp;port=10389
&amp;ssl=true
&amp;truststore=C:/company/info/trusted.ks
&amp;truststorepass=secret
&amp;response=json
&amp;apiKey=YourAPIKey
&amp;signature=YourSignatureHash
</programlisting>
<para>The following shows a similar command for Active Directory. Here, the search base is the testing group within a company, and the users are matched up based on email address.</para>
<programlisting>http://10.147.29.101:8080/client/api?command=ldapConfig&amp;hostname=10.147.28.250&amp;searchbase=OU%3Dtesting%2CDC%3Dcompany&amp;queryfilter=%28%26%28mail%3D%25e%29%29&amp;binddn=CN%3DAdministrator%2COU%3Dtesting%2CDC%3Dcompany&amp;bindpass=1111_aaaa&amp;port=389&amp;response=json&amp;apiKey=YourAPIKey&amp;signature=YourSignatureHash</programlisting>
<para>The next few sections explain some of the concepts you will need to know when filling out the ldapConfig parameters.</para>
</section>
<section id="search-base">
<title>Search Base</title>
<para>Coming soon: TODO</para>
</section>
<section id="query-filter">
<title>Query Filter</title>
<para>Coming soon: TODO</para>
</section>
<section id="search-user-bind-dn">
<title>Search User Bind DN</title>
<para>Coming soon: TODO</para>
</section>
<section id="ssl-keystore-path-and-password">
<title>SSL Keystore Path and Password</title>
<para>Coming soon: TODO</para>
</section>
</section>
</section>
<chapter id="user-services-overview">
<title>User Services Overview</title>
<para>In addition to the physical and logical infrastructure of your cloud, and the &PRODUCT; software and servers, you also need a layer of user services so that people can actually make use of the cloud. This means not just a user UI, but a set of options and resources that users can choose from, such as templates for creating virtual machines, disk storage, and more. If you are running a commercial service, you will be keeping track of what services and resources users are consuming and charging them for that usage. Even if you do not charge anything for people to use your cloud say, if the users are strictly internal to your organization, or just friends who are sharing your cloud you can still keep track of what services they use and how much of them.</para>
<section id="offerings-and-templates">
<title>Service Offerings, Disk Offerings, Network Offerings, and Templates</title>
<para>A user creating a new instance can make a variety of choices about its characteristics and capabilities. &PRODUCT; provides several ways to present users with choices when creating a new instance:</para>
<itemizedlist>
<listitem><para>Service Offerings, defined by the &PRODUCT; administrator, provide a choice of CPU speed, number of CPUs, RAM size, tags on the root disk, and other choices. See Creating a New Compute Offering.</para></listitem>
<listitem><para>Disk Offerings, defined by the &PRODUCT; administrator, provide a choice of disk size for primary data storage. See Creating a New Disk Offering.</para></listitem>
<listitem><para>Network Offerings, defined by the &PRODUCT; administrator, describe the feature set that is available to end users from the virtual router or external networking devices on a given guest network. See Network Offerings.</para></listitem>
<listitem><para>Templates, defined by the &PRODUCT; administrator or by any &PRODUCT; user, are the base OS images that the user can choose from when creating a new instance. For example, &PRODUCT; includes CentOS as a template. See Working with Templates.</para></listitem>
</itemizedlist>
<para>In addition to these choices that are provided for users, there is another type of service offering which is available only to the &PRODUCT; root administrator, and is used for configuring virtual infrastructure resources. For more information, see Upgrading a Virtual Router with System Service Offerings.</para>
</section>
</chapter>

34
docs/en-US/virtual-machines.xml Normal file
View File

@ -0,0 +1,34 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="virtual-machines">
<title>Working With Virtual Machines</title>
<xi:include href="about-working-with-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="best-practices-for-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="vm-lifecycle.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="creating-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="accessing-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="stopping-and-starting-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="changing-vm-name-os-group.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="changing-service-offering-for-vm.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="manual-live-migration.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="deleting-vms.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="working-with-iso.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</chapter>

3
docs/publican-adminguide.cfg
View File

@ -20,10 +20,11 @@
xml_lang: en-US
type: Book
docname: cloudstack_admin
docname: Admin_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1
condition: admin

2
docs/publican-devguide.cfg
View File

@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
docname: cloudstack_developers
docname: API_Developers_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1

2
docs/publican-installation.cfg
View File

@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
docname: cloudstack_installation
docname: Installation_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1

28
docs/publican-plugin-niciranvp.cfg Normal file
View File

@ -0,0 +1,28 @@
# Publican configuration file for CloudStack Complete Documentation Set
# Contains all technical docs except release notes
# Config::Simple 4.58
# Tue May 29 00:57:27 2012
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information#
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
xml_lang: en-US
type: Book
docname: CloudStack_Nicira_NVP_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1
condition: install

2
docs/publican-release-notes-4_0.cfg → docs/publican-release-notes.cfg
View File

@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
docname: release-notes-4.0
docname: release-notes
brand: cloudstack
chunk_first: 0
chunk_section_depth: 0