diff --git a/docs/en-US/add-gateway-vpc.xml b/docs/en-US/add-gateway-vpc.xml new file mode 100644 index 00000000000..616794a51d1 --- /dev/null +++ b/docs/en-US/add-gateway-vpc.xml @@ -0,0 +1,104 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding a Private Gateway to a VPC + A private gateway can be added by the root admin only. The VPC private network has 1:1 + relationship with the NIC of the physical network. No gateways with duplicated VLAN and IP are + allowed in the same data center. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to configure load balancing + rules. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Private Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select Private Gateways. + The Gateways page is displayed. + + + Click Add new gateway: + + + + + + add-new-gateway-vpc.png: adding a private gateway for the VPC. + + + + + Specify the following: + + + Physical Network: The physical network you have + created in the zone. + + + IP Address: The IP address associated with the VPC + gateway. + + + Gateway: The gateway through which the traffic is + routed to and from the VPC. + + + Netmask: The netmask associated with the VPC + gateway. + + + VLAN: The VLAN associated with the VPC + gateway. + + + The new gateway appears in the list. You can repeat these steps to add more gateway for + this VPC. + + +
diff --git a/docs/en-US/add-tier.xml b/docs/en-US/add-tier.xml new file mode 100644 index 00000000000..6beaab2a151 --- /dev/null +++ b/docs/en-US/add-tier.xml @@ -0,0 +1,89 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding Tiers + Tiers are distinct locations within a VPC that act as isolated networks, which do not have + access to other tiers by default. Tiers are set up on different VLANs that can communicate with + each other by using a virtual router. Tiers provide inexpensive, low latency network + connectivity to other tiers within the VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPC that you have created for the account is listed in the page. + + The end users can see their own VPCs, while root and domain admin can see any VPC they + are authorized to see. + + + + Click the Configure button of the VPC for which you want to set up tiers. + The Add new tier dialog is displayed, as follows: + + + + + + add-tier.png: adding a tier to a vpc. + + + If you have already created tiers, the VPC diagram is displayed. Click Create Tier to + add a new tier. + + + Specify the following: + All the fields are mandatory. + + + Name: A unique name for the tier you create. + + + Network Offering: The following default network + offerings are listed: DefaultIsolatedNetworkOfferingForVpcNetworksNoLB, + DefaultIsolatedNetworkOfferingForVpcNetworks + In a VPC, only one tier can be created by using LB-enabled network offering. + + + Gateway: The gateway for the tier you create. + Ensure that the gateway is within the Super CIDR range that you specified while creating + the VPC, and is not overlapped with the CIDR of any existing tier within the VPC. + + + Netmask: The netmask for the tier you create. + For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is + 10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is + 255.255.255.0. + + + + + Click OK. + + + Continue with configuring access control list for the tier. + + +
diff --git a/docs/en-US/add-vm-to-tier.xml b/docs/en-US/add-vm-to-tier.xml new file mode 100644 index 00000000000..e401eed2656 --- /dev/null +++ b/docs/en-US/add-vm-to-tier.xml @@ -0,0 +1,45 @@ + + +%BOOK_ENTITIES; +]> + +
+ Deploying VMs to the Tier + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed. + + + Click the Add VM button of the tier for which you want to add a VM. + The Add Instance page is displayed. + Follow the on-screen instruction to add an instance. For information on adding an + instance, see Adding Instances section in the Installation Guide. + + +
diff --git a/docs/en-US/add-vpc.xml b/docs/en-US/add-vpc.xml new file mode 100644 index 00000000000..8c088a0e1fd --- /dev/null +++ b/docs/en-US/add-vpc.xml @@ -0,0 +1,75 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding a Virtual Private Cloud + When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC + network address space. You specify this set of addresses in the form of a Classless Inter-Domain + Routing (CIDR) block. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + + + Click Add VPC. The Add VPC page is displayed as follows: + + + + + + add-vpc.png: adding a vpc. + + + Provide the following information: + + + Name: A short name for the VPC that you are + creating. + + + Description: A brief description of the VPC. + + + Zone: Choose the zone where you want the VPC to be + available. + + + Super CIDR for Guest Networks: Defines the CIDR + range for all the tiers (guest networks) within a VPC. When you create a tier, ensure + that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918 + compliant. + + + DNS domain for Guest Networks: If you want to + assign a special domain name, specify the DNS suffix. This parameter is applied to all + the tiers within the VPC. That implies, all the tiers you create in the VPC belong to + the same DNS domain. If the parameter is not specified, a DNS domain name is generated + automatically. + + + + +
diff --git a/docs/en-US/configure-acl.xml b/docs/en-US/configure-acl.xml new file mode 100644 index 00000000000..299196c5502 --- /dev/null +++ b/docs/en-US/configure-acl.xml @@ -0,0 +1,139 @@ + + +%BOOK_ENTITIES; +]> + +
+ Configuring Access Control List + Define Network Access Control List (ACL) on the VPC virtual router to control incoming + (ingress) and outgoing (egress) traffic between the VPC tiers, and the tiers and Internet. By + default, all incoming and outgoing traffic to the guest networks is blocked. To open the ports, + you must create a new network ACL. The network ACLs can be created for the tiers only if the + NetworkACL service is supported. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select Network ACLs. + The Network ACLs page is displayed. + + + Click Add Network ACLs. + To add an ACL rule, fill in the following fields to specify what kind of network traffic + is allowed in this tier. + + + CIDR: The CIDR acts as the Source CIDR for the + Ingress rules, and Destination CIDR for the Egress rules. To accept traffic only from or + to the IP addresses within a particular address block, enter a CIDR or a comma-separated + list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, + 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0. + + + Protocol: The networking protocol that sources use + to send traffic to the tier. The TCP and UDP protocols are typically used for data + exchange and end-user communications. The ICMP protocol is typically used to send error + messages or network monitoring data. + + + Start Port, End + Port (TCP, UDP only): A range of listening ports that are the destination + for the incoming traffic. If you are opening a single port, use the same number in both + fields. + + + Select Tier: Select the tier for which you want to + add this ACL rule. + + + ICMP Type, ICMP + Code (ICMP only): The type of message and error code that will be + sent. + + + Traffic Type: Select the traffic type you want to + apply. + + + Egress: To add an egress rule, select Egress + from the Traffic type drop-down box and click Add. This specifies what type of + traffic is allowed to be sent out of VM instances in this tier. If no egress rules + are specified, all traffic from the tier is allowed out at the VPC virtual router. + Once egress rules are specified, only the traffic specified in egress rules and the + responses to any traffic that has been allowed in through an ingress rule are + allowed out. No egress rule is required for the VMs in a tier to communicate with + each other. + + + Ingress: To add an ingress rule, select Ingress + from the Traffic type drop-down box and click Add. This specifies what network + traffic is allowed into the VM instances in this tier. If no ingress rules are + specified, then no traffic will be allowed in, except for responses to any traffic + that has been allowed out through an egress rule. + + + + By default, all incoming and outgoing traffic to the guest networks is blocked. To + open the ports, create a new network ACL. + + + + + + Click Add. The ACL rule is added. + To view the list of ACL rules you have added, click the desired tier from the Network + ACLs page, then select the Network ACL tab. + + + + + + network-acl.png: adding, editing, deleting an ACL rule. + + + You can edit the tags assigned to the ACL rules and delete the ACL rules you have + created. Click the appropriate button in the Actions column. + + +
diff --git a/docs/en-US/delete-reset-vpn.xml b/docs/en-US/delete-reset-vpn.xml new file mode 100644 index 00000000000..318e5fe321e --- /dev/null +++ b/docs/en-US/delete-reset-vpn.xml @@ -0,0 +1,89 @@ + + +%BOOK_ENTITIES; +]> + +
+ Restarting and Removing a VPN Connection + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ASLs + + + + + Select Site-to-Site VPN. + The Site-to-Site VPN page is displayed. + + + From the Select View drop-down, ensure that VPN Connection is selected. + All the VPN connections you created are displayed. + + + Select the VPN connection you want to work with. + The Details tab is displayed. + + + To remove a VPN connection, click the Delete VPN connection button + + + + + remove-vpn.png: button to remove a VPN connection + + + To restart a VPN connection, click the Reset VPN connection button present in the + Details tab. + + + + + reset-vpn.png: button to reset a VPN connection + + + + +
diff --git a/docs/en-US/enable-disable-static-nat-vpc.xml b/docs/en-US/enable-disable-static-nat-vpc.xml new file mode 100644 index 00000000000..17f0c10540f --- /dev/null +++ b/docs/en-US/enable-disable-static-nat-vpc.xml @@ -0,0 +1,97 @@ + + +%BOOK_ENTITIES; +]> + +
+ Enabling or Disabling Static NAT on a VPC + A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to + allow Internet traffic to it. This section tells how to enable or disable static NAT for a + particular IP address in a VPC. + If port forwarding rules are already in effect for an IP address, you cannot enable static + NAT to that IP. + If a guest VM is part of more than one network, static NAT rules will function only if they + are defined on the default network. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select IP Addresses. + The IP Addresses page is displayed. + + + Click the IP you want to work with. + + + In the Details tab,click the Static NAT button. + + + + + enable-disable.png: button to enable Statid NAT. + + The button toggles between Enable and Disable, depending on whether + static NAT is currently enabled for the IP address. + + + If you are enabling static NAT, a dialog appears as follows: + + + + + + select-vmstatic-nat.png: selecting a tier to apply staticNAT. + + + + + Select the tier and the destination VM, then click Apply. + + +
diff --git a/docs/en-US/images/remove-vpc.png b/docs/en-US/images/remove-vpc.png new file mode 100644 index 00000000000..aa9846cfd9b Binary files /dev/null and b/docs/en-US/images/remove-vpc.png differ diff --git a/docs/en-US/images/remove-vpn.png b/docs/en-US/images/remove-vpn.png new file mode 100644 index 00000000000..27145cebbc7 Binary files /dev/null and b/docs/en-US/images/remove-vpn.png differ diff --git a/docs/en-US/images/reset-vpn.png b/docs/en-US/images/reset-vpn.png new file mode 100644 index 00000000000..04655dc37ad Binary files /dev/null and b/docs/en-US/images/reset-vpn.png differ diff --git a/docs/en-US/release-ip-for-vpc.xml b/docs/en-US/release-ip-for-vpc.xml new file mode 100644 index 00000000000..466ec663a17 --- /dev/null +++ b/docs/en-US/release-ip-for-vpc.xml @@ -0,0 +1,80 @@ + + +%BOOK_ENTITIES; +]> + +
+ Releasing an IP Address Alloted to a VPC + The IP address is a limited resource. If you no longer need a particular IP, you can + disassociate it from its VPC and return it to the pool of available addresses. An IP address can + be released from its tier, only when all the networking ( port forwarding, load balancing, or + StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to + the same VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC whose IP you want to release. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select IP Addresses. + The IP Addresses page is displayed. + + + Click the IP you want to release. + + + In the Details tab, click the Release IP button + + + + + release-ip-icon.png: button to release an IP. + + + + +
diff --git a/docs/en-US/remove-tier.xml b/docs/en-US/remove-tier.xml new file mode 100644 index 00000000000..b5996eb2de3 --- /dev/null +++ b/docs/en-US/remove-tier.xml @@ -0,0 +1,55 @@ + + +%BOOK_ENTITIES; +]> + +
+ Removing Tiers + You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed, + only the resources of the tier are expunged. All the network rules (port forwarding, load + balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address + still be belonging to the same VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPC that you have created for the account is listed in the page. + + + Click the Configure button of the VPC for which you want to set up tiers. + The Configure VPC page is displayed. Locate the tier you want to work with. + + + Click the Remove VPC button: + + + + + + remove-tier.png: removing a tier from a vpc. + + + Wait for some time for the tier to be removed. + + +
diff --git a/docs/en-US/remove-vpc.xml b/docs/en-US/remove-vpc.xml new file mode 100644 index 00000000000..c5eff850fd3 --- /dev/null +++ b/docs/en-US/remove-vpc.xml @@ -0,0 +1,68 @@ + + +%BOOK_ENTITIES; +]> + +
+ Editing, Restarting, and Removing a Virtual Private Cloud + + Ensure that all the tiers are removed before you remove a VPC. + + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Select the VPC you want to work with. + + + To remove, click the Remove VPC button + + + + + remove-vpc.png: button to remove a VPC + + + You can edit the name and description of a VPC. To do that, select the VPC, then click + the Edit button. + + + + + edit-icon.png: button to edit a VPC + + + To restart a VPC, select the VPC, then click the Restart button. + + + + + restart-vpc.png: button to restart a VPC + + + + +