diff --git a/docs/en-US/API_Developers_Guide.ent b/docs/en-US/API_Developers_Guide.ent
new file mode 100644
index 00000000000..6e902acd479
--- /dev/null
+++ b/docs/en-US/API_Developers_Guide.ent
@@ -0,0 +1,21 @@
+
+
+
+
+
diff --git a/docs/en-US/cloudstack_developers.xml b/docs/en-US/API_Developers_Guide.xml
similarity index 93%
rename from docs/en-US/cloudstack_developers.xml
rename to docs/en-US/API_Developers_Guide.xml
index d1d50c4f3bd..7d55e0dd890 100644
--- a/docs/en-US/cloudstack_developers.xml
+++ b/docs/en-US/API_Developers_Guide.xml
@@ -24,11 +24,10 @@
- &PRODUCT; Guide
- Revised August 9, 2012 10:48 pm Pacific
+ &PRODUCT; API Developers Guide
Apache CloudStack
4.0
- 1
+
diff --git a/docs/en-US/cloudstack_admin.ent b/docs/en-US/Admin_Guide.ent
similarity index 100%
rename from docs/en-US/cloudstack_admin.ent
rename to docs/en-US/Admin_Guide.ent
diff --git a/docs/en-US/cloudstack_admin.xml b/docs/en-US/Admin_Guide.xml
similarity index 100%
rename from docs/en-US/cloudstack_admin.xml
rename to docs/en-US/Admin_Guide.xml
diff --git a/docs/en-US/Book_Info_Admin.xml b/docs/en-US/Book_Info_Admin.xml
new file mode 100644
index 00000000000..6bf89b328c8
--- /dev/null
+++ b/docs/en-US/Book_Info_Admin.xml
@@ -0,0 +1,46 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+ Apache CloudStack 4.0
+ Administrator's Guide
+ Revised September 11, 2012 01:32 am Pacific
+
+
+
+
+ If you have already installed &PRODUCT; or you want to learn more about the ongoing
+ operation and maintenance of a &PRODUCT;-powered cloud, read this documentation. It
+ will help you start using, configuring, and managing the ongoing operation of your cloud.
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/en-US/cloudstack_developers.ent b/docs/en-US/CloudStack_Nicira_NVP_Guide.ent
similarity index 100%
rename from docs/en-US/cloudstack_developers.ent
rename to docs/en-US/CloudStack_Nicira_NVP_Guide.ent
diff --git a/docs/en-US/CloudStack_Nicira_NVP_Guide.xml b/docs/en-US/CloudStack_Nicira_NVP_Guide.xml
new file mode 100644
index 00000000000..c535c7cb891
--- /dev/null
+++ b/docs/en-US/CloudStack_Nicira_NVP_Guide.xml
@@ -0,0 +1,54 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+
+
+
+ &PRODUCT; Plugin Guide for the Nicira NVP Plugin
+ Apache CloudStack
+ 4.0
+ 1
+
+
+
+ Plugin Guide for the Nicira NVP Plugin.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/en-US/cloudstack_installation.ent b/docs/en-US/Installation_Guide.ent
similarity index 100%
rename from docs/en-US/cloudstack_installation.ent
rename to docs/en-US/Installation_Guide.ent
diff --git a/docs/en-US/cloudstack_installation.xml b/docs/en-US/Installation_Guide.xml
similarity index 100%
rename from docs/en-US/cloudstack_installation.xml
rename to docs/en-US/Installation_Guide.xml
diff --git a/docs/en-US/add-additional-guest-network.xml b/docs/en-US/add-additional-guest-network.xml
index 57e7ffd57a8..c684da023da 100644
--- a/docs/en-US/add-additional-guest-network.xml
+++ b/docs/en-US/add-additional-guest-network.xml
@@ -3,41 +3,63 @@
%BOOK_ENTITIES;
]>
-
-
- Adding an Additional Guest Network
-
- Log in to the &PRODUCT; UI as an administrator or end user.
- In the left navigation, choose Network
- Click Add guest network. Provide the following information:
-
- Name. The name of the network. This will be user-visible.
- Description. The description of the network. This will be user-visible.
- Network offering. If the administrator has configured multiple network offerings, select the one you want to use for this network.
- Pod. The name of the pod this network applies to. Each pod in a basic zone is a broadcast domain, and therefore each pod has a different IP range for the guest network. The administrator must configure the IP range for each pod.
- VLAN ID. The VLAN tag for this network.
- Gateway. The gateway that the guests should use.
- Netmask. The netmask in use on the subnet the guests will use.
- Start IP/End IP. Enter the first and last IP addresses that define a range that &PRODUCT; can assign to guests. We strongly recommend the use of multiple NICs. If multiple NICs are used, they may be in a different subnet. If one NIC is used, these IPs should be in the same CIDR as the pod CIDR.
- Click Create.
-
-
-
+ Adding an Additional Guest Network
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ Click Add guest network. Provide the following information:
+
+
+ Name: The name of the network. This will be
+ user-visible.
+
+
+ Display Text: The description of the network. This
+ will be user-visible.
+
+
+ Zone. The name of the zone this network applies to.
+ Each zone is a broadcast domain, and therefore each zone has a different IP range for
+ the guest network. The administrator must configure the IP range for each zone.
+
+
+ Network offering: If the administrator has
+ configured multiple network offerings, select the one you want to use for this
+ network.
+
+
+ Guest Gateway: The gateway that the guests should
+ use.
+
+
+ Guest Netmask: The netmask in use on the subnet the
+ guests will use.
+
+
+
+
+ Click Create.
+
+
+
diff --git a/docs/en-US/add-clusters-kvm-xenserver.xml b/docs/en-US/add-clusters-kvm-xenserver.xml
new file mode 100644
index 00000000000..ad5737191fd
--- /dev/null
+++ b/docs/en-US/add-clusters-kvm-xenserver.xml
@@ -0,0 +1,53 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Add Cluster: KVM or XenServer
+ These steps assume you have already installed the hypervisor on the hosts and logged in to
+ the &PRODUCT; UI.
+
+
+ In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+ zone in which you want to add the cluster.
+
+
+ Click the Compute tab.
+
+
+ In the Clusters node of the diagram, click View All.
+
+
+ Click Add Cluster.
+
+
+ Choose the hypervisor type for this cluster.
+
+
+ Choose the pod in which you want to create the cluster.
+
+
+ Enter a name for the cluster. This can be text of your choosing and is not used by
+ &PRODUCT;.
+
+
+ Click OK.
+
+
+
diff --git a/docs/en-US/add-clusters-vsphere.xml b/docs/en-US/add-clusters-vsphere.xml
new file mode 100644
index 00000000000..d9e78d28476
--- /dev/null
+++ b/docs/en-US/add-clusters-vsphere.xml
@@ -0,0 +1,121 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Add Cluster: vSphere
+ Host management for vSphere is done through a combination of vCenter and the &PRODUCT; admin
+ UI. &PRODUCT; requires that all hosts be in a &PRODUCT; cluster, but the cluster may consist of
+ a single host. As an administrator you must decide if you would like to use clusters of one host
+ or of multiple hosts. Clusters of multiple hosts allow for features like live migration.
+ Clusters also require shared storage such as NFS or iSCSI.
+ For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding
+ the entire cluster to &PRODUCT;. Follow these requirements:
+
+
+ Do not put more than 8 hosts in a vSphere cluster
+
+
+ Make sure the hypervisor hosts do not have any VMs already running before you add them
+ to &PRODUCT;.
+
+
+ To add a vSphere cluster to &PRODUCT;:
+
+
+ Create the cluster of hosts in vCenter. Follow the vCenter instructions to do this. You
+ will create a cluster that looks something like this in vCenter.
+
+
+
+
+
+ vsphereclient.png: vSphere client
+
+
+
+
+ Log in to the UI.
+
+
+ In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+ zone in which you want to add the cluster.
+
+
+ Click the Compute tab, and click View All on Pods. Choose the pod to which you want to
+ add the cluster.
+
+
+ Click View Clusters.
+
+
+ Click Add Cluster.
+
+
+ In Hypervisor, choose VMware.
+
+
+ Provide the following information in the dialog. The fields below make reference to
+ values from vCenter.
+
+
+ Cluster Name. Enter the name of the cluster you created in vCenter. For example,
+ "cloud.cluster.2.2.1"
+
+
+ vCenter Host. Enter the hostname or IP address of the vCenter server.
+
+
+ vCenter Username. Enter the username that &PRODUCT; should use to connect to
+ vCenter. This user must have all administrative privileges.
+
+
+ vCenter Password. Enter the password for the user named above
+
+
+ vCenter Datacenter. Enter the vCenter datacenter that the cluster is in. For
+ example, "cloud.dc.VM".
+ If you have enabled Nexus dvSwitch in the environment, the following parameters for
+ dvSwitch configuration are displayed:
+
+
+ Nexus dvSwitch IP Address: The IP address of the Nexus VSM appliance.
+
+
+ Nexus dvSwitch Username: The username required to access the Nexus VSM
+ applicance.
+
+
+ Nexus dvSwitch Password: The password associated with the username specified
+ above.
+
+
+
+
+
+ addcluster.png: add cluster
+
+
+ There might be a slight delay while the cluster is provisioned. It will
+ automatically display in the UI
+
+
+
+
+
diff --git a/docs/en-US/add-gateway-vpc.xml b/docs/en-US/add-gateway-vpc.xml
new file mode 100644
index 00000000000..616794a51d1
--- /dev/null
+++ b/docs/en-US/add-gateway-vpc.xml
@@ -0,0 +1,104 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Adding a Private Gateway to a VPC
+ A private gateway can be added by the root admin only. The VPC private network has 1:1
+ relationship with the NIC of the physical network. No gateways with duplicated VLAN and IP are
+ allowed in the same data center.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to configure load balancing
+ rules.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Private Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ACLs
+
+
+
+
+ Select Private Gateways.
+ The Gateways page is displayed.
+
+
+ Click Add new gateway:
+
+
+
+
+
+ add-new-gateway-vpc.png: adding a private gateway for the VPC.
+
+
+
+
+ Specify the following:
+
+
+ Physical Network: The physical network you have
+ created in the zone.
+
+
+ IP Address: The IP address associated with the VPC
+ gateway.
+
+
+ Gateway: The gateway through which the traffic is
+ routed to and from the VPC.
+
+
+ Netmask: The netmask associated with the VPC
+ gateway.
+
+
+ VLAN: The VLAN associated with the VPC
+ gateway.
+
+
+ The new gateway appears in the list. You can repeat these steps to add more gateway for
+ this VPC.
+
+
+
diff --git a/docs/en-US/add-ingress-egress-rules.xml b/docs/en-US/add-ingress-egress-rules.xml
index 964045f4076..2490cec43cc 100644
--- a/docs/en-US/add-ingress-egress-rules.xml
+++ b/docs/en-US/add-ingress-egress-rules.xml
@@ -3,57 +3,129 @@
%BOOK_ENTITIES;
]>
-
-
- Adding Ingress and Egress Rules to a Security Group
-
- Log in to the &PRODUCT; UI as an administrator or end user.
- In the left navigation, choose Network
- In Select view, choose Security Groups, then click the security group you want .
- To add an ingress rule, click the Ingress Rules tab and fill out the following fields to specify what network traffic is allowed into VM instances in this security group. If no ingress rules are specified, then no traffic will be allowed in, except for responses to any traffic that has been allowed out through an egress rule.
-
- Add by CIDR/Account. Indicate whether the source of the traffic will be defined by IP address (CIDR) or an existing security group in a &PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from all VMs in another security group
- Protocol. The networking protocol that sources will use to send traffic to the security group. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data.
- Start Port, End Port. (TCP, UDP only) A range of listening ports that are the destination for the incoming traffic. If you are opening a single port, use the same number in both fields.
- ICMP Type, ICMP Code. (ICMP only) The type of message and error code that will be accepted.
- CIDR. (Add by CIDR only) To accept only traffic from IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
- Account, Security Group. (Add by Account only) To accept only traffic from another security group, enter the &PRODUCT; account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter the same name you used in step 7.
-
- The following example allows inbound HTTP access from anywhere:
-
-
-
-
- httpaccess.png: allows inbound HTTP access from anywhere
-
+ Adding Ingress and Egress Rules to a Security Group
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network
+
+
+ In Select view, choose Security Groups, then click the security group you want .
+
+
+ To add an ingress rule, click the Ingress Rules tab and fill out the following fields to
+ specify what network traffic is allowed into VM instances in this security group. If no
+ ingress rules are specified, then no traffic will be allowed in, except for responses to any
+ traffic that has been allowed out through an egress rule.
+
+
+ Add by CIDR/Account. Indicate whether the source of
+ the traffic will be defined by IP address (CIDR) or an existing security group in a
+ &PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from
+ all VMs in another security group
- To add an egress rule, click the Egress Rules tab and fill out the following fields to specify what type of traffic is allowed to be sent out of VM instances in this security group. If no egress rules are specified, then all traffic will be allowed out. Once egress rules are specified, the following types of traffic are allowed out: traffic specified in egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been allowed in through an ingress rule
-
- Add by CIDR/Account. Indicate whether the destination of the traffic will be defined by IP address (CIDR) or an existing security group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing traffic to all VMs in another security group.
- Protocol. The networking protocol that VMs will use to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data.
- Start Port, End Port. (TCP, UDP only) A range of listening ports that are the destination for the outgoing traffic. If you are opening a single port, use the same number in both fields.
- ICMP Type, ICMP Code. (ICMP only) The type of message and error code that will be sent
- CIDR. (Add by CIDR only) To send traffic only to IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
- Account, Security Group. (Add by Account only) To allow traffic to be sent to another security group, enter the &PRODUCT; account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter its name.
-
- Click Add.
-
+
+ Protocol. The networking protocol that sources will
+ use to send traffic to the security group. TCP and UDP are typically used for data
+ exchange and end-user communications. ICMP is typically used to send error messages or
+ network monitoring data.
+
+
+ Start Port, End Port. (TCP, UDP only) A range of
+ listening ports that are the destination for the incoming traffic. If you are opening a
+ single port, use the same number in both fields.
+
+
+ ICMP Type, ICMP Code. (ICMP only) The type of
+ message and error code that will be accepted.
+
+
+ CIDR. (Add by CIDR only) To accept only traffic
+ from IP addresses within a particular address block, enter a CIDR or a comma-separated
+ list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example,
+ 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
+
+
+ Account, Security Group. (Add by Account only) To
+ accept only traffic from another security group, enter the &PRODUCT; account and name of
+ a security group that has already been defined in that account. To allow traffic between
+ VMs within the security group you are editing now, enter the same name you used in step
+ 7.
+
+
+ The following example allows inbound HTTP access from anywhere:
+
+
+
+
+
+ httpaccess.png: allows inbound HTTP access from anywhere
+
+
+
+
+ To add an egress rule, click the Egress Rules tab and fill out the following fields to
+ specify what type of traffic is allowed to be sent out of VM instances in this security
+ group. If no egress rules are specified, then all traffic will be allowed out. Once egress
+ rules are specified, the following types of traffic are allowed out: traffic specified in
+ egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been
+ allowed in through an ingress rule
+
+
+ Add by CIDR/Account. Indicate whether the
+ destination of the traffic will be defined by IP address (CIDR) or an existing security
+ group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing
+ traffic to all VMs in another security group.
+
+
+ Protocol. The networking protocol that VMs will use
+ to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user
+ communications. ICMP is typically used to send error messages or network monitoring
+ data.
+
+
+ Start Port, End Port. (TCP, UDP only) A range of
+ listening ports that are the destination for the outgoing traffic. If you are opening a
+ single port, use the same number in both fields.
+
+
+ ICMP Type, ICMP Code. (ICMP only) The type of
+ message and error code that will be sent
+
+
+ CIDR. (Add by CIDR only) To send traffic only to IP
+ addresses within a particular address block, enter a CIDR or a comma-separated list of
+ CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22.
+ To allow all CIDRs, set to 0.0.0.0/0.
+
+
+ Account, Security Group. (Add by Account only) To
+ allow traffic to be sent to another security group, enter the &PRODUCT; account and name
+ of a security group that has already been defined in that account. To allow traffic
+ between VMs within the security group you are editing now, enter its name.
+
+
+
+
+ Click Add.
+
+
diff --git a/docs/en-US/add-iso.xml b/docs/en-US/add-iso.xml
index f56d10cb0f5..25986e02e92 100644
--- a/docs/en-US/add-iso.xml
+++ b/docs/en-US/add-iso.xml
@@ -3,89 +3,149 @@
%BOOK_ENTITIES;
]>
-
-
- Adding an ISO
- To make additional operating system or other software available for use with guest VMs, you can add an ISO. The ISO is typically thought of as an operating system image, but you can also add ISOs for other types of software, such as desktop applications that you want to be installed as part of a template.
-
- Log in to the &PRODUCT; UI as an administrator or end user.
- In the left navigation bar, click Templates.
- In Select View, choose ISOs.
- Click Add ISO.
- In the Add ISO screen, provide the following:
-
- Name. Short name for the ISO image. (E.g. CentOS 6.2 64 bit).
- Description. Display test for the ISO image. (E.g. CentOS 6.2 64 bit).
- URL. The URL that hosts the ISO image. The Management Server must be able to access this location via HTTP. If needed you can place the ISO image directly on the Management Server
- Zone. Choose the zone where you want the ISO to be available, or All Zones to make it available throughout &PRODUCT;.
- Bootable. Whether or not a guest could boot off this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not bootable.
- OS Type. This helps &PRODUCT; and the hypervisor perform certain operations and make assumptions that improve the performance of the guest. Select one of the following.
-
- If the operating system of your desired ISO image is listed, choose it.
- If the OS Type of the ISO is not listed or if the ISO is not bootable, choose Other.
- (XenServer only) If you want to boot from this ISO in PV mode, choose Other PV (32-bit) or Other PV (64-bit)
- (KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have an IDE root disk. The PV-enabled types are:
-
-
-
-
- Fedora 13
- Fedora 12
- Fedora 11
-
-
-
- Fedora 10
- Fedora 9
- Other PV
-
-
-
- Debian GNU/Linux
- CentOS 5.3
- CentOS 5.4
-
-
- CentOS 5.5
- Red Hat Enterprise Linux 5.3
- Red Hat Enterprise Linux 5.4
-
-
- Red Hat Enterprise Linux 5.5
- Red Hat Enterprise Linux 6
-
-
-
-
-
-
- Note: It is not recommended to choose an older version of the OS than the version in the image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not work. In these cases, choose Other.
-
- Extractable. Choose Yes if the ISO should be available for extraction.
- Public. Choose Yes if this ISO should be available to other users.
- Featured. Choose Yes if you would like this ISO to be more prominent for users to select. The ISO will appear in the Featured ISOs list. Only an administrator can make an ISO Featured.
-
- Click OK.
- The Management Server will download the ISO. Depending on the size of the ISO, this may take a long time. The ISO status column will display Ready once it has been successfully downloaded into secondary storage. Clicking Refresh updates the download percentage.
+ Adding an ISO
+ To make additional operating system or other software available for use with guest VMs, you
+ can add an ISO. The ISO is typically thought of as an operating system image, but you can also
+ add ISOs for other types of software, such as desktop applications that you want to be installed
+ as part of a template.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation bar, click Templates.
+
+
+ In Select View, choose ISOs.
+
+
+ Click Add ISO.
+
+
+ In the Add ISO screen, provide the following:
+
+
+ Name: Short name for the ISO image. For example,
+ CentOS 6.2 64-bit.
- Important: Wait for the ISO to finish downloading. If you move on to the next task and try to use the ISO right away, it will appear to fail. The entire ISO must be available before &PRODUCT; can work with it
-
+
+ Description: Display test for the ISO image. For
+ example, CentOS 6.2 64-bit.
+
+
+ URL: The URL that hosts the ISO image. The
+ Management Server must be able to access this location via HTTP. If needed you can place
+ the ISO image directly on the Management Server
+
+
+ Zone: Choose the zone where you want the ISO to be
+ available, or All Zones to make it available throughout &PRODUCT;.
+
+
+ Bootable: Whether or not a guest could boot off
+ this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not
+ bootable.
+
+
+ OS Type: This helps &PRODUCT; and the hypervisor
+ perform certain operations and make assumptions that improve the performance of the
+ guest. Select one of the following.
+
+
+ If the operating system of your desired ISO image is listed, choose it.
+
+
+ If the OS Type of the ISO is not listed or if the ISO is not bootable, choose
+ Other.
+
+
+ (XenServer only) If you want to boot from this ISO in PV mode, choose Other PV
+ (32-bit) or Other PV (64-bit)
+
+
+ (KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO
+ will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have
+ an IDE root disk. The PV-enabled types are:
+
+
+
+
+ Fedora 13
+ Fedora 12
+ Fedora 11
+
+
+ Fedora 10
+ Fedora 9
+ Other PV
+
+
+ Debian GNU/Linux
+ CentOS 5.3
+ CentOS 5.4
+
+
+ CentOS 5.5
+ Red Hat Enterprise Linux 5.3
+ Red Hat Enterprise Linux 5.4
+
+
+ Red Hat Enterprise Linux 5.5
+ Red Hat Enterprise Linux 6
+
+
+
+
+
+
+
+
+ It is not recommended to choose an older version of the OS than the version in the
+ image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not
+ work. In these cases, choose Other.
+
+
+
+ Extractable: Choose Yes if the ISO should be
+ available for extraction.
+
+
+ Public: Choose Yes if this ISO should be available
+ to other users.
+
+
+ Featured: Choose Yes if you would like this ISO to
+ be more prominent for users to select. The ISO will appear in the Featured ISOs list.
+ Only an administrator can make an ISO Featured.
+
+
+
+
+ Click OK.
+ The Management Server will download the ISO. Depending on the size of the ISO, this may
+ take a long time. The ISO status column will display Ready once it has been successfully
+ downloaded into secondary storage. Clicking Refresh updates the download percentage.
+
+
+ Important: Wait for the ISO to finish downloading. If
+ you move on to the next task and try to use the ISO right away, it will appear to fail. The
+ entire ISO must be available before &PRODUCT; can work with it.
+
+
diff --git a/docs/en-US/add-load-balancer-rule.xml b/docs/en-US/add-load-balancer-rule.xml
index ddbce957926..8cd0da4b7da 100644
--- a/docs/en-US/add-load-balancer-rule.xml
+++ b/docs/en-US/add-load-balancer-rule.xml
@@ -3,44 +3,80 @@
%BOOK_ENTITIES;
]>
-
-
- Adding a Load Balancer Rule
-
- Log in to the &PRODUCT; UI as an administrator or end user.
- In the left navigation, choose Network.
- Click the name of the network where you want to load balance the traffic.
- Click View IP Addresses.
- Click the IP address for which you want to create the rule, then click the Configuration tab.
- In the Load Balancing node of the diagram, click View All.
- Fill in the following:
-
- Name. A name for the load balancer rule.
- Public Port. The port receiving incoming traffic to be balanced.
- Private Port. The port that the VMs will use to receive the traffic.
- Algorithm. Choose the load balancing algorithm you want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are not familiar with these choices, you will find plenty of information about them on the Internet.
- Stickiness. (Optional) Click Configure and choose the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer Rules.
-
- Click Add VMs, then select two or more VMs that will divide the load of incoming traffic, and click Apply.
- The new load balancer rule appears in the list. You can repeat these steps to add more load balancer rules for this IP address.
-
-
+ Adding a Load Balancer Rule
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ Click the name of the network where you want to load balance the traffic.
+
+
+ Click View IP Addresses.
+
+
+ Click the IP address for which you want to create the rule, then click the Configuration
+ tab.
+
+
+ In the Load Balancing node of the diagram, click View All.
+ In a Basic zone, you can also create a load balancing rule without acquiring or
+ selecting an IP address. &PRODUCT; internally assign an IP when you create the load
+ balancing rule, which is listed in the IP Addresses page when the rule is created.
+ To do that, select the name of the network, then click Add Load Balancer tab. Continue
+ with .
+
+
+ Fill in the following:
+
+
+ Name: A name for the load balancer rule.
+
+
+ Public Port: The port receiving incoming traffic to
+ be balanced.
+
+
+ Private Port: The port that the VMs will use to
+ receive the traffic.
+
+
+ Algorithm: Choose the load balancing algorithm you
+ want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are
+ not familiar with these choices, you will find plenty of information about them on the
+ Internet.
+
+
+ Stickiness: (Optional) Click Configure and choose
+ the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer
+ Rules.
+
+
+
+
+ Click Add VMs, then select two or more VMs that will divide the load of incoming
+ traffic, and click Apply.
+ The new load balancer rule appears in the list. You can repeat these steps to add more
+ load balancer rules for this IP address.
+
+
diff --git a/docs/en-US/add-members-to-projects.xml b/docs/en-US/add-members-to-projects.xml
index a51726e14fc..39c3edfb2c3 100644
--- a/docs/en-US/add-members-to-projects.xml
+++ b/docs/en-US/add-members-to-projects.xml
@@ -29,5 +29,7 @@
If invitations have been enabled, you can send invitations to new members.
If invitations are not enabled, you can add members directly through the UI.
+
+
diff --git a/docs/en-US/add-more-clusters.xml b/docs/en-US/add-more-clusters.xml
new file mode 100644
index 00000000000..a2e41e38f84
--- /dev/null
+++ b/docs/en-US/add-more-clusters.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Add More Clusters (Optional)
+ You need to tell &PRODUCT; about the hosts that it will manage. Hosts exist inside clusters,
+ so before you begin adding hosts to the cloud, you must add at least one cluster.
+
+
+
+
+
diff --git a/docs/en-US/add-primary-storage.xml b/docs/en-US/add-primary-storage.xml
new file mode 100644
index 00000000000..9c7ad3dc9cf
--- /dev/null
+++ b/docs/en-US/add-primary-storage.xml
@@ -0,0 +1,108 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Adding Primary Storage
+
+ Ensure that nothing stored on the server. Adding the server to CloudStack will destroy any
+ existing data.
+
+ When you create a new zone, the first primary storage is added as part of that procedure.
+ You can add primary storage servers at any time, such as when adding a new cluster or adding
+ more servers to an existing cluster.
+
+
+ Log in to the &PRODUCT; UI.
+
+
+ In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+ zone in which you want to add the primary storage.
+
+
+ Click the Compute tab.
+
+
+ In the Primary Storage node of the diagram, click View All.
+
+
+ Click Add Primary Storage.
+
+
+ Provide the following information in the dialog. The information required varies
+ depending on your choice in Protocol.
+
+
+ Pod. The pod for the storage device.
+
+
+ Cluster. The cluster for the storage device.
+
+
+ Name. The name of the storage device
+
+
+ Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS
+ or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or
+ NFS
+
+
+ Server (for NFS, iSCSI, or PreSetup). The IP address or DNS name of the storage
+ device
+
+
+ Server (for VMFS). The IP address or DNS name of the vCenter server.
+
+
+ Path (for NFS). In NFS this is the exported path from the server.
+
+
+ Path (for VMFS). In vSphere this is a combination of the datacenter name and the
+ datastore name. The format is "/" datacenter name "/" datastore name. For example,
+ "/cloud.dc.VM/cluster1datastore".
+
+
+ Path (for SharedMountPoint). With KVM this is the path on each host that is where
+ this primary storage is mounted. For example, "/mnt/primary".
+
+
+ SR Name-Label (for PreSetup). Enter the name-label of the SR that has been set up
+ outside &PRODUCT;.
+
+
+ Target IQN (for iSCSI). In iSCSI this is the IQN of the target. For example,
+ iqn.1986-03.com.sun:02:01ec9bb549-1271378984
+
+
+ Lun # (for iSCSI). In iSCSI this is the LUN number. For example, 3.
+
+
+ Tags (optional). The comma-separated list of tags for this storage device. It should
+ be an equivalent set or superset of the tags on your disk offerings
+
+
+ The tag sets on primary storage across clusters in a Zone must be identical. For
+ example, if cluster A provides primary storage that has tags T1 and T2, all other clusters
+ in the Zone must also provide primary storage that has tags T1 and T2.
+
+
+ Click OK.
+
+
+
diff --git a/docs/en-US/add-secondary-storage.xml b/docs/en-US/add-secondary-storage.xml
new file mode 100644
index 00000000000..318a6ea79b6
--- /dev/null
+++ b/docs/en-US/add-secondary-storage.xml
@@ -0,0 +1,48 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Adding Secondary Storage
+
+ Be sure there is nothing stored on the server. Adding the server to CloudStack will
+ destroy any existing data.
+
+ When you create a new zone, the first secondary storage is added as part of that procedure.
+ You can add secondary storage servers at any time to add more servers to an existing
+ zone.
+
+
+ If you are going to use Swift for cloud-wide secondary storage, you must add the Swift
+ storage to &PRODUCT; before you add the local zone secondary storage servers.
+
+
+ To prepare for local zone secondary storage, you should have created and mounted an NFS
+ share during Management Server installation.
+
+
+ Make sure you prepared the system VM template during Management Server
+ installation.
+
+
+ 4. Now that the secondary storage server for per-zone storage is prepared, add it to
+ &PRODUCT;. Secondary storage is added as part of the procedure for adding a new zone.
+
+
+
diff --git a/docs/en-US/add-security-group.xml b/docs/en-US/add-security-group.xml
index e4c8b3ce2da..85a6ba0b38a 100644
--- a/docs/en-US/add-security-group.xml
+++ b/docs/en-US/add-security-group.xml
@@ -3,37 +3,47 @@
%BOOK_ENTITIES;
]>
-
-
- Adding a Security Group
- A user or administrator can change the network offering that is associated with an existing guest network.
-
- Log in to the &PRODUCT; UI as an administrator or end user.
- In the left navigation, choose Network
- In Select view, choose Security Groups.
- Click Add Security Group.
- Provide a name and description.
- Click OK.
- The new security group appears in the Security Groups Details tab.
- To make the security group useful, continue to Adding Ingress and Egress Rules to a Security Group.
-
+ Adding a Security Group
+ A user or administrator can define a new security group.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network
+
+
+ In Select view, choose Security Groups.
+
+
+ Click Add Security Group.
+
+
+ Provide a name and description.
+
+
+ Click OK.
+ The new security group appears in the Security Groups Details tab.
+
+
+ To make the security group useful, continue to Adding Ingress and Egress Rules to a
+ Security Group.
+
+
-
diff --git a/docs/en-US/add-tier.xml b/docs/en-US/add-tier.xml
new file mode 100644
index 00000000000..6beaab2a151
--- /dev/null
+++ b/docs/en-US/add-tier.xml
@@ -0,0 +1,89 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Adding Tiers
+ Tiers are distinct locations within a VPC that act as isolated networks, which do not have
+ access to other tiers by default. Tiers are set up on different VLANs that can communicate with
+ each other by using a virtual router. Tiers provide inexpensive, low latency network
+ connectivity to other tiers within the VPC.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPC that you have created for the account is listed in the page.
+
+ The end users can see their own VPCs, while root and domain admin can see any VPC they
+ are authorized to see.
+
+
+
+ Click the Configure button of the VPC for which you want to set up tiers.
+ The Add new tier dialog is displayed, as follows:
+
+
+
+
+
+ add-tier.png: adding a tier to a vpc.
+
+
+ If you have already created tiers, the VPC diagram is displayed. Click Create Tier to
+ add a new tier.
+
+
+ Specify the following:
+ All the fields are mandatory.
+
+
+ Name: A unique name for the tier you create.
+
+
+ Network Offering: The following default network
+ offerings are listed: DefaultIsolatedNetworkOfferingForVpcNetworksNoLB,
+ DefaultIsolatedNetworkOfferingForVpcNetworks
+ In a VPC, only one tier can be created by using LB-enabled network offering.
+
+
+ Gateway: The gateway for the tier you create.
+ Ensure that the gateway is within the Super CIDR range that you specified while creating
+ the VPC, and is not overlapped with the CIDR of any existing tier within the VPC.
+
+
+ Netmask: The netmask for the tier you create.
+ For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is
+ 10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is
+ 255.255.255.0.
+
+
+
+
+ Click OK.
+
+
+ Continue with configuring access control list for the tier.
+
+
+
diff --git a/docs/en-US/add-vm-to-tier.xml b/docs/en-US/add-vm-to-tier.xml
new file mode 100644
index 00000000000..e401eed2656
--- /dev/null
+++ b/docs/en-US/add-vm-to-tier.xml
@@ -0,0 +1,45 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Deploying VMs to the Tier
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to deploy the VMs.
+ The VPC page is displayed where all the tiers you created are listed.
+
+
+ Click the Add VM button of the tier for which you want to add a VM.
+ The Add Instance page is displayed.
+ Follow the on-screen instruction to add an instance. For information on adding an
+ instance, see Adding Instances section in the Installation Guide.
+
+
+
diff --git a/docs/en-US/add-vpc.xml b/docs/en-US/add-vpc.xml
new file mode 100644
index 00000000000..8c088a0e1fd
--- /dev/null
+++ b/docs/en-US/add-vpc.xml
@@ -0,0 +1,75 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Adding a Virtual Private Cloud
+ When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC
+ network address space. You specify this set of addresses in the form of a Classless Inter-Domain
+ Routing (CIDR) block.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+
+
+ Click Add VPC. The Add VPC page is displayed as follows:
+
+
+
+
+
+ add-vpc.png: adding a vpc.
+
+
+ Provide the following information:
+
+
+ Name: A short name for the VPC that you are
+ creating.
+
+
+ Description: A brief description of the VPC.
+
+
+ Zone: Choose the zone where you want the VPC to be
+ available.
+
+
+ Super CIDR for Guest Networks: Defines the CIDR
+ range for all the tiers (guest networks) within a VPC. When you create a tier, ensure
+ that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918
+ compliant.
+
+
+ DNS domain for Guest Networks: If you want to
+ assign a special domain name, specify the DNS suffix. This parameter is applied to all
+ the tiers within the VPC. That implies, all the tiers you create in the VPC belong to
+ the same DNS domain. If the parameter is not specified, a DNS domain name is generated
+ automatically.
+
+
+
+
+
diff --git a/docs/en-US/added-API-commands.xml b/docs/en-US/added-API-commands.xml
index b63895e7973..237c524b75f 100644
--- a/docs/en-US/added-API-commands.xml
+++ b/docs/en-US/added-API-commands.xml
@@ -3,165 +3,332 @@
%BOOK_ENTITIES;
]>
-
-
-
-
- Added API commands
- Added in 3.0.3:
-
- enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)
- disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)
- deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)
- listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well as the IP address of the Nexus 1000v dvSwitch.)
-
- Added in 3.0.2:
-
- changeServiceForSystemVm
- Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.
-
-
- Added in 3.0.1:
-
- changeServiceForSystemVm
- Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.
-
-
- Added in 3.0.0:
-
-
-
-
-
-
-
- assignVirtualMachine (Move a user VM to another user under same domain.)
- restoreVirtualMachine (Restore a VM to original template or specific snapshot)
- createLBStickinessPolicy (Creates a Load Balancer stickiness policy )
-
-
- deleteLBStickinessPolicy (Deletes a LB stickiness policy.)
- listLBStickinessPolicies (Lists LBStickiness policies.)
- ldapConfig (Configure the LDAP context for this site.)
-
-
- addSwift (Adds Swift.)
- listSwifts (List Swift.)
- migrateVolume (Migrate volume)
-
-
- updateStoragePool (Updates a storage pool.)
- authorizeSecurityGroupEgress (Authorizes a particular egress rule for this security group)
- revokeSecurityGroupEgress (Deletes a particular egress rule from this security group)
-
-
- createNetworkOffering (Creates a network offering.)
- deleteNetworkOffering (Deletes a network offering.)
- createProject (Creates a project)
-
-
- deleteProject (Deletes a project)
- updateProject (Updates a project)
- activateProject (Activates a project)
-
-
- suspendProject (Suspends a project)
- listProjects (Lists projects and provides detailed information for listed projects)
- addAccountToProject (Adds acoount to a project)
-
-
- deleteAccountFromProject (Deletes account from the project)
- listProjectAccounts (Lists project's accounts)
- listProjectInvitations (Lists an account's invitations to join projects)
-
-
- updateProjectInvitation (Accepts or declines project invitation)
- deleteProjectInvitation (Deletes a project invitation)
- updateHypervisorCapabilities (Updates a hypervisor capabilities.)
-
-
- listHypervisorCapabilities (Lists all hypervisor capabilities.)
- createPhysicalNetwork (Creates a physical network)
- deletePhysicalNetwork (Deletes a Physical Network.)
-
-
- listPhysicalNetworks (Lists physical networks)
- updatePhysicalNetwork (Updates a physical network)
- listSupportedNetworkServices (Lists all network services provided by &PRODUCT; or for the given Provider.)
-
-
- addNetworkServiceProvider (Adds a network serviceProvider to a physical network)
- deleteNetworkServiceProvider (Deletes a Network Service Provider.)
- listNetworkServiceProviders (Lists network serviceproviders for a given physical network.)
-
-
- updateNetworkServiceProvider (Updates a network serviceProvider of a physical network)
- addTrafficType (Adds traffic type to a physical network)
- deleteTrafficType (Deletes traffic type of a physical network)
-
-
- listTrafficTypes (Lists traffic types of a given physical network.)
- updateTrafficType (Updates traffic type of a physical network)
- listTrafficTypeImplementors (Lists implementors of implementor of a network traffic type or implementors of all network traffic types)
-
-
- createStorageNetworkIpRange (Creates a Storage network IP range.)
- deleteStorageNetworkIpRange (Deletes a storage network IP Range.)
- listStorageNetworkIpRange (List a storage network IP range.)
-
-
- updateStorageNetworkIpRange (Update a Storage network IP range, only allowed when no IPs in this range have been allocated.)
- listUsageTypes (List Usage Types)
- addF5LoadBalancer (Adds a F5 BigIP load balancer device)
-
-
- configureF5LoadBalancer (configures a F5 load balancer device)
- deleteF5LoadBalancer ( delete a F5 load balancer device)
- listF5LoadBalancers (lists F5 load balancer devices)
-
-
- listF5LoadBalancerNetworks (lists network that are using a F5 load balancer device)
- addSrxFirewall (Adds a SRX firewall device)
- deleteSrxFirewall ( delete a SRX firewall device)
-
-
- listSrxFirewalls (lists SRX firewall devices in a physical network)
- listSrxFirewallNetworks (lists network that are using SRX firewall device)
- addNetscalerLoadBalancer (Adds a netscaler load balancer device)
-
-
- deleteNetscalerLoadBalancer ( delete a netscaler load balancer device)
- configureNetscalerLoadBalancer (configures a netscaler load balancer device)
- listNetscalerLoadBalancers (lists netscaler load balancer devices)
-
-
- listNetscalerLoadBalancerNetworks (lists network that are using a netscaler load balancer device)
- createVirtualRouterElement (Create a virtual router element.)
- configureVirtualRouterElement (Configures a virtual router element.)
-
-
- listVirtualRouterElements (Lists all available virtual router elements.)
-
-
-
-
-
-
-
+
+ Added API commands
+ Added in 4.0
+
+
+ createCounter (Adds metric counter)
+
+
+ deleteCounter (Deletes a counter)
+
+
+ listCounters (List the counters)
+
+
+ createCondition (Creates a condition)
+
+
+ deleteCondition (Removes a condition)
+
+
+ listConditions (List Conditions for the specific user)
+
+
+ createTags. Add tags to one or more resources. Example:
+ command=createTags
+&resourceIds=1,10,12
+&resourceType=userVm
+&tags[0].key=region
+&tags[0].value=canada
+&tags[1].key=city
+&tags[1].value=Toronto
+
+
+ deleteTags. Remove tags from one or more resources. Example:
+ command=deleteTags
+&resourceIds=1,12
+&resourceType=Snapshot
+&tags[0].key=city
+
+
+ listTags (Show currently defined resource tags)
+
+
+ createVPC (Creates a VPC)
+
+
+ listVPCs (Lists VPCs)
+
+
+ deleteVPC (Deletes a VPC)
+
+
+ updateVPC (Updates a VPC)
+
+
+ restartVPC (Restarts a VPC)
+
+
+ createVPCOffering (Creates VPC offering)
+
+
+ updateVPCOffering (Updates VPC offering)
+
+
+ deleteVPCOffering (Deletes VPC offering)
+
+
+ listVPCOfferings (Lists VPC offerings)
+
+
+ createPrivateGateway (Creates a private gateway)
+
+
+ listPrivateGateways (List private gateways)
+
+
+ deletePrivateGateway (Deletes a Private gateway)
+
+
+ createNetworkACL (Creates a ACL rule the given network (the network has to belong to
+ VPC))
+
+
+ deleteNetworkACL (Deletes a Network ACL)
+
+
+ listNetworkACLs (Lists all network ACLs)
+
+
+ createStaticRoute (Creates a static route)
+
+
+ deleteStaticRoute (Deletes a static route)
+
+
+ listStaticRoutes (Lists all static routes)
+
+
+ createVpnCustomerGateway (Creates site to site vpn customer gateway)
+
+
+ createVpnGateway (Creates site to site vpn local gateway)
+
+
+ createVpnConnection (Create site to site vpn connection)
+
+
+ deleteVpnCustomerGateway (Delete site to site vpn customer gateway)
+
+
+ deleteVpnGateway (Delete site to site vpn gateway)
+
+
+ deleteVpnConnection (Delete site to site vpn connection)
+
+
+ updateVpnCustomerGateway (Update site to site vpn customer gateway)
+
+
+ resetVpnConnection (Reset site to site vpn connection)
+
+
+ listVpnCustomerGateways (Lists site to site vpn customer gateways)
+
+
+ listVpnGateways (Lists site 2 site vpn gateways)
+
+
+ listVpnConnections (Lists site to site vpn connection gateways)
+
+
+ Added in 3.0.3:
+
+
+ enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)
+
+
+ disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)
+
+
+ deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)
+
+
+ listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well
+ as the IP address of the Nexus 1000v dvSwitch.)
+
+
+ Added in 3.0.2:
+
+
+ changeServiceForSystemVm
+ Changes the service offering for a system VM (console proxy or secondary storage). The
+ system VM must be in a "Stopped" state for this command to take effect.
+
+
+ Added in 3.0.1:
+
+
+ changeServiceForSystemVm
+ Changes the service offering for a system VM (console proxy or secondary storage). The
+ system VM must be in a "Stopped" state for this command to take effect.
+
+
+ Added in 3.0.0:
+
+
+
+
+
+
+
+ assignVirtualMachine (Move a user VM to another user under same
+ domain.)
+ restoreVirtualMachine (Restore a VM to original template or specific
+ snapshot)
+ createLBStickinessPolicy (Creates a Load Balancer stickiness policy
+ )
+
+
+ deleteLBStickinessPolicy (Deletes a LB stickiness policy.)
+ listLBStickinessPolicies (Lists LBStickiness policies.)
+ ldapConfig (Configure the LDAP context for this site.)
+
+
+ addSwift (Adds Swift.)
+ listSwifts (List Swift.)
+ migrateVolume (Migrate volume)
+
+
+ updateStoragePool (Updates a storage pool.)
+ authorizeSecurityGroupEgress (Authorizes a particular egress rule for this
+ security group)
+ revokeSecurityGroupEgress (Deletes a particular egress rule from this
+ security group)
+
+
+ createNetworkOffering (Creates a network offering.)
+ deleteNetworkOffering (Deletes a network offering.)
+ createProject (Creates a project)
+
+
+ deleteProject (Deletes a project)
+ updateProject (Updates a project)
+ activateProject (Activates a project)
+
+
+ suspendProject (Suspends a project)
+ listProjects (Lists projects and provides detailed information for listed
+ projects)
+ addAccountToProject (Adds acoount to a project)
+
+
+ deleteAccountFromProject (Deletes account from the project)
+ listProjectAccounts (Lists project's accounts)
+ listProjectInvitations (Lists an account's invitations to join
+ projects)
+
+
+ updateProjectInvitation (Accepts or declines project
+ invitation)
+ deleteProjectInvitation (Deletes a project invitation)
+ updateHypervisorCapabilities (Updates a hypervisor
+ capabilities.)
+
+
+ listHypervisorCapabilities (Lists all hypervisor
+ capabilities.)
+ createPhysicalNetwork (Creates a physical network)
+ deletePhysicalNetwork (Deletes a Physical Network.)
+
+
+ listPhysicalNetworks (Lists physical networks)
+ updatePhysicalNetwork (Updates a physical network)
+ listSupportedNetworkServices (Lists all network services provided by
+ &PRODUCT; or for the given Provider.)
+
+
+ addNetworkServiceProvider (Adds a network serviceProvider to a physical
+ network)
+ deleteNetworkServiceProvider (Deletes a Network Service
+ Provider.)
+ listNetworkServiceProviders (Lists network serviceproviders for a given
+ physical network.)
+
+
+ updateNetworkServiceProvider (Updates a network serviceProvider of a physical
+ network)
+ addTrafficType (Adds traffic type to a physical network)
+ deleteTrafficType (Deletes traffic type of a physical network)
+
+
+ listTrafficTypes (Lists traffic types of a given physical
+ network.)
+ updateTrafficType (Updates traffic type of a physical network)
+ listTrafficTypeImplementors (Lists implementors of implementor of a network
+ traffic type or implementors of all network traffic types)
+
+
+ createStorageNetworkIpRange (Creates a Storage network IP
+ range.)
+ deleteStorageNetworkIpRange (Deletes a storage network IP
+ Range.)
+ listStorageNetworkIpRange (List a storage network IP range.)
+
+
+ updateStorageNetworkIpRange (Update a Storage network IP range, only allowed
+ when no IPs in this range have been allocated.)
+ listUsageTypes (List Usage Types)
+ addF5LoadBalancer (Adds a F5 BigIP load balancer device)
+
+
+ configureF5LoadBalancer (configures a F5 load balancer device)
+ deleteF5LoadBalancer ( delete a F5 load balancer device)
+ listF5LoadBalancers (lists F5 load balancer devices)
+
+
+ listF5LoadBalancerNetworks (lists network that are using a F5 load balancer
+ device)
+ addSrxFirewall (Adds a SRX firewall device)
+ deleteSrxFirewall ( delete a SRX firewall device)
+
+
+ listSrxFirewalls (lists SRX firewall devices in a physical
+ network)
+ listSrxFirewallNetworks (lists network that are using SRX firewall
+ device)
+ addNetscalerLoadBalancer (Adds a netscaler load balancer
+ device)
+
+
+ deleteNetscalerLoadBalancer ( delete a netscaler load balancer
+ device)
+ configureNetscalerLoadBalancer (configures a netscaler load balancer
+ device)
+ listNetscalerLoadBalancers (lists netscaler load balancer
+ devices)
+
+
+ listNetscalerLoadBalancerNetworks (lists network that are using a netscaler
+ load balancer device)
+ createVirtualRouterElement (Create a virtual router element.)
+ configureVirtualRouterElement (Configures a virtual router
+ element.)
+
+
+ listVirtualRouterElements (Lists all available virtual router
+ elements.)
+
+
+
+
+
+
+
diff --git a/docs/en-US/advanced-zone-configuration.xml b/docs/en-US/advanced-zone-configuration.xml
index 85909e3a08b..84649db96ef 100644
--- a/docs/en-US/advanced-zone-configuration.xml
+++ b/docs/en-US/advanced-zone-configuration.xml
@@ -1,182 +1,380 @@
-
%BOOK_ENTITIES;
]>
-
-
- Advanced Zone Configuration
-
- After you select Advanced in the Add Zone wizard and click Next, you will be asked to enter the following details. Then click Next.
-
- Name. A name for the zone.
- DNS 1 and 2. These are DNS servers for use by guest VMs in the zone. These DNS servers will be accessed via the public network you will add later. The public IP addresses for the zone must have a route to the DNS server named here.
- Internal DNS 1 and Internal DNS 2. These are DNS servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will be accessed via the management traffic network interface of the System VMs. The private IP address you provide for the pods must have a route to the internal DNS server named here.
- Network Domain. (Optional) If you want to assign a special domain name to the guest VM network, specify the DNS suffix.
- Guest CIDR. This is the CIDR that describes the IP addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24. As a matter of good practice you should set different CIDRs for different zones. This will make it easier to set up VPNs between networks in different zones.
- Hypervisor. (Introduced in version 3.0.1) Choose the hypervisor for the first cluster in the zone. You can add clusters with different hypervisors later, after you finish adding the zone.
- Public. A public zone is available to all users. A zone that is not public will be assigned to a particular domain. Only users in that domain will be allowed to create guest VMs in this zone.
-
-
- Choose which traffic types will be carried by the physical network.
- The traffic types are management, public, guest, and storage traffic. For more information about the types, roll over the icons to display their tool tips, or see . This screen starts out with one network already configured. If you have multiple physical networks, you need to add more. Drag and drop traffic types onto a greyed-out network and it will become active. You can move the traffic icons from one network to another; for example, if the default traffic types shown for Network 1 do not match your actual setup, you can move them down. You can also change the network names if desired.
-
- (Introduced in version 3.0.1) Assign a network traffic label to each traffic type on each physical network. These labels must match the labels you have already defined on the hypervisor host. To assign each label, click the Edit button under the traffic type icon within each physical network. A popup dialog appears where you can type the label, then click OK.
- These traffic labels will be defined only for the hypervisor selected for the first cluster. For all other hypervisors, the labels can be configured after the zone is created.
- (VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify the corresponding Ethernet port profile names as network traffic label for each traffic type on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere Cluster with Nexus 1000v Virtual Switch.
-
- Click Next.
-
- Configure the IP range for public Internet traffic. Enter the following details, then click Add. If desired, you can repeat this step to add more public Internet IP ranges. When done, click Next.
-
- Gateway. The gateway in use for these IP addresses.
- Netmask. The netmask associated with this IP range.
- VLAN. The VLAN that will be used for public traffic.
- Start IP/End IP. A range of IP addresses that are assumed to be accessible from the Internet and will be allocated for access to guest networks.
-
-
- In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later. For an overview of what a pod is, see .
- To configure the first pod, enter the following, then click Next:
-
- Pod Name. A name for the pod.
- Reserved system gateway. The gateway for the hosts in that pod.
- Reserved system netmask. The network prefix that defines the pod's subnet. Use CIDR notation.
- Start/End Reserved System IP. The IP range in the management network that &PRODUCT; uses to manage various system VMs, such as Secondary Storage VMs, Console Proxy VMs, and DHCP. For more information, see .
-
-
- Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN Allocation Example ), then click Next.
-
- In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters later. For an overview of what a cluster is, see .
- To configure the first cluster, enter the following, then click Next:
-
- Hypervisor. (Version 3.0.0 only; in 3.0.1, this field is read only) Choose the type of hypervisor software that all hosts in this cluster will run. If you choose VMware, additional fields appear so you can give information about a vSphere cluster. For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add Cluster: vSphere .
- Cluster name. Enter a name for the cluster. This can be text of your choosing and is not used by &PRODUCT;.
-
-
- In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts later. For an overview of what a host is, see .
- When you deploy &PRODUCT;, the hypervisor host must not have any VMs already running.
- Before you can configure the host, you need to install the hypervisor software on the host. You will need to know which version of the hypervisor software version is supported by &PRODUCT; and what additional configuration is required to ensure the host will work with &PRODUCT;. To find these installation details, see:
-
- Citrix XenServer Installation for &PRODUCT;
- VMware vSphere Installation and Configuration
- KVM Installation and Configuration
- Oracle VM (OVM) Installation and Configuration
-
- To configure the first host, enter the following, then click Next:
-
- Host Name. The DNS name or IP address of the host.
- Username. Usually root.
- Password. This is the password for the user named above (from your XenServer or KVM install).
- Host Tags. (Optional) Any labels that you use to categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag (set in the ha.tag global configuration parameter) if you want this host to be used only for VMs with the "high availability" feature enabled. For more information, see HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration Guide.
-
-
- In a new cluster, &PRODUCT; adds the first primary storage server for you. You can always add more servers later. For an overview of what primary storage is, see .
- To configure the first primary storage server, enter the following, then click Next:
-
- Name. The name of the storage device.
- Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on what you choose here.
-
-
-
-
-
-
- NFS
-
-
- Server. The IP address or DNS name of the storage device.
- Path. The exported path from the server.
-
- Tags (optional). The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.
- The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-
-
-
-
-
- iSCSI
-
-
- Server. The IP address or DNS name of the storage device.
- Target IQN. The IQN of the target. For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.
- Lun. The LUN number. For example, 3.
-
- Tags (optional). The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.
- The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-
-
-
-
-
- preSetup
-
-
- Server. The IP address or DNS name of the storage device.
- SR Name-Label. Enter the name-label of the SR that has been set up outside &PRODUCT;.
-
- Tags (optional). The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.
- The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-
-
-
-
-
- SharedMountPoint
-
-
- Path. The path on each host that is where this primary storage is mounted. For example, "/mnt/primary".
-
- Tags (optional). The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.
- The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-
-
-
-
-
- VMFS
-
-
- Server. The IP address or DNS name of the vCenter server.
- Path. A combination of the datacenter name and the datastore name. The format is "/" datacenter name "/" datastore name. For example, "/cloud.dc.VM/cluster1datastore".
-
- Tags (optional). The comma-separated list of tags for this storage device. It should be an equivalent set or superset of the tags on your disk offerings.
- The tag sets on primary storage across clusters in a Zone must be identical. For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-
-
-
-
-
-
-
-
-
-
- In a new zone, &PRODUCT; adds the first secondary storage server for you. For an overview of what secondary storage is, see .
- Before you can fill out this screen, you need to prepare the secondary storage by setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding Secondary Storage :
-
- NFS Server. The IP address of the server.
- Path. The exported path from the server.
-
-
- Click Launch.
-
-
+ Advanced Zone Configuration
+
+
+ After you select Advanced in the Add Zone wizard and click Next, you will be asked to
+ enter the following details. Then click Next.
+
+
+ Name. A name for the zone.
+
+
+ DNS 1 and 2. These are DNS servers for use by guest
+ VMs in the zone. These DNS servers will be accessed via the public network you will add
+ later. The public IP addresses for the zone must have a route to the DNS server named
+ here.
+
+
+ Internal DNS 1 and Internal DNS 2. These are DNS
+ servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such
+ as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will
+ be accessed via the management traffic network interface of the System VMs. The private
+ IP address you provide for the pods must have a route to the internal DNS server named
+ here.
+
+
+ Network Domain. (Optional) If you want to assign a
+ special domain name to the guest VM network, specify the DNS suffix.
+
+
+ Guest CIDR. This is the CIDR that describes the IP
+ addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24.
+ As a matter of good practice you should set different CIDRs for different zones. This
+ will make it easier to set up VPNs between networks in different zones.
+
+
+ Hypervisor. (Introduced in version 3.0.1) Choose
+ the hypervisor for the first cluster in the zone. You can add clusters with different
+ hypervisors later, after you finish adding the zone.
+
+
+ Public. A public zone is available to all users. A
+ zone that is not public will be assigned to a particular domain. Only users in that
+ domain will be allowed to create guest VMs in this zone.
+
+
+
+
+ Choose which traffic types will be carried by the physical network.
+ The traffic types are management, public, guest, and storage traffic. For more
+ information about the types, roll over the icons to display their tool tips, or see . This screen starts out with one network
+ already configured. If you have multiple physical networks, you need to add more. Drag and
+ drop traffic types onto a greyed-out network and it will become active. You can move the
+ traffic icons from one network to another; for example, if the default traffic types shown
+ for Network 1 do not match your actual setup, you can move them down. You can also change
+ the network names if desired.
+
+
+ (Introduced in version 3.0.1) Assign a network traffic label to each traffic type on
+ each physical network. These labels must match the labels you have already defined on the
+ hypervisor host. To assign each label, click the Edit button under the traffic type icon
+ within each physical network. A popup dialog appears where you can type the label, then
+ click OK.
+ These traffic labels will be defined only for the hypervisor selected for the first
+ cluster. For all other hypervisors, the labels can be configured after the zone is
+ created.
+ (VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify
+ the corresponding Ethernet port profile names as network traffic label for each traffic type
+ on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere
+ Cluster with Nexus 1000v Virtual Switch.
+
+
+ Click Next.
+
+
+ Configure the IP range for public Internet traffic. Enter the following details, then
+ click Add. If desired, you can repeat this step to add more public Internet IP ranges. When
+ done, click Next.
+
+
+ Gateway. The gateway in use for these IP
+ addresses.
+
+
+ Netmask. The netmask associated with this IP
+ range.
+
+
+ VLAN. The VLAN that will be used for public
+ traffic.
+
+
+ Start IP/End IP. A range of IP addresses that are
+ assumed to be accessible from the Internet and will be allocated for access to guest
+ networks.
+
+
+
+
+ In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later.
+ For an overview of what a pod is, see .
+ To configure the first pod, enter the following, then click Next:
+
+
+ Pod Name. A name for the pod.
+
+
+ Reserved system gateway. The gateway for the hosts
+ in that pod.
+
+
+ Reserved system netmask. The network prefix that
+ defines the pod's subnet. Use CIDR notation.
+
+
+ Start/End Reserved System IP. The IP range in the
+ management network that &PRODUCT; uses to manage various system VMs, such as Secondary
+ Storage VMs, Console Proxy VMs, and DHCP. For more information, see .
+
+
+
+
+ Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN
+ Allocation Example ), then click Next.
+
+
+ In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters
+ later. For an overview of what a cluster is, see .
+ To configure the first cluster, enter the following, then click Next:
+
+
+ Hypervisor. (Version 3.0.0 only; in 3.0.1, this
+ field is read only) Choose the type of hypervisor software that all hosts in this
+ cluster will run. If you choose VMware, additional fields appear so you can give
+ information about a vSphere cluster. For vSphere servers, we recommend creating the
+ cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add
+ Cluster: vSphere .
+
+
+ Cluster name. Enter a name for the cluster. This
+ can be text of your choosing and is not used by &PRODUCT;.
+
+
+
+
+ In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts
+ later. For an overview of what a host is, see .
+
+ When you deploy &PRODUCT;, the hypervisor host must not have any VMs already
+ running.
+
+ Before you can configure the host, you need to install the hypervisor software on the
+ host. You will need to know which version of the hypervisor software version is supported by
+ &PRODUCT; and what additional configuration is required to ensure the host will work with
+ &PRODUCT;. To find these installation details, see:
+
+
+ Citrix XenServer Installation for &PRODUCT;
+
+
+ VMware vSphere Installation and Configuration
+
+
+ KVM Installation and Configuration
+
+
+ Oracle VM (OVM) Installation and Configuration
+
+
+ To configure the first host, enter the following, then click Next:
+
+
+ Host Name. The DNS name or IP address of the
+ host.
+
+
+ Username. Usually root.
+
+
+ Password. This is the password for the user named
+ above (from your XenServer or KVM install).
+
+
+ Host Tags. (Optional) Any labels that you use to
+ categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag
+ (set in the ha.tag global configuration parameter) if you want this host to be used only
+ for VMs with the "high availability" feature enabled. For more information, see
+ HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration
+ Guide.
+
+
+
+
+ In a new cluster, &PRODUCT; adds the first primary storage server for you. You can
+ always add more servers later. For an overview of what primary storage is, see .
+ To configure the first primary storage server, enter the following, then click
+ Next:
+
+
+ Name. The name of the storage device.
+
+
+ Protocol. For XenServer, choose either NFS, iSCSI,
+ or PreSetup. For KVM, choose NFS or SharedMountPoint. For vSphere choose either VMFS
+ (iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on
+ what you choose here.
+
+
+
+
+
+
+ NFS
+
+
+
+ Server. The IP address or DNS name of
+ the storage device.
+
+
+ Path. The exported path from the
+ server.
+
+
+ Tags (optional). The comma-separated
+ list of tags for this storage device. It should be an equivalent set or
+ superset of the tags on your disk offerings.
+
+
+ The tag sets on primary storage across clusters in a Zone must be
+ identical. For example, if cluster A provides primary storage that has tags T1
+ and T2, all other clusters in the Zone must also provide primary storage that
+ has tags T1 and T2.
+
+
+
+ iSCSI
+
+
+
+ Server. The IP address or DNS name of
+ the storage device.
+
+
+ Target IQN. The IQN of the target.
+ For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.
+
+
+ Lun. The LUN number. For example,
+ 3.
+
+
+ Tags (optional). The comma-separated
+ list of tags for this storage device. It should be an equivalent set or
+ superset of the tags on your disk offerings.
+
+
+ The tag sets on primary storage across clusters in a Zone must be
+ identical. For example, if cluster A provides primary storage that has tags T1
+ and T2, all other clusters in the Zone must also provide primary storage that
+ has tags T1 and T2.
+
+
+
+ preSetup
+
+
+
+ Server. The IP address or DNS name of
+ the storage device.
+
+
+ SR Name-Label. Enter the name-label
+ of the SR that has been set up outside &PRODUCT;.
+
+
+ Tags (optional). The comma-separated
+ list of tags for this storage device. It should be an equivalent set or
+ superset of the tags on your disk offerings.
+
+
+ The tag sets on primary storage across clusters in a Zone must be
+ identical. For example, if cluster A provides primary storage that has tags T1
+ and T2, all other clusters in the Zone must also provide primary storage that
+ has tags T1 and T2.
+
+
+
+ SharedMountPoint
+
+
+
+ Path. The path on each host that is
+ where this primary storage is mounted. For example, "/mnt/primary".
+
+
+ Tags (optional). The comma-separated
+ list of tags for this storage device. It should be an equivalent set or
+ superset of the tags on your disk offerings.
+
+
+ The tag sets on primary storage across clusters in a Zone must be
+ identical. For example, if cluster A provides primary storage that has tags T1
+ and T2, all other clusters in the Zone must also provide primary storage that
+ has tags T1 and T2.
+
+
+
+ VMFS
+
+
+
+ Server. The IP address or DNS name of
+ the vCenter server.
+
+
+ Path. A combination of the datacenter
+ name and the datastore name. The format is "/" datacenter name "/"
+ datastore name. For example, "/cloud.dc.VM/cluster1datastore".
+
+
+ Tags (optional). The comma-separated
+ list of tags for this storage device. It should be an equivalent set or
+ superset of the tags on your disk offerings.
+
+
+ The tag sets on primary storage across clusters in a Zone must be
+ identical. For example, if cluster A provides primary storage that has tags T1
+ and T2, all other clusters in the Zone must also provide primary storage that
+ has tags T1 and T2.
+
+
+
+
+
+
+
+
+
+ In a new zone, &PRODUCT; adds the first secondary storage server for you. For an
+ overview of what secondary storage is, see .
+ Before you can fill out this screen, you need to prepare the secondary storage by
+ setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding
+ Secondary Storage :
+
+
+ NFS Server. The IP address of the server.
+
+
+ Path. The exported path from the server.
+
+
+
+
+ Click Launch.
+
+
diff --git a/docs/en-US/advanced-zone-physical-network-configuration.xml b/docs/en-US/advanced-zone-physical-network-configuration.xml
index 4c44c7d4a42..2c3d9b3542a 100644
--- a/docs/en-US/advanced-zone-physical-network-configuration.xml
+++ b/docs/en-US/advanced-zone-physical-network-configuration.xml
@@ -3,26 +3,27 @@
%BOOK_ENTITIES;
]>
-
-
- Advanced Zone Physical Network Configuration
- Within a zone that uses advanced networking, you need to tell the Management Server how the physical network is set up to carry different kinds of traffic in isolation.
-
+ Advanced Zone Physical Network Configuration
+ Within a zone that uses advanced networking, you need to tell the Management Server how the
+ physical network is set up to carry different kinds of traffic in isolation.
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/api-overview.xml b/docs/en-US/api-overview.xml
new file mode 100644
index 00000000000..a541049e116
--- /dev/null
+++ b/docs/en-US/api-overview.xml
@@ -0,0 +1,38 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ &PRODUCT; API
+ The &PRODUCT; API is a low level API that has been used to implement the &PRODUCT; web UIs.
+ It is also a good basis for implementing other popular APIs such as EC2/S3 and emerging DMTF
+ standards.
+ Many &PRODUCT; API calls are asynchronous. These will return a Job ID immediately when
+ called. This Job ID can be used to query the status of the job later. Also, status calls on
+ impacted resources will provide some indication of their state.
+ The API has a REST-like query basis and returns results in XML or JSON.
+ See the
+ Developer’s Guide and the API
+ Reference.
+
+
+
+
diff --git a/docs/en-US/automatic-snapshot-creation-retention.xml b/docs/en-US/automatic-snapshot-creation-retention.xml
index ee4cf73f957..54fbe68e5bb 100644
--- a/docs/en-US/automatic-snapshot-creation-retention.xml
+++ b/docs/en-US/automatic-snapshot-creation-retention.xml
@@ -3,28 +3,34 @@
%BOOK_ENTITIES;
]>
-
-
- Automatic Snapshot Creation and Retention
- (Supported for the following hypervisors: XenServer, VMware vSphere, and KVM)
- Users can set up a recurring snapshot policy to automatically create multiple snapshots of a disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly interval. One snapshot policy can be set up per disk volume. For example, a user can set up a daily snapshot at 02:30.
- With each snapshot schedule, users can also specify the number of scheduled snapshots to be retained. Older snapshots that exceed the retention limit are automatically deleted. This user-defined limit must be equal to or lower than the global limit set by the &PRODUCT; administrator. See . The limit applies only to those snapshots that are taken as part of an automatic recurring snapshot policy. Additional manual snapshots can be created and retained.
-
+ Automatic Snapshot Creation and Retention
+ (Supported for the following hypervisors: XenServer,
+ VMware vSphere, and KVM)
+ Users can set up a recurring snapshot policy to automatically create multiple snapshots of a
+ disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly
+ interval. One snapshot policy can be set up per disk volume. For example, a user can set up a
+ daily snapshot at 02:30.
+ With each snapshot schedule, users can also specify the number of scheduled snapshots to be
+ retained. Older snapshots that exceed the retention limit are automatically deleted. This
+ user-defined limit must be equal to or lower than the global limit set by the &PRODUCT;
+ administrator. See . The limit applies only to those
+ snapshots that are taken as part of an automatic recurring snapshot policy. Additional manual
+ snapshots can be created and retained.
+
\ No newline at end of file
diff --git a/docs/en-US/change-to-behavior-of-list-commands.xml b/docs/en-US/change-to-behavior-of-list-commands.xml
index 4e53590a773..9065398ef62 100644
--- a/docs/en-US/change-to-behavior-of-list-commands.xml
+++ b/docs/en-US/change-to-behavior-of-list-commands.xml
@@ -1,89 +1,109 @@
-
%BOOK_ENTITIES;
]>
-
-
- Change to Behavior of List Commands
- There was a major change in how our List* API commands work in CloudStack 3.0 compared to 2.2.x. The rules below apply only for managed resources – those that belong to an account, domain, or project. They are irrelevant for the List* commands displaying unmanaged (system) resources, such as hosts, clusters, and external network resources.
- When no parameters are passed in to the call, the caller sees only resources owned by the caller (even when the caller is the administrator). Previously, the administrator saw everyone else's resources by default.
- When accountName and domainId are passed in:
-
- The caller sees the resources dedicated to the account specified.
- If the call is executed by a regular user, the user is authorized to specify only the user's own account and domainId.
- If the caller is a domain administrator, CloudStack performs an authorization check to see whether the caller is permitted to view resources for the given account and domainId.
-
- When projectId is passed in, only resources belonging to that project are listed.
- When domainId is passed in, the call returns only resources belonging to the domain specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the regular user can see only resources owned by that user, the root administrator can list anything, and a domain administrator is authorized to see only resources of the administrator's own domain and subdomains.
- To see all resources the caller is authorized to see, except for Project resources, use the parameter listAll=true.
- To see all Project resources the caller is authorized to see, use the parameter projectId=-1.
- There is one API command that doesn't fall under the rules above completely: the listTemplates command. This command has its own flags defining the list rules:
-
-
-
-
-
-
- listTemplates Flag
- Description
-
-
-
-
- featured
- Returns templates that have been marked as featured and public.
-
-
-
- self
- Returns templates that have been registered or created by the calling user.
-
-
-
- selfexecutable
- Same as self, but only returns templates that are ready to be deployed with.
-
-
-
- sharedexecutable
- Ready templates that have been granted to the calling user by another user.
-
-
-
- executable
- Templates that are owned by the calling user, or public templates, that can be used to deploy a new VM.
-
-
-
- community
- Returns templates that have been marked as public but not featured.
-
-
-
- all
- Returns all templates (only usable by admins).
-
-
-
-
- The &PRODUCT; UI on a general view will display all resources that the logged-in user is authorized to see, except for project resources. To see the project resources, select the project view.
-
+ Change to Behavior of List Commands
+ There was a major change in how our List* API commands work in CloudStack 3.0 compared to
+ 2.2.x. The rules below apply only for managed resources – those that belong to an account,
+ domain, or project. They are irrelevant for the List* commands displaying unmanaged (system)
+ resources, such as hosts, clusters, and external network resources.
+ When no parameters are passed in to the call, the caller sees only resources owned by the
+ caller (even when the caller is the administrator). Previously, the administrator saw everyone
+ else's resources by default.
+ When accountName and domainId are passed in:
+
+
+ The caller sees the resources dedicated to the account specified.
+
+
+ If the call is executed by a regular user, the user is authorized to specify only the
+ user's own account and domainId.
+
+
+ If the caller is a domain administrator, CloudStack performs an authorization check to
+ see whether the caller is permitted to view resources for the given account and
+ domainId.
+
+
+ When projectId is passed in, only resources belonging to that project are listed.
+ When domainId is passed in, the call returns only resources belonging to the domain
+ specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the
+ regular user can see only resources owned by that user, the root administrator can list
+ anything, and a domain administrator is authorized to see only resources of the administrator's
+ own domain and subdomains.
+ To see all resources the caller is authorized to see, except for Project resources, use the
+ parameter listAll=true.
+ To see all Project resources the caller is authorized to see, use the parameter
+ projectId=-1.
+ There is one API command that doesn't fall under the rules above completely: the
+ listTemplates command. This command has its own flags defining the list rules:
+
+
+
+
+
+
+ listTemplates Flag
+ Description
+
+
+
+
+ featured
+ Returns templates that have been marked as featured and
+ public.
+
+
+ self
+ Returns templates that have been registered or created by the calling
+ user.
+
+
+ selfexecutable
+ Same as self, but only returns templates that are ready to be deployed
+ with.
+
+
+ sharedexecutable
+ Ready templates that have been granted to the calling user by another
+ user.
+
+
+ executable
+ Templates that are owned by the calling user, or public templates, that can
+ be used to deploy a new VM.
+
+
+ community
+ Returns templates that have been marked as public but not
+ featured.
+
+
+ all
+ Returns all templates (only usable by admins).
+
+
+
+
+ The &PRODUCT; UI on a general view will display all resources that the logged-in user is
+ authorized to see, except for project resources. To see the project resources, select the
+ project view.
+
+
diff --git a/docs/en-US/changed-apicommands-4.0.xml b/docs/en-US/changed-apicommands-4.0.xml
new file mode 100644
index 00000000000..f851bf71b46
--- /dev/null
+++ b/docs/en-US/changed-apicommands-4.0.xml
@@ -0,0 +1,268 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Changed API Commands in 4.0
+
+
+
+
+
+
+ API Commands
+ Description
+
+
+
+
+
+ copyTemplate
+ prepareTemplate
+ registerTemplate
+ updateTemplate
+ createProject
+ activateProject
+ suspendProject
+ updateProject
+ listProjectAccounts
+ createVolume
+ migrateVolume
+ attachVolume
+ detachVolume
+ uploadVolume
+ createSecurityGroup
+ registerIso
+ copyIso
+ updateIso
+ createIpForwardingRule
+ listIpForwardingRules
+ createLoadBalancerRule
+ updateLoadBalancerRule
+ createSnapshot
+
+
+ The commands in this list have a single new response parameter, and no other
+ changes.
+ New response parameter: tags(*)
+
+ Many other commands also have the new tags(*) parameter in addition to other
+ changes; those commands are listed separately.
+
+
+
+
+ rebootVirtualMachine
+ attachIso
+ detachIso
+ listLoadBalancerRuleInstances
+ resetPasswordForVirtualMachine
+ changeServiceForVirtualMachine
+ recoverVirtualMachine
+ startVirtualMachine
+ migrateVirtualMachine
+ deployVirtualMachine
+ assignVirtualMachine
+ updateVirtualMachine
+ restoreVirtualMachine
+ stopVirtualMachine
+ destroyVirtualMachine
+
+
+ The commands in this list have two new response parameters, and no other
+ changes.
+ New response parameters: keypair, tags(*)
+
+
+
+
+ listSecurityGroups
+ listFirewallRules
+ listPortForwardingRules
+ listSnapshots
+ listIsos
+ listProjects
+ listTemplates
+ listLoadBalancerRules
+
+ The commands in this list have the following new parameters, and no other
+ changes.
+ New request parameter: tags (optional)
+ New response parameter: tags(*)
+
+
+
+
+ listF5LoadBalancerNetworks
+ listNetscalerLoadBalancerNetworks
+ listSrxFirewallNetworks
+ updateNetwork
+
+
+ The commands in this list have three new response parameters, and no other
+ changes.
+ New response parameters: canusefordeploy, vpcid, tags(*)
+
+
+
+
+ createZone
+ updateZone
+
+ The commands in this list have the following new parameters, and no other
+ changes.
+ New request parameter: localstorageenabled (optional)
+ New response parameter: localstorageenabled
+
+
+
+ listZones
+ New response parameter: localstorageenabled
+
+
+
+ rebootRouter
+ changeServiceForRouter
+ startRouter
+ destroyRouter
+ stopRouter
+
+ The commands in this list have two new response parameters, and no other
+ changes.
+ New response parameters: vpcid, nic(*)
+
+
+
+ updateAccount
+ disableAccount
+ listAccounts
+ markDefaultZoneForAccount
+ enableAccount
+
+ The commands in this list have three new response parameters, and no other
+ changes.
+ New response parameters: vpcavailable, vpclimit, vpctotal
+
+
+ listRouters
+
+ New request parameters: forvpc (optional), vpcid (optional)
+ New response parameters: vpcid, nic(*)
+
+
+
+ listNetworkOfferings
+
+ New request parameters: forvpc (optional)
+ New response parameters: forvpc
+
+
+
+ listVolumes
+
+ New request parameters: details (optional), tags (optional)
+ New response parameters: tags(*)
+
+
+
+ addTrafficMonitor
+
+ New request parameters: excludezones (optional), includezones (optional)
+
+
+
+ createNetwork
+
+ New request parameters: vpcid (optional)
+ New response parameters: canusefordeploy, vpcid, tags(*)
+
+
+
+ listPublicIpAddresses
+
+ New request parameters: tags (optional), vpcid (optional)
+ New response parameters: vpcid, tags(*)
+
+
+
+ listNetworks
+
+ New request parameters: canusefordeploy (optional), forvpc (optional), tags
+ (optional), vpcid (optional)
+ New response parameters: canusefordeploy, vpcid, tags(*)
+
+
+
+ restartNetwork
+
+ New response parameters: vpcid, tags(*)
+
+
+
+ enableStaticNat
+
+ New request parameter: networkid (optional)
+
+
+
+ createDiskOffering
+
+ New request parameter: storagetype (optional)
+ New response parameter: storagetype
+
+
+
+ listDiskOfferings
+
+ New response parameter: storagetype
+
+
+
+ updateDiskOffering
+
+ New response parameter: storagetype
+
+
+
+ createFirewallRule
+
+ Changed request parameters: ipaddressid (old version - optional, new version -
+ required)
+ New response parameter: tags(*)
+
+
+
+ listVirtualMachines
+
+ New request parameters: isoid (optional), tags (optional), templateid
+ (optional)
+ New response parameters: keypair, tags(*)
+
+
+
+ updateStorageNetworkIpRange
+
+ New response parameters: id, endip, gateway, netmask, networkid, podid, startip,
+ vlan, zoneid
+
+
+
+
+
+
diff --git a/docs/en-US/choosing_a_deployment_architecture.xml b/docs/en-US/choosing_a_deployment_architecture.xml
new file mode 100644
index 00000000000..ec59d8b2bd3
--- /dev/null
+++ b/docs/en-US/choosing_a_deployment_architecture.xml
@@ -0,0 +1,29 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Choosing a Deployment Architecture
+ The architecture used in a deployment will vary depending on the size and purpose of the deployment. This section contains examples of deployment architecture, including a small-scale deployment useful for test and trial deployments and a fully-redundant large-scale setup for production deployments.
+
+
+
+
+
+
diff --git a/docs/en-US/cloudstack.xml b/docs/en-US/cloudstack.xml
index 1e2b6c8b77f..906eadc24a6 100644
--- a/docs/en-US/cloudstack.xml
+++ b/docs/en-US/cloudstack.xml
@@ -1,53 +1,56 @@
-
%BOOK_ENTITIES;
]>
-
- CloudStack Guide
- Revised September 18, 2012 10:48 am Pacific
- Apache CloudStack (incubating)
- 3.0
- 1
-
-
- Complete technical documentation for Apache CloudStack.
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/compute-disk-service-offerings.xml b/docs/en-US/compute-disk-service-offerings.xml
index 2469dfe3a15..1fd2a91a38b 100644
--- a/docs/en-US/compute-disk-service-offerings.xml
+++ b/docs/en-US/compute-disk-service-offerings.xml
@@ -5,33 +5,32 @@
]>
-
Compute and Disk Service Offerings
- A service offering is a set of virtual hardware features such as CPU core count and speed, memory, and disk size. The CloudPlatform administrator can set up various offerings, and then end users choose from the available offerings when they create a new VM. A service offering includes the following elements:
+ A service offering is a set of virtual hardware features such as CPU core count and speed, memory, and disk size. The &PRODUCT; administrator can set up various offerings, and then end users choose from the available offerings when they create a new VM. A service offering includes the following elements:
CPU, memory, and network resource guarantees
How resources are metered
How the resource usage is charged
How often the charges are generated
- For example, one service offering might allow users to create a virtual machine instance that is equivalent to a 1 GHz Intel Core 2 CPU, with 1 GB memory at $0.20/hour, with network traffic metered at $0.10/GB. Based on the user’s selected offering, CloudPlatform emits usage records that can be integrated with billing systems. CloudPlatform separates service offerings into compute offerings and disk offerings. The computing service offering specifies:
+ For example, one service offering might allow users to create a virtual machine instance that is equivalent to a 1 GHz Intel® Core™ 2 CPU, with 1 GB memory at $0.20/hour, with network traffic metered at $0.10/GB. Based on the user’s selected offering, &PRODUCT; emits usage records that can be integrated with billing systems. &PRODUCT; separates service offerings into compute offerings and disk offerings. The computing service offering specifies:
Guest CPU
Guest RAM
@@ -43,4 +42,9 @@
Disk size (optional). An offering without a disk size will allow users to pick their own
Tags on the data disk
+
+
+
+
+
diff --git a/docs/en-US/configure-acl.xml b/docs/en-US/configure-acl.xml
new file mode 100644
index 00000000000..299196c5502
--- /dev/null
+++ b/docs/en-US/configure-acl.xml
@@ -0,0 +1,139 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
diff --git a/docs/en-US/configure-guest-traffic-in-advanced-zone.xml b/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
index 95df4730985..fb6685091a5 100644
--- a/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
+++ b/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
@@ -3,48 +3,77 @@
%BOOK_ENTITIES;
]>
-
-
+
+ Display Text: The description of the network. This
+ will be user-visible
+
+
+ Zone: The zone in which you are configuring the
+ guest network.
+
+
+ Network offering: If the administrator has
+ configured multiple network offerings, select the one you want to use for this
+ network
+
+
+ Guest Gateway: The gateway that the guests should
+ use
+
+
+ Guest Netmask: The netmask in use on the subnet the
+ guests will use
+
+
+
+
+ Click OK.
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml b/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
index 960a1a3308b..7a61cd380af 100644
--- a/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
+++ b/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
@@ -3,7 +3,6 @@
%BOOK_ENTITIES;
]>
-
-
+ Configure Public Traffic in an Advanced Zone
+ In a zone that uses advanced networking, you need to configure at least one range of IP
+ addresses for Internet traffic.
+
\ No newline at end of file
diff --git a/docs/en-US/configuring-projects.xml b/docs/en-US/configuring-projects.xml
index e18843d15d6..0f84dd81454 100644
--- a/docs/en-US/configuring-projects.xml
+++ b/docs/en-US/configuring-projects.xml
@@ -1,9 +1,4 @@
-
-%BOOK_ENTITIES;
-]>
-
-
+
+%BOOK_ENTITIES;
+]>
Configuring Projects
- Before &PRODUCT; users start using projects, the &PRODUCT; administrator must set up various systems to support them, including membership invitations, limits on project resources, and controls on who can create projects
+ Before CloudPlatform users start using projects, the CloudPlatform administrator must set
+ up various systems to support them, including membership invitations, limits on project
+ resources, and controls on who can create projects.
+
+
+
diff --git a/docs/en-US/create-vpn-connection-vpc.xml b/docs/en-US/create-vpn-connection-vpc.xml
new file mode 100644
index 00000000000..1fba09e18fb
--- /dev/null
+++ b/docs/en-US/create-vpn-connection-vpc.xml
@@ -0,0 +1,103 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Creating a VPN Connection
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you create for the account are listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to deploy the VMs.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ASLs
+
+
+
+
+ Select Site-to-Site VPN.
+ The Site-to-Site VPN page is displayed.
+
+
+ From the Select View drop-down, ensure that VPN Connection is selected.
+
+
+ Click Create VPN Connection.
+ The Create VPN Connection dialog is displayed:
+
+
+
+
+
+ createvpnconnection.png: creating a vpn connection to the customer
+ gateway.
+
+
+
+
+ Select the desired customer gateway, then click OK to confirm.
+ Within a few moments, the VPN Connection is displayed.
+ The following information on the VPN connection is displayed:
+
+
+ IP Address
+
+
+ Gateway
+
+
+ State
+
+
+ IPSec Preshared Key
+
+
+ IKE Policy
+
+
+ ESP Policy
+
+
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/create-vpn-customer-gateway.xml b/docs/en-US/create-vpn-customer-gateway.xml
new file mode 100644
index 00000000000..bf56e36e8b9
--- /dev/null
+++ b/docs/en-US/create-vpn-customer-gateway.xml
@@ -0,0 +1,191 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Creating and Updating a VPN Customer Gateway
+
+ A VPN customer gateway can be connected to only one VPN gateway at a time.
+
+ To add a VPN Customer Gateway:
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPN Customer Gateway.
+
+
+ Click Add site-to-site VPN.
+
+
+
+
+
+ addvpncustomergateway.png: adding a customer gateway.
+
+
+ Provide the following information:
+
+
+ Name: A unique name for the VPN customer gateway
+ you create.
+
+
+ Gateway: The IP address for the remote
+ gateway.
+
+
+ CIDR list: The guest CIDR list of the remote
+ subnets. Enter a CIDR or a comma-separated list of CIDRs. Ensure that a guest CIDR list
+ is not overlapped with the VPC’s CIDR, or another guest CIDR. The CIDR must be
+ RFC1918-compliant.
+
+
+ IPsec Preshared Key: Preshared keying is a method
+ where the endpoints of the VPN share a secret key. This key value is used to
+ authenticate the customer gateway and the VPC VPN gateway to each other.
+
+ The IKE peers (VPN end points) authenticate each other by computing and sending a
+ keyed hash of data that includes the Preshared key. If the receiving peer is able to
+ create the same hash independently by using its Preshared key, it knows that both
+ peers must share the same secret, thus authenticating the customer gateway.
+
+
+
+ IKE Encryption: The Internet Key Exchange (IKE)
+ policy for phase-1. The supported encryption algorithms are AES128, AES192, AES256, and
+ 3DES. Authentication is accomplished through the Preshared Keys.
+
+ The phase-1 is the first phase in the IKE process. In this initial negotiation
+ phase, the two VPN endpoints agree on the methods to be used to provide security for
+ the underlying IP traffic. The phase-1 authenticates the two VPN gateways to each
+ other, by confirming that the remote gateway has a matching Preshared Key.
+
+
+
+ IKE Hash: The IKE hash for phase-1. The supported
+ hash algorithms are SHA1 and MD5.
+
+
+ IKE DH: A public-key cryptography protocol which
+ allows two parties to establish a shared secret over an insecure communications channel.
+ The 1536-bit Diffie-Hellman group is used within IKE to establish session keys. The
+ supported options are None, Group-5 (1536-bit) and Group-2 (1024-bit).
+
+
+ ESP Encryption: Encapsulating Security Payload
+ (ESP) algorithm within phase-2. The supported encryption algorithms are AES128, AES192,
+ AES256, and 3DES.
+
+ The phase-2 is the second phase in the IKE process. The purpose of IKE phase-2 is
+ to negotiate IPSec security associations (SA) to set up the IPSec tunnel. In phase-2,
+ new keying material is extracted from the Diffie-Hellman key exchange in phase-1, to
+ provide session keys to use in protecting the VPN data flow.
+
+
+
+ ESP Hash: Encapsulating Security Payload (ESP) hash
+ for phase-2. Supported hash algorithms are SHA1 and MD5.
+
+
+ Perfect Forward Secrecy: Perfect Forward Secrecy
+ (or PFS) is the property that ensures that a session key derived from a set of long-term
+ public and private keys will not be compromised. This property enforces a new
+ Diffie-Hellman key exchange. It provides the keying material that has greater key
+ material life and thereby greater resistance to cryptographic attacks. The available
+ options are None, Group-5 (1536-bit) and Group-2 (1024-bit). The security of the key
+ exchanges increase as the DH groups grow larger, as does the time of the
+ exchanges.
+
+ When PFS is turned on, for every negotiation of a new phase-2 SA the two gateways
+ must generate a new set of phase-1 keys. This adds an extra layer of protection that
+ PFS adds, which ensures if the phase-2 SA’s have expired, the keys used for new
+ phase-2 SA’s have not been generated from the current phase-1 keying material.
+
+
+
+ IKE Lifetime (seconds): The phase-1 lifetime of the
+ security association in seconds. Default is 86400 seconds (1 day). Whenever the time
+ expires, a new phase-1 exchange is performed.
+
+
+ ESP Lifetime (seconds): The phase-2 lifetime of the
+ security association in seconds. Default is 3600 seconds (1 hour). Whenever the value is
+ exceeded, a re-key is initiated to provide a new IPsec encryption and authentication
+ session keys.
+
+
+ Dead Peer Detection: A method to detect an
+ unavailable Internet Key Exchange (IKE) peer. Select this option if you want the virtual
+ router to query the liveliness of its IKE peer at regular intervals. It’s recommended to
+ have the same configuration of DPD on both side of VPN connection.
+
+
+
+
+ Click OK.
+
+
+
+ Updating and Removing a VPN Customer Gateway
+ You can update a customer gateway either with no VPN connection, or related VPN connection
+ is in error state.
+
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPN Customer Gateway.
+
+
+ Select the VPN customer gateway you want to work with.
+
+
+ To modify the required parameters, click the Edit VPN Customer Gateway button
+
+
+
+
+ edit.png: button to edit a VPN customer gateway
+
+
+
+
+ To remove the VPN customer gateway, click the Delete VPN Customer Gateway button
+
+
+
+
+ delete.png: button to remove a VPN customer gateway
+
+
+
+
+ Click OK.
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/create-vpn-gateway-for-vpc.xml b/docs/en-US/create-vpn-gateway-for-vpc.xml
new file mode 100644
index 00000000000..396a7d9d174
--- /dev/null
+++ b/docs/en-US/create-vpn-gateway-for-vpc.xml
@@ -0,0 +1,80 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Creating a VPN gateway for the VPC
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to deploy the VMs.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ACLs
+
+
+
+
+ Select Site-to-Site VPN.
+ If you are creating the VPN gateway for the first time, selecting Site-to-Site VPN
+ prompts you to create a VPN gateway.
+
+
+ In the confirmation dialog, click Yes to confirm.
+ Within a few moments, the VPN gateway is created. You will be prompted to view the
+ details of the VPN gateway you have created. Click Yes to confirm.
+ The following details are displayed in the VPN Gateway page:
+
+
+ IP Address
+
+
+ Account
+
+
+ Domain
+
+
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/create-vr-network-offering.xml b/docs/en-US/create-vr-network-offering.xml
new file mode 100644
index 00000000000..317e3c200a1
--- /dev/null
+++ b/docs/en-US/create-vr-network-offering.xml
@@ -0,0 +1,108 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Creating and Changing a Virtual Router Network Offering
+ To create the network offering in association with a virtual router system service
+ offering:
+
+
+ Log in to the &PRODUCT; UI as a user or admin.
+
+
+ First, create a system service offering, for example: VRsystemofferingHA.
+ For more information on creating a system service offering, see .
+
+
+ From the Select Offering drop-down, choose Network Offering.
+
+
+ Click Add Network Offering.
+
+
+ In the dialog, make the following choices:
+
+
+ Name. Any desired name for the network
+ offering.
+
+
+ Description. A short description of the offering
+ that can be displayed to users.
+
+
+ Network Rate. Allowed data transfer rate in MB per
+ second.
+
+
+ Traffic Type. The type of network traffic that will
+ be carried on the network.
+
+
+ Guest Type. Choose whether the guest network is
+ isolated or shared. For a description of these terms, see .
+
+
+ Specify VLAN. (Isolated guest networks only)
+ Indicate whether a VLAN should be specified when this offering is used.
+
+
+ Supported Services. Select one or more of the
+ possible network services. For some services, you must also choose the service provider;
+ for example, if you select Load Balancer, you can choose the &PRODUCT; virtual router or
+ any other load balancers that have been configured in the cloud. Depending on which
+ services you choose, additional fields may appear in the rest of the dialog box. For
+ more information, see
+
+
+ System Offering. Choose the system service offering
+ that you want virtual routers to use in this network. In this case, the default “System
+ Offering For Software Router” and the custom “VRsystemofferingHA” are available and
+ displayed.
+
+
+
+
+ Click OK and the network offering is created.
+
+
+ To change the network offering of a guest network to the virtual router service
+ offering:
+
+
+ Select Network from the left navigation pane.
+
+
+ Select the guest network that you want to offer this network service to.
+
+
+ Click the Edit button.
+
+
+ From the Network Offering drop-down, select the virtual router network offering you have
+ just created.
+
+
+ Click OK.
+
+
+
diff --git a/docs/en-US/creating-compute-offerings.xml b/docs/en-US/creating-compute-offerings.xml
index 56679a422f4..31f974196fb 100644
--- a/docs/en-US/creating-compute-offerings.xml
+++ b/docs/en-US/creating-compute-offerings.xml
@@ -5,23 +5,22 @@
]>
-
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
Creating a New Compute Offering
To create a new compute offering:
@@ -32,19 +31,36 @@
Click Add Compute Offering.
In the dialog, make the following choices:
- Name. Any desired name for the service offering.
- Description. A short description of the offering that can be displayed to users
- Storage type. The type of disk that should be allocated. Local allocates from storage attached directly to the host where the system VM is running. Shared allocates from storage accessible via NFS.
- # of CPU cores. The number of cores which should be allocated to a system VM with this offering
- CPU (in MHz). The CPU speed of the cores that the system VM is allocated. For example, "2000" would provide for a 2 GHz clock.
- Memory (in MB). The amount of memory in megabytes that the system VM should be allocated. For example, "2048" would provide for a 2 GB RAM allocation.
- Network Rate. Allowed data transfer rate in MB per second.
- Offer HA. If yes, the administrator can choose to have the system VM be monitored and as highly available as possible.
- Storage Tags. The tags that should be associated with the primary storage used by the system VM.
- Host Tags. (Optional) Any tags that you use to organize your hosts
- CPU cap. Whether to limit the level of CPU usage even if spare capacity is available.
- Public. Indicate whether the service offering should be available all domains or only some domains. Choose Yes to make it available to all domains. Choose No to limit the scope to a subdomain; &PRODUCT; will then prompt for the subdomain's name.
+ Name: Any desired name for the service offering.
+ Description: A short description of the offering that can be
+ displayed to users
+ Storage type: The type of disk that should be allocated.
+ Local allocates from storage attached directly to the host where the system
+ VM is running. Shared allocates from storage accessible via NFS.
+ # of CPU cores: The number of cores which should be allocated
+ to a system VM with this offering
+ CPU (in MHz): The CPU speed of the cores that the system VM
+ is allocated. For example, “2000” would provide for a 2 GHz clock.
+ Memory (in MB): The amount of memory in megabytes that the
+ system VM should be allocated. For example, “2048” would provide for a 2 GB
+ RAM allocation.
+ Network Rate: Allowed data transfer rate in MB per
+ second.
+ Offer HA: If yes, the administrator can choose to have the
+ system VM be monitored and as highly available as possible.
+ Storage Tags: The tags that should be associated with the
+ primary storage used by the system VM.
+ Host Tags: (Optional) Any tags that you use to organize your
+ hosts
+ CPU cap: Whether to limit the level of CPU usage even if
+ spare capacity is available.
+ Public: Indicate whether the service offering should be
+ available all domains or only some domains. Choose Yes to make it available
+ to all domains. Choose No to limit the scope to a subdomain; &PRODUCT;
+ will then prompt for the subdomain's name.
Click Add.
+
+
diff --git a/docs/en-US/delete-reset-vpn.xml b/docs/en-US/delete-reset-vpn.xml
new file mode 100644
index 00000000000..318e5fe321e
--- /dev/null
+++ b/docs/en-US/delete-reset-vpn.xml
@@ -0,0 +1,89 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Restarting and Removing a VPN Connection
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to deploy the VMs.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ASLs
+
+
+
+
+ Select Site-to-Site VPN.
+ The Site-to-Site VPN page is displayed.
+
+
+ From the Select View drop-down, ensure that VPN Connection is selected.
+ All the VPN connections you created are displayed.
+
+
+ Select the VPN connection you want to work with.
+ The Details tab is displayed.
+
+
+ To remove a VPN connection, click the Delete VPN connection button
+
+
+
+
+ remove-vpn.png: button to remove a VPN connection
+
+
+ To restart a VPN connection, click the Reset VPN connection button present in the
+ Details tab.
+
+
+
+
+ reset-vpn.png: button to reset a VPN connection
+
+
+
+
+
diff --git a/docs/en-US/enable-disable-static-nat-vpc.xml b/docs/en-US/enable-disable-static-nat-vpc.xml
new file mode 100644
index 00000000000..17f0c10540f
--- /dev/null
+++ b/docs/en-US/enable-disable-static-nat-vpc.xml
@@ -0,0 +1,97 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Enabling or Disabling Static NAT on a VPC
+ A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to
+ allow Internet traffic to it. This section tells how to enable or disable static NAT for a
+ particular IP address in a VPC.
+ If port forwarding rules are already in effect for an IP address, you cannot enable static
+ NAT to that IP.
+ If a guest VM is part of more than one network, static NAT rules will function only if they
+ are defined on the default network.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC to which you want to deploy the VMs.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ACLs
+
+
+
+
+ Select IP Addresses.
+ The IP Addresses page is displayed.
+
+
+ Click the IP you want to work with.
+
+
+ In the Details tab,click the Static NAT button.
+
+
+
+
+ enable-disable.png: button to enable Statid NAT.
+
+ The button toggles between Enable and Disable, depending on whether
+ static NAT is currently enabled for the IP address.
+
+
+ If you are enabling static NAT, a dialog appears as follows:
+
+
+
+
+
+ select-vmstatic-nat.png: selecting a tier to apply staticNAT.
+
+
+
+
+ Select the tier and the destination VM, then click Apply.
+
+
+
diff --git a/docs/en-US/global-config.xml b/docs/en-US/global-config.xml
new file mode 100644
index 00000000000..8bc08035d9b
--- /dev/null
+++ b/docs/en-US/global-config.xml
@@ -0,0 +1,54 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Setting Global Configuration Parameters
+ &PRODUCT; provides parameters that you can set to control many aspects of the cloud. When
+ &PRODUCT; is first installed, and periodically thereafter, you might need to modify these
+ settings.
+
+
+ Log in to the UI as administrator.
+
+
+ In the left navigation bar, click Global Settings.
+
+
+ In Select View, choose one of the following:
+
+
+ Global Settings. This displays a list of the parameters with brief descriptions and
+ current values.
+
+
+ Hypervisor Capabilities. This displays a list of hypervisor versions with the
+ maximum number of guests supported for each.
+
+
+
+
+ Use the search box to narrow down the list to those you are interested in.
+
+
+ Click the Edit icon to modify a value. If you are viewing Hypervisor Capabilities, you
+ must click the name of the hypervisor first to display the editing screen.
+
+
+
diff --git a/docs/en-US/hypervisor-host-install-flow.xml b/docs/en-US/hypervisor-host-install-flow.xml
index 35145fd4bb0..74668c8f423 100644
--- a/docs/en-US/hypervisor-host-install-flow.xml
+++ b/docs/en-US/hypervisor-host-install-flow.xml
@@ -31,4 +31,4 @@
-
+
\ No newline at end of file
diff --git a/docs/en-US/hypervisor-host-install-libvirt.xml b/docs/en-US/hypervisor-host-install-libvirt.xml
index 3caf2bbc48d..15cfde2efa7 100644
--- a/docs/en-US/hypervisor-host-install-libvirt.xml
+++ b/docs/en-US/hypervisor-host-install-libvirt.xml
@@ -63,4 +63,4 @@
service libvirt-bin restart
-
+
\ No newline at end of file
diff --git a/docs/en-US/hypervisor-host-install-overview.xml b/docs/en-US/hypervisor-host-install-overview.xml
index faba4162922..187abea8e4e 100644
--- a/docs/en-US/hypervisor-host-install-overview.xml
+++ b/docs/en-US/hypervisor-host-install-overview.xml
@@ -34,4 +34,4 @@
Configure Security Policies (AppArmor and SELinux)
Install and configure the Agent
-
+
\ No newline at end of file
diff --git a/docs/en-US/hypervisor-host-install-prepare-os.xml b/docs/en-US/hypervisor-host-install-prepare-os.xml
index 4845075ffaf..e2e32e709ae 100644
--- a/docs/en-US/hypervisor-host-install-prepare-os.xml
+++ b/docs/en-US/hypervisor-host-install-prepare-os.xml
@@ -50,4 +50,4 @@
Repeat all of these steps on every hypervisor host.
-
+
\ No newline at end of file
diff --git a/docs/en-US/hypervisor-host-install-security-policies.xml b/docs/en-US/hypervisor-host-install-security-policies.xml
index 290d2d0c830..5fd6925a8c0 100644
--- a/docs/en-US/hypervisor-host-install-security-policies.xml
+++ b/docs/en-US/hypervisor-host-install-security-policies.xml
@@ -67,4 +67,4 @@
-
+
\ No newline at end of file
diff --git a/docs/en-US/images/remove-vpc.png b/docs/en-US/images/remove-vpc.png
new file mode 100644
index 00000000000..aa9846cfd9b
Binary files /dev/null and b/docs/en-US/images/remove-vpc.png differ
diff --git a/docs/en-US/images/remove-vpn.png b/docs/en-US/images/remove-vpn.png
new file mode 100644
index 00000000000..27145cebbc7
Binary files /dev/null and b/docs/en-US/images/remove-vpn.png differ
diff --git a/docs/en-US/images/reset-vpn.png b/docs/en-US/images/reset-vpn.png
new file mode 100644
index 00000000000..04655dc37ad
Binary files /dev/null and b/docs/en-US/images/reset-vpn.png differ
diff --git a/docs/en-US/large_scale_redundant_setup.xml b/docs/en-US/large_scale_redundant_setup.xml
new file mode 100644
index 00000000000..9eb3190cb62
--- /dev/null
+++ b/docs/en-US/large_scale_redundant_setup.xml
@@ -0,0 +1,42 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Large-Scale Redundant Setup
+
+
+
+
+ Large-Scale Redundant Setup
+
+ This diagram illustrates the network architecture of a large-scale &PRODUCT; deployment.
+
+ A layer-3 switching layer is at the core of the data center. A router redundancy protocol like VRRP should be deployed. Typically high-end core switches also include firewall modules. Separate firewall appliances may also be used if the layer-3 switch does not have integrated firewall capabilities. The firewalls are configured in NAT mode. The firewalls provide the following functions:
+
+ Forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.
+ When the cloud spans multiple zones, the firewalls should enable site-to-site VPN such that servers in different zones can directly reach each other.
+
+
+ A layer-2 access switch layer is established for each pod. Multiple switches can be stacked to increase port count. In either case, redundant pairs of layer-2 switches should be deployed.
+ The Management Server cluster (including front-end load balancers, Management Server nodes, and the MySQL database) is connected to the management network through a pair of load balancers.
+ Secondary storage servers are connected to the management network.
+ Each pod contains storage and computing servers. Each storage and computing server should have redundant NICs connected to separate layer-2 access switches.
+
+
\ No newline at end of file
diff --git a/docs/en-US/multi_node_management_server.xml b/docs/en-US/multi_node_management_server.xml
new file mode 100644
index 00000000000..9dea9499e8d
--- /dev/null
+++ b/docs/en-US/multi_node_management_server.xml
@@ -0,0 +1,36 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Multi-Node Management Server
+ The &PRODUCT; Management Server is deployed on one or more front-end servers connected to a single MySQL database. Optionally a pair of hardware load balancers distributes requests from the web. A backup management server set may be deployed using MySQL replication at a remote site to add DR capabilities.
+
+
+
+
+ Multi-Node Management Server
+
+ The administrator must decide the following.
+
+ Whether or not load balancers will be used.
+ How many Management Servers will be deployed.
+ Whether MySQL replication will be deployed to enable disaster recovery.
+
+
\ No newline at end of file
diff --git a/docs/en-US/multi_site_deployment.xml b/docs/en-US/multi_site_deployment.xml
new file mode 100644
index 00000000000..2dce575589a
--- /dev/null
+++ b/docs/en-US/multi_site_deployment.xml
@@ -0,0 +1,50 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Multi-Site Deployment
+ The &PRODUCT; platform scales well into multiple sites through the use of zones. The following diagram shows an example of a multi-site deployment.
+
+
+
+
+ Example Of A Multi-Site Deployment
+
+ Data Center 1 houses the primary Management Server as well as zone 1. The MySQL database is replicated in real time to the secondary Management Server installation in Data Center 2.
+
+
+
+
+ Separate Storage Network
+
+ This diagram illustrates a setup with a separate storage network. Each server has four NICs, two connected to pod-level network switches and two connected to storage network switches.
+ There are two ways to configure the storage network:
+
+ Bonded NIC and redundant switches can be deployed for NFS. In NFS deployments, redundant switches and bonded NICs still result in one network (one CIDR block+ default gateway address).
+ iSCSI can take advantage of two separate storage networks (two CIDR blocks each with its own default gateway). Multipath iSCSI client can failover and load balance between separate storage networks.
+
+
+
+
+
+ NIC Bonding And Multipath I/O
+
+ This diagram illustrates the differences between NIC bonding and Multipath I/O (MPIO). NIC bonding configuration involves only one network. MPIO involves two separate networks.
+
\ No newline at end of file
diff --git a/docs/en-US/networks.xml b/docs/en-US/networks.xml
new file mode 100644
index 00000000000..d4ed76d4d0c
--- /dev/null
+++ b/docs/en-US/networks.xml
@@ -0,0 +1,48 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Managing Networks and Traffic
+ In a &PRODUCT;, guest VMs can communicate with each other using shared infrastructure with
+ the security and user perception that the guests have a private LAN. The &PRODUCT; virtual
+ router is the main component providing networking features for guest traffic.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-about.xml b/docs/en-US/plugin-niciranvp-about.xml
new file mode 100644
index 00000000000..8d2e20e7756
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-about.xml
@@ -0,0 +1,28 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ The Nicira NVP Plugin
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-devicemanagement.xml b/docs/en-US/plugin-niciranvp-devicemanagement.xml
new file mode 100644
index 00000000000..2423ce3925d
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-devicemanagement.xml
@@ -0,0 +1,47 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Device-management
+ In CloudStack 4.0.x each Nicira NVP setup is considered a "device" that can be added and removed from a physical network. To complete the configuration of the Nicira NVP plugin a device needs to be added to the physical network using the "addNiciraNVPDevice" API call. The plugin is now enabled on the physical network and any guest networks created on that network will be provisioned using the Nicra NVP Controller.
+ The plugin introduces a set of new API calls to manage the devices, see below or refer to the API reference.
+
+ addNiciraNvpDevice
+
+
+ physicalnetworkid: the UUID of the physical network on which the device is configured
+ hostname: the IP address of the NVP controller
+ username: the username for access to the NVP API
+ password: the password for access to the NVP API
+ transportzoneuuid: the UUID of the transportzone
+
+
+ deleteNiciraNVPDevice
+
+
+ nvpdeviceid: the UUID of the device
+
+
+ listNiciraNVPDevices
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-features.xml b/docs/en-US/plugin-niciranvp-features.xml
new file mode 100644
index 00000000000..cdcda9e2aa6
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-features.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Features of the Nicira NVP Plugin
+ In CloudStack release 4.0.x this plugin supports the Connectivity service. This service is responsible for creating Layer 2 networks supporting the networks created by Guests. In other words when an tennant creates a new network, instead of the traditional VLAN a logical network will be created by sending the appropriate calls to the Nicira NVP Controller.
+ The plugin has been tested with Nicira NVP versions 2.1.0, 2.2.0 and 2.2.1
+ In CloudStack 4.0.x only the XenServer hypervisor is supported for use in combination with Nicira NVP
+ In CloudStack 4.0.x the UI components for this plugin are not complete, configuration is done by sending commands to the API
+
\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-guide.xml b/docs/en-US/plugin-niciranvp-guide.xml
new file mode 100644
index 00000000000..89c9871021d
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-guide.xml
@@ -0,0 +1,31 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+
+ Plugin Guide for the Nicira NVP Plugin
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-introduction.xml b/docs/en-US/plugin-niciranvp-introduction.xml
new file mode 100644
index 00000000000..9c1d42df32d
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-introduction.xml
@@ -0,0 +1,26 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Introduction to the Nicira NVP Plugin
+ The Nicira NVP plugin allows CloudStack to use the Nicira solution for virtualized network as a provider for CloudStack networks and services.
+
diff --git a/docs/en-US/plugin-niciranvp-preparations.xml b/docs/en-US/plugin-niciranvp-preparations.xml
new file mode 100644
index 00000000000..95a25bdca26
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-preparations.xml
@@ -0,0 +1,36 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Prerequisites
+ Before enabling the Nicira NVP plugin the NVP Controller needs to be configured. Please review the NVP User Guide on how to do that.
+ CloudStack needs to have at least one physical network with the isolation method set to "STT". This network should be enabled for the Guest traffic type.
+ The Guest traffic type should be configured with the traffic label that matches the name of the Integration Bridge on XenServer. See the Nicira NVP User Guide for more details on how to set this up in XenServer.
+ Make sure you have the following information ready:
+
+ The IP address of the NVP Controller
+ The username to access the API
+ The password to access the API
+ The UUID of the Transport Zone that contains the hypervisors in this Zone
+ The UUID of the Physical Network that will used for the Guest networks
+
+
\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-provider.xml b/docs/en-US/plugin-niciranvp-provider.xml
new file mode 100644
index 00000000000..d81db99d9c0
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-provider.xml
@@ -0,0 +1,42 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Enabling the service provider
+ To allow CloudStack to use the Nicira NVP Plugin the network service provider needs to be enabled on the physical network. The following sequence of API calls will enable the network service provider
+
+ addNetworkServiceProvider
+
+
+ name = "NiciraNVP"
+ physicalnetworkid = <the uuid of the physical network>
+
+
+ updateNetworkServiceProvider
+
+
+ id = <the provider uuid returned by the previous call>
+ state = "Enabled"
+
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-revisions.xml b/docs/en-US/plugin-niciranvp-revisions.xml
new file mode 100644
index 00000000000..6e455cafaf7
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-revisions.xml
@@ -0,0 +1,45 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+ Revision History
+
+
+
+ 0-0
+ Wed Oct 03 2012
+
+ Hugo
+ Trippaers
+ hugo@apache.org
+
+
+
+ Documentation created for 4.0.x version of the NVP Plugin
+
+
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-tables.xml b/docs/en-US/plugin-niciranvp-tables.xml
new file mode 100644
index 00000000000..4f816550b30
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-tables.xml
@@ -0,0 +1,51 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Database tables
+ The following tables are added to the cloud database for the Nicira NVP Plugin
+
+ nicira_nvp_nic_map, contains a mapping from nic to logical switch port
+
+
+ id
+ logicalswitch, uuid of the logical switch this port is connected to
+ logicalswitchport, uuid of the logical switch port for this nic
+ nic, the CloudStack uuid for this nic, reference to the nics table
+
+
+
+
+ external_nicira_nvp_devices, contains all configured devices
+
+
+ id
+ uuid
+ physical_network_id, the physical network this device is configured on
+ provider_name, set to "NiciraNvp"
+ device_name, display name for this device
+ host_id, reference to the host table with the device configuration
+
+
+
+
+
\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-troubleshooting.xml b/docs/en-US/plugin-niciranvp-troubleshooting.xml
new file mode 100644
index 00000000000..02b06555914
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-troubleshooting.xml
@@ -0,0 +1,28 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Troubleshooting the Nicira NVP Plugin
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-usage.xml b/docs/en-US/plugin-niciranvp-usage.xml
new file mode 100644
index 00000000000..17413387ea4
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-usage.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ Using the Nicira NVP Plugin
+
+
+
+
+
diff --git a/docs/en-US/plugin-niciranvp-uuidreferences.xml b/docs/en-US/plugin-niciranvp-uuidreferences.xml
new file mode 100644
index 00000000000..c912971736b
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-uuidreferences.xml
@@ -0,0 +1,30 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+ UUID References
+ The plugin maintains several references in the CloudStack database to items created on the NVP Controller.
+ Every guest network this is created will have its broadcast type set to Lswitch and if the network is in state "Implemented", the broadcast URI will have the UUID of the Logical Switch that was created for this network on the NVP Controller.
+ The Nics that are connected to one of the Logical Switches will have their Logical Switch Port UUID listed in the nicira_nvp_nic_map table
+ All devices created on the NVP Controller will have a tag set to domain-account of the owner of the network, this string can be used to search for items in the NVP Controller.
+
+
\ No newline at end of file
diff --git a/docs/en-US/projects-overview.xml b/docs/en-US/projects-overview.xml
new file mode 100644
index 00000000000..4f9a833b5ed
--- /dev/null
+++ b/docs/en-US/projects-overview.xml
@@ -0,0 +1,31 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Overview of Projects
+ Projects are used to organize people and resources. &PRODUCT; users within a single domain can group themselves into project teams so they can collaborate and share virtual resources such as VMs, snapshots, templates, data disks, and IP addresses. &PRODUCT; tracks resource usage per project as well as per user, so the usage can be billed to either a user account or a project. For example, a private cloud within a software company might have all members of the QA department assigned to one project, so the company can track the resources used in testing while the project members can more easily isolate their efforts from other users of the same cloud
+ You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators. Once you have created a project, you become that project’s administrator, and you can add others within your domain to the project. &PRODUCT; can be set up either so that you can add people directly to a project, or so that you have to send an invitation which the recipient must accept. Project members can view and manage all virtual resources created by anyone in the project (for example, share VMs). A user can be a member of any number of projects and can switch views in the &PRODUCT; UI to show only project-related information, such as project VMs, fellow project members, project-related alerts, and so on.
+ The project administrator can pass on the role to another project member. The project administrator can also add more members, remove members from the project, set new resource limits (as long as they are below the global defaults set by the &PRODUCT; administrator), and delete the project. When the administrator removes a member from the project, resources created by that user, such as VM instances, remain with the project. This brings us to the subject of resource ownership and which resources can be used by a project.
+ Resources created within a project are owned by the project, not by any particular &PRODUCT; account, and they can be used only within the project. A user who belongs to one or more projects can still create resources outside of those projects, and those resources belong to the user’s account; they will not be counted against the project’s usage or resource limits. You can create project-level networks to isolate traffic within the project and provide network services such as port forwarding, load balancing, VPN, and static NAT. A project can also make use of certain types of resources from outside the project, if those resources are shared. For example, a shared network or public template is available to any project in the domain. A project can get access to a private template if the template’s owner will grant permission. A project can use any service offering or disk offering available in its domain; however, you can not create private service and disk offerings at the project level..
+
+
diff --git a/docs/en-US/projects.xml b/docs/en-US/projects.xml
index 0390f528f3f..39ce96bd3bc 100644
--- a/docs/en-US/projects.xml
+++ b/docs/en-US/projects.xml
@@ -5,27 +5,31 @@
]>
-
- Projects
- Projects are used to organize people and resources. &PRODUCT; users within a single domain can group themselves into project teams so they can collaborate and share virtual resources such as VMs, snapshots, templates, data disks, and IP addresses. &PRODUCT; tracks resource usage per project as well as per user, so the usage can be billed to either a user account or a project. For example, a private cloud within a software company might have all members of the QA department assigned to one project, so the company can track the resources used in testing while the project members can more easily isolate their efforts from other users of the same cloud
- You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators. Once you have created a project, you become that project’s administrator, and you can add others within your domain to the project. &PRODUCT; can be set up either so that you can add people directly to a project, or so that you have to send an invitation which the recipient must accept. Project members can view and manage all virtual resources created by anyone in the project (for example, share VMs). A user can be a member of any number of projects and can switch views in the &PRODUCT; UI to show only project-related information, such as project VMs, fellow project members, project-related alerts, and so on.
- The project administrator can pass on the role to another project member. The project administrator can also add more members, remove members from the project, set new resource limits (as long as they are below the global defaults set by the &PRODUCT; administrator), and delete the project. When the administrator removes a member from the project, resources created by that user, such as VM instances, remain with the project. This brings us to the subject of resource ownership and which resources can be used by a project.
- Resources created within a project are owned by the project, not by any particular &PRODUCT; account, and they can be used only within the project. A user who belongs to one or more projects can still create resources outside of those projects, and those resources belong to the user’s account; they will not be counted against the project’s usage or resource limits. You can create project-level networks to isolate traffic within the project and provide network services such as port forwarding, load balancing, VPN, and static NAT. A project can also make use of certain types of resources from outside the project, if those resources are shared. For example, a shared network or public template is available to any project in the domain. A project can get access to a private template if the template’s owner will grant permission. A project can use any service offering or disk offering available in its domain; however, you can not create private service and disk offerings at the project level..
-
+
+ Using Projects to Organize Users and Resources
+
+
+
+
+
+
+
+
+
diff --git a/docs/en-US/provisioning-steps.xml b/docs/en-US/provisioning-steps.xml
index 3febc814035..98717435c62 100644
--- a/docs/en-US/provisioning-steps.xml
+++ b/docs/en-US/provisioning-steps.xml
@@ -26,7 +26,6 @@
Steps to Provisioning Your Cloud Infrastructure
This section tells how to add zones, pods, clusters, hosts, storage, and networks to your cloud. If you are unfamiliar with these entities, please begin by looking through .
-
diff --git a/docs/en-US/provisioning.xml b/docs/en-US/provisioning.xml
new file mode 100644
index 00000000000..ec28451519c
--- /dev/null
+++ b/docs/en-US/provisioning.xml
@@ -0,0 +1,25 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Provisioning Your Cloud Infrastructure
+
+
+
diff --git a/docs/en-US/re-install-hosts.xml b/docs/en-US/re-install-hosts.xml
new file mode 100644
index 00000000000..b8092adb44a
--- /dev/null
+++ b/docs/en-US/re-install-hosts.xml
@@ -0,0 +1,26 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Re-Installing Hosts
+ You can re-install a host after placing it in maintenance mode and then removing it. If a
+ host is down and cannot be placed in maintenance mode, it should still be removed before the
+ re-install.
+
diff --git a/docs/en-US/release-ip-for-vpc.xml b/docs/en-US/release-ip-for-vpc.xml
new file mode 100644
index 00000000000..466ec663a17
--- /dev/null
+++ b/docs/en-US/release-ip-for-vpc.xml
@@ -0,0 +1,80 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Releasing an IP Address Alloted to a VPC
+ The IP address is a limited resource. If you no longer need a particular IP, you can
+ disassociate it from its VPC and return it to the pool of available addresses. An IP address can
+ be released from its tier, only when all the networking ( port forwarding, load balancing, or
+ StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to
+ the same VPC.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC whose IP you want to release.
+ The VPC page is displayed where all the tiers you created are listed in a
+ diagram.
+
+
+ Click the Settings icon.
+ The following options are displayed.
+
+
+ IP Addresses
+
+
+ Gateways
+
+
+ Site-to-Site VPN
+
+
+ Network ACLs
+
+
+
+
+ Select IP Addresses.
+ The IP Addresses page is displayed.
+
+
+ Click the IP you want to release.
+
+
+ In the Details tab, click the Release IP button
+
+
+
+
+ release-ip-icon.png: button to release an IP.
+
+
+
+
+
diff --git a/docs/en-US/release-notes-3.0.4.ent b/docs/en-US/release-notes.ent
similarity index 100%
rename from docs/en-US/release-notes-3.0.4.ent
rename to docs/en-US/release-notes.ent
diff --git a/docs/en-US/remove-tier.xml b/docs/en-US/remove-tier.xml
new file mode 100644
index 00000000000..b5996eb2de3
--- /dev/null
+++ b/docs/en-US/remove-tier.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Removing Tiers
+ You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed,
+ only the resources of the tier are expunged. All the network rules (port forwarding, load
+ balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address
+ still be belonging to the same VPC.
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPC that you have created for the account is listed in the page.
+
+
+ Click the Configure button of the VPC for which you want to set up tiers.
+ The Configure VPC page is displayed. Locate the tier you want to work with.
+
+
+ Click the Remove VPC button:
+
+
+
+
+
+ remove-tier.png: removing a tier from a vpc.
+
+
+ Wait for some time for the tier to be removed.
+
+
+
diff --git a/docs/en-US/remove-vpc.xml b/docs/en-US/remove-vpc.xml
new file mode 100644
index 00000000000..c5eff850fd3
--- /dev/null
+++ b/docs/en-US/remove-vpc.xml
@@ -0,0 +1,68 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Editing, Restarting, and Removing a Virtual Private Cloud
+
+ Ensure that all the tiers are removed before you remove a VPC.
+
+
+
+ Log in to the &PRODUCT; UI as an administrator or end user.
+
+
+ In the left navigation, choose Network.
+
+
+ In the Select view, select VPC.
+ All the VPCs that you have created for the account is listed in the page.
+
+
+ Select the VPC you want to work with.
+
+
+ To remove, click the Remove VPC button
+
+
+
+
+ remove-vpc.png: button to remove a VPC
+
+
+ You can edit the name and description of a VPC. To do that, select the VPC, then click
+ the Edit button.
+
+
+
+
+ edit-icon.png: button to edit a VPC
+
+
+ To restart a VPC, select the VPC, then click the Restart button.
+
+
+
+
+ restart-vpc.png: button to restart a VPC
+
+
+
+
+
diff --git a/docs/en-US/separate_storage_network.xml b/docs/en-US/separate_storage_network.xml
new file mode 100644
index 00000000000..c3f6330cb14
--- /dev/null
+++ b/docs/en-US/separate_storage_network.xml
@@ -0,0 +1,24 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+ Separate Storage Network
+ In the large-scale redundant setup described in the previous section, storage traffic can overload the management network. A separate storage network is optional for deployments. Storage protocols such as iSCSI are sensitive to network delays. A separate storage network ensures guest network traffic contention does not impact storage performance.
+
\ No newline at end of file
diff --git a/docs/en-US/set-global-project-resource-limits.xml b/docs/en-US/set-global-project-resource-limits.xml
new file mode 100644
index 00000000000..d91942ad8db
--- /dev/null
+++ b/docs/en-US/set-global-project-resource-limits.xml
@@ -0,0 +1,82 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Setting the Global Project Resource Limits
+
+
+ Log in as administrator to the &PRODUCT; UI.
+
+
+ In the left navigation, click Global Settings.
+
+
+ In the search box, type max.projects and click the search button.
+
+
+ In the search results, you will see the parameters you can use to set per-project
+ maximum resource amounts that apply to all projects in the cloud. No project can have more
+ resources, but an individual project can have lower limits. Click the edit button to set
+ each parameter.
+
+
+
+
+ editbutton.png: Edits parameters
+
+
+
+
+
+
+ max.project.public.ips
+ Maximum number of public IP addresses that can be owned by any project in
+ the cloud. See About Public IP Addresses.
+
+
+ max.project.snapshots
+ Maximum number of snapshots that can be owned by any project in the
+ cloud. See Working with Snapshots.
+
+
+ max.project.templates
+ Maximum number of templates that can be owned by any project in the
+ cloud. See Working with Templates.
+
+
+ max.project.uservms
+ Maximum number of guest virtual machines that can be owned by any project
+ in the cloud. See Working With Virtual Machines.
+
+
+ max.project.volumes
+ Maximum number of data volumes that can be owned by any project in the
+ cloud. See Working with Volumes.
+
+
+
+
+
+
+ Restart the Management Server.
+ # service cloud-management restart
+
+
+
diff --git a/docs/en-US/set-per-project-resource-limits.xml b/docs/en-US/set-per-project-resource-limits.xml
new file mode 100644
index 00000000000..a0f64ea5a38
--- /dev/null
+++ b/docs/en-US/set-per-project-resource-limits.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Setting Per-Project Resource Limits
+ The &PRODUCT; root administrator or the domain administrator of the domain where the project
+ resides can set new resource limits for an individual project. The project owner can set
+ resource limits only if the owner is also a domain or root administrator.
+ The new limits must be below the global default limits set by the &PRODUCT; administrator
+ (as described in ). If the project already
+ owns more of a given type of resource than the new maximum, the resources are not affected;
+ however, the project can not add any new resources of that type until the total drops below the
+ new limit.
+
+
+ Log in as administrator to the &PRODUCT; UI.
+
+
+ In the left navigation, click Projects.
+
+
+ In Select View, choose Projects.
+
+
+ Click the name of the project you want to work with.
+
+
+ Click the Resources tab. This tab lists the current maximum amount that the project is
+ allowed to own for each type of resource.
+
+
+ Type new values for one or more resources.
+
+
+ Click Apply.
+
+
+
diff --git a/docs/en-US/set-projects-creator-permissions.xml b/docs/en-US/set-projects-creator-permissions.xml
index 1d9309f8837..9b272f6bc7e 100644
--- a/docs/en-US/set-projects-creator-permissions.xml
+++ b/docs/en-US/set-projects-creator-permissions.xml
@@ -3,45 +3,60 @@
%BOOK_ENTITIES;
]>
-
-
- Setting Project Creator Permissions
- You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators.
-
- Log in as administrator to the &PRODUCT; UI.
- In the left navigation, click Global Settings.
- In the search box, type allow.user.create.projects.
- Click the edit button to set the parameter.
-
-
-
- editbutton.png: Edits parameters
-
-
-
-
- allow.user.create.projects
- Set to true to allow end users to create projects. Set to false if you want only the &PRODUCT; root administrator and domain administrators to create projects.
-
-
- Restart the Management Server.# service cloud-management restart
-
+ Setting Project Creator Permissions
+ You can configure &PRODUCT; to allow any user to create a new project, or you can restrict
+ that ability to just &PRODUCT; administrators.
+
+
+ Log in as administrator to the &PRODUCT; UI.
+
+
+ In the left navigation, click Global Settings.
+
+
+ In the search box, type allow.user.create.projects.
+
+
+ Click the edit button to set the parameter.
+
+
+
+
+ editbutton.png: Edits parameters
+
+
+
+
+
+
+ allow.user.create.projects
+ Set to true to allow end users to create projects. Set to false if you
+ want only the &PRODUCT; root administrator and domain administrators to create
+ projects.
+
+
+
+
+
+
+ Restart the Management Server.
+ # service cloud-management restart
+
+
diff --git a/docs/en-US/set-resource-limits-for-projects.xml b/docs/en-US/set-resource-limits-for-projects.xml
index 2c331acde51..669ca259372 100644
--- a/docs/en-US/set-resource-limits-for-projects.xml
+++ b/docs/en-US/set-resource-limits-for-projects.xml
@@ -3,26 +3,30 @@
%BOOK_ENTITIES;
]>
-
-
- Setting Resource Limits for Projects
- The &PRODUCT; administrator can set global default limits to control the amount of resources that can be owned by each project in the cloud. This serves to prevent uncontrolled usage of resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators can override these resource limits for individual projects with their domains, as long as the new limits are below the global defaults set by the &PRODUCT; root administrator. The root administrator can also set lower resource limits for any project in the cloud
+ Setting Resource Limits for Projects
+ The &PRODUCT; administrator can set global default limits to control the amount of resources
+ that can be owned by each project in the cloud. This serves to prevent uncontrolled usage of
+ resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators
+ can override these resource limits for individual projects with their domains, as long as the
+ new limits are below the global defaults set by the &PRODUCT; root administrator. The root
+ administrator can also set lower resource limits for any project in the cloud
+
+
diff --git a/docs/en-US/small_scale_deployment.xml b/docs/en-US/small_scale_deployment.xml
new file mode 100644
index 00000000000..eb509a78d41
--- /dev/null
+++ b/docs/en-US/small_scale_deployment.xml
@@ -0,0 +1,37 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+ Small-Scale Deployment
+
+
+
+
+ Small-Scale Deployment
+
+ This diagram illustrates the network architecture of a small-scale &PRODUCT; deployment.
+
+ A firewall provides a connection to the Internet. The firewall is configured in NAT mode. The firewall forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.
+ A layer-2 switch connects all physical servers and storage.
+ A single NFS server functions as both the primary and secondary storage.
+ The Management Server is connected to the management network.
+
+
\ No newline at end of file
diff --git a/docs/en-US/storage-overview.xml b/docs/en-US/storage-overview.xml
new file mode 100644
index 00000000000..bebf441ab60
--- /dev/null
+++ b/docs/en-US/storage-overview.xml
@@ -0,0 +1,27 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Storage Overview
+ &PRODUCT; defines two types of storage: primary and secondary. Primary storage can be
+ accessed by either iSCSI or NFS. Additionally, direct attached storage may be used for primary
+ storage. Secondary storage is always accessed using NFS.
+ There is no ephemeral storage in &PRODUCT;. All volumes on all nodes are persistent.
+
diff --git a/docs/en-US/suspend-project.xml b/docs/en-US/suspend-project.xml
index bfaa12a03d9..b4f821b2c26 100644
--- a/docs/en-US/suspend-project.xml
+++ b/docs/en-US/suspend-project.xml
@@ -32,17 +32,21 @@
In the left navigation, click Projects.
In Select View, choose Projects.
Click the name of the project.
- Click one of the buttons:
+ Click one of the buttons:To delete, use
- deletebutton.png: Removes a member
-
-
+
+ deletebutton.png: Removes a project
+
+
+ To suspend, use
- deletebutton.png: Removes a member
+
+ deletebutton.png: suspends a project
+
diff --git a/docs/en-US/system-service-offerings.xml b/docs/en-US/system-service-offerings.xml
index 75aa128d4c8..c41aa2e293b 100644
--- a/docs/en-US/system-service-offerings.xml
+++ b/docs/en-US/system-service-offerings.xml
@@ -26,4 +26,4 @@
System Service Offerings
System service offerings provide a choice of CPU speed, number of CPUs, tags, and RAM size, just as other service offerings do. But rather than being used for virtual machine instances and exposed to users, system service offerings are used to change the default properties of virtual routers, console proxies, and other system VMs. System service offerings are visible only to the &PRODUCT; root administrator. &PRODUCT; provides default system service offerings. The &PRODUCT; root administrator can create additional custom system service offerings.
When &PRODUCT; creates a virtual router for a guest network, it uses default settings which are defined in the system service offering associated with the network offering. You can upgrade the capabilities of the virtual router by applying a new network offering that contains a different system service offering. All virtual routers in that network will begin using the settings from the new service offering.
-
+
diff --git a/docs/en-US/ui.xml b/docs/en-US/ui.xml
index 4f7f327d700..94ea4eaf95c 100644
--- a/docs/en-US/ui.xml
+++ b/docs/en-US/ui.xml
@@ -5,24 +5,25 @@
]>
- User Interface
-
+ User Interface
+
+
diff --git a/docs/en-US/user-services-overview.xml b/docs/en-US/user-services-overview.xml
index f9e38c09209..95761217fbf 100644
--- a/docs/en-US/user-services-overview.xml
+++ b/docs/en-US/user-services-overview.xml
@@ -5,94 +5,35 @@
]>
-
- User Services Overview
- In addition to the physical and logical infrastructure of your cloud, and the &PRODUCT; software and servers, you also need a layer of user services so that people can actually make use of the cloud. This means not just a user UI, but a set of options and resources that users can choose from, such as templates for creating virtual machines, disk storage, and more. If you are running a commercial service, you will be keeping track of what services and resources users are consuming and charging them for that usage. Even if you do not charge anything for people to use your cloud – say, if the users are strictly internal to your organization, or just friends who are sharing your cloud – you can still keep track of what services they use and how much of them.
-
- Service Offerings, Disk Offerings, Network Offerings, and Templates
- A user creating a new instance can make a variety of choices about its characteristics and capabilities. &PRODUCT; provides several ways to present users with choices when creating a new instance:
-
- Service Offerings, defined by the &PRODUCT; administrator, provide a choice of CPU speed, number of CPUs, RAM size, tags on the root disk, and other choices. See Creating a New Compute Offering.
- Disk Offerings, defined by the &PRODUCT; administrator, provide a choice of disk size for primary data storage. See Creating a New Disk Offering.
- Network Offerings, defined by the &PRODUCT; administrator, describe the feature set that is available to end users from the virtual router or external networking devices on a given guest network. See Network Offerings.
- Templates, defined by the &PRODUCT; administrator or by any &PRODUCT; user, are the base OS images that the user can choose from when creating a new instance. For example, &PRODUCT; includes CentOS as a template. See Working with Templates.
-
- In addition to these choices that are provided for users, there is another type of service offering which is available only to the &PRODUCT; root administrator, and is used for configuring virtual infrastructure resources. For more information, see Upgrading a Virtual Router with System Service Offerings.
-
-
- Accounts, Users, and Domains
- An account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account. Users are like aliases in the account. Users in the same account are not isolated from each other, but they are isolated from users in other accounts. Most installations need not surface the notion of users; they just have one user per account.
- Accounts are grouped by domains. Domains usually contain accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains. For example, a service provider with several resellers could create a domain for each reseller.
- Administrators are accounts with special privileges in the system. There may be multiple administrators in the system. Administrators can create or delete other administrators, and change the password for any user in the system. Root administrators have complete access to the system, including managing templates, service offerings, customer care administrators, and domains. Domain administrators can perform administrative operations for users who belong to that domain. Domain administrators do not have visibility into physical servers or other domains.
-
-
- Using an LDAP Server for User Authentication
- You can use an external LDAP server such as Microsoft Active Directory or ApacheDS to authenticate &PRODUCT; end-users. Just map &PRODUCT; accounts to the corresponding LDAP accounts using a query filter. The query filter is written using the query syntax of the particular LDAP server, and can include special wildcard characters provided by &PRODUCT; for matching common values such as the user’s email address and name. &PRODUCT; will search the external LDAP directory tree starting at a specified base directory and return the distinguished name (DN) and password of the matching user. This information along with the given password is used to authenticate the user.
- To set up LDAP authentication in &PRODUCT;, call the &PRODUCT; API command ldapConfig and provide the following:
-
- Hostname or IP address and listening port of the LDAP server
- Base directory and query filter
- Search user DN credentials, which give &PRODUCT; permission to search on the LDAP server
- SSL keystore and password, if SSL is used
-
-
- Example LDAP Configuration Commands
- To understand the examples in this section, you need to know the basic concepts behind calling the &PRODUCT; API, which are explained in the Developer’s Guide.
- The following shows an example invocation of ldapConfig with an ApacheDS LDAP server.
- http://127.0.0.1:8080/client/api?command=ldapConfig&hostname=127.0.0.1&searchbase=ou%3Dtesting%2Co%3Dproject&queryfilter=%28%26%28uid%3D%25u%29%29&binddn=cn%3DJohn+Singh%2Cou%3Dtesting%2Co%project&bindpass=secret&port=10389&ssl=true&truststore=C%3A%2Fcompany%2Finfo%2Ftrusted.ks&truststorepass=secret&response=json&apiKey=YourAPIKey&signature=YourSignatureHash
-
- The command must be URL-encoded. Here is the same example without the URL encoding:
-
-http://127.0.0.1:8080/client/api?command=ldapConfig
-&hostname=127.0.0.1
-&searchbase=ou=testing,o=project
-&queryfilter=(&(%uid=%u))
-&binddn=cn=John+Singh,ou=testing,o=project
-&bindpass=secret
-&port=10389
-&ssl=true
-&truststore=C:/company/info/trusted.ks
-&truststorepass=secret
-&response=json
-&apiKey=YourAPIKey
-&signature=YourSignatureHash
-
- The following shows a similar command for Active Directory. Here, the search base is the testing group within a company, and the users are matched up based on email address.
- http://10.147.29.101:8080/client/api?command=ldapConfig&hostname=10.147.28.250&searchbase=OU%3Dtesting%2CDC%3Dcompany&queryfilter=%28%26%28mail%3D%25e%29%29&binddn=CN%3DAdministrator%2COU%3Dtesting%2CDC%3Dcompany&bindpass=1111_aaaa&port=389&response=json&apiKey=YourAPIKey&signature=YourSignatureHash
- The next few sections explain some of the concepts you will need to know when filling out the ldapConfig parameters.
-
-
- Search Base
- Coming soon: TODO
-
-
- Query Filter
- Coming soon: TODO
-
-
- Search User Bind DN
- Coming soon: TODO
-
-
- SSL Keystore Path and Password
- Coming soon: TODO
-
-
-
+
+ User Services Overview
+ In addition to the physical and logical infrastructure of your cloud, and the &PRODUCT; software and servers, you also need a layer of user services so that people can actually make use of the cloud. This means not just a user UI, but a set of options and resources that users can choose from, such as templates for creating virtual machines, disk storage, and more. If you are running a commercial service, you will be keeping track of what services and resources users are consuming and charging them for that usage. Even if you do not charge anything for people to use your cloud – say, if the users are strictly internal to your organization, or just friends who are sharing your cloud – you can still keep track of what services they use and how much of them.
+
+ Service Offerings, Disk Offerings, Network Offerings, and Templates
+ A user creating a new instance can make a variety of choices about its characteristics and capabilities. &PRODUCT; provides several ways to present users with choices when creating a new instance:
+
+ Service Offerings, defined by the &PRODUCT; administrator, provide a choice of CPU speed, number of CPUs, RAM size, tags on the root disk, and other choices. See Creating a New Compute Offering.
+ Disk Offerings, defined by the &PRODUCT; administrator, provide a choice of disk size for primary data storage. See Creating a New Disk Offering.
+ Network Offerings, defined by the &PRODUCT; administrator, describe the feature set that is available to end users from the virtual router or external networking devices on a given guest network. See Network Offerings.
+ Templates, defined by the &PRODUCT; administrator or by any &PRODUCT; user, are the base OS images that the user can choose from when creating a new instance. For example, &PRODUCT; includes CentOS as a template. See Working with Templates.
+
+ In addition to these choices that are provided for users, there is another type of service offering which is available only to the &PRODUCT; root administrator, and is used for configuring virtual infrastructure resources. For more information, see Upgrading a Virtual Router with System Service Offerings.
+
+
\ No newline at end of file
diff --git a/docs/en-US/virtual-machines.xml b/docs/en-US/virtual-machines.xml
new file mode 100644
index 00000000000..7c74932b649
--- /dev/null
+++ b/docs/en-US/virtual-machines.xml
@@ -0,0 +1,34 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+ Working With Virtual Machines
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/publican-adminguide.cfg b/docs/publican-adminguide.cfg
index a5997823ad4..7a8a203a0f6 100644
--- a/docs/publican-adminguide.cfg
+++ b/docs/publican-adminguide.cfg
@@ -20,10 +20,11 @@
xml_lang: en-US
type: Book
-docname: cloudstack_admin
+docname: Admin_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1
+condition: admin
diff --git a/docs/publican-devguide.cfg b/docs/publican-devguide.cfg
index 3b364d944b0..006c0d16d00 100644
--- a/docs/publican-devguide.cfg
+++ b/docs/publican-devguide.cfg
@@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
-docname: cloudstack_developers
+docname: API_Developers_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1
diff --git a/docs/publican-installation.cfg b/docs/publican-installation.cfg
index 708200d460f..6f10a904617 100644
--- a/docs/publican-installation.cfg
+++ b/docs/publican-installation.cfg
@@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
-docname: cloudstack_installation
+docname: Installation_Guide
brand: cloudstack
chunk_first: 1
chunk_section_depth: 1
diff --git a/docs/publican-plugin-niciranvp.cfg b/docs/publican-plugin-niciranvp.cfg
new file mode 100644
index 00000000000..2e3696dc49e
--- /dev/null
+++ b/docs/publican-plugin-niciranvp.cfg
@@ -0,0 +1,28 @@
+# Publican configuration file for CloudStack Complete Documentation Set
+# Contains all technical docs except release notes
+# Config::Simple 4.58
+# Tue May 29 00:57:27 2012
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information#
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+xml_lang: en-US
+type: Book
+docname: CloudStack_Nicira_NVP_Guide
+brand: cloudstack
+chunk_first: 1
+chunk_section_depth: 1
+condition: install
diff --git a/docs/publican-release-notes-4_0.cfg b/docs/publican-release-notes.cfg
similarity index 97%
rename from docs/publican-release-notes-4_0.cfg
rename to docs/publican-release-notes.cfg
index 07c9002516e..cabf1ea3c88 100644
--- a/docs/publican-release-notes-4_0.cfg
+++ b/docs/publican-release-notes.cfg
@@ -20,7 +20,7 @@
xml_lang: en-US
type: Book
-docname: release-notes-4.0
+docname: release-notes
brand: cloudstack
chunk_first: 0
chunk_section_depth: 0