From d50141d26831e01eb878af5cc011aaa748166058 Mon Sep 17 00:00:00 2001 From: Radhika PC Date: Thu, 4 Oct 2012 11:42:25 +0530 Subject: [PATCH] doc files for inter vlan routing --- docs/en-US/add-gateway-vpc.xml | 104 ++++++++++++++ docs/en-US/add-tier.xml | 89 ++++++++++++ docs/en-US/add-vm-to-tier.xml | 45 ++++++ docs/en-US/add-vpc.xml | 75 ++++++++++ docs/en-US/configure-acl.xml | 139 +++++++++++++++++++ docs/en-US/delete-reset-vpn.xml | 89 ++++++++++++ docs/en-US/enable-disable-static-nat-vpc.xml | 97 +++++++++++++ docs/en-US/images/remove-vpc.png | Bin 0 -> 815 bytes docs/en-US/images/remove-vpn.png | Bin 0 -> 735 bytes docs/en-US/images/reset-vpn.png | Bin 0 -> 860 bytes docs/en-US/release-ip-for-vpc.xml | 80 +++++++++++ docs/en-US/remove-tier.xml | 55 ++++++++ docs/en-US/remove-vpc.xml | 68 +++++++++ 13 files changed, 841 insertions(+) create mode 100644 docs/en-US/add-gateway-vpc.xml create mode 100644 docs/en-US/add-tier.xml create mode 100644 docs/en-US/add-vm-to-tier.xml create mode 100644 docs/en-US/add-vpc.xml create mode 100644 docs/en-US/configure-acl.xml create mode 100644 docs/en-US/delete-reset-vpn.xml create mode 100644 docs/en-US/enable-disable-static-nat-vpc.xml create mode 100644 docs/en-US/images/remove-vpc.png create mode 100644 docs/en-US/images/remove-vpn.png create mode 100644 docs/en-US/images/reset-vpn.png create mode 100644 docs/en-US/release-ip-for-vpc.xml create mode 100644 docs/en-US/remove-tier.xml create mode 100644 docs/en-US/remove-vpc.xml diff --git a/docs/en-US/add-gateway-vpc.xml b/docs/en-US/add-gateway-vpc.xml new file mode 100644 index 00000000000..616794a51d1 --- /dev/null +++ b/docs/en-US/add-gateway-vpc.xml @@ -0,0 +1,104 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding a Private Gateway to a VPC + A private gateway can be added by the root admin only. The VPC private network has 1:1 + relationship with the NIC of the physical network. No gateways with duplicated VLAN and IP are + allowed in the same data center. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to configure load balancing + rules. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Private Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select Private Gateways. + The Gateways page is displayed. + + + Click Add new gateway: + + + + + + add-new-gateway-vpc.png: adding a private gateway for the VPC. + + + + + Specify the following: + + + Physical Network: The physical network you have + created in the zone. + + + IP Address: The IP address associated with the VPC + gateway. + + + Gateway: The gateway through which the traffic is + routed to and from the VPC. + + + Netmask: The netmask associated with the VPC + gateway. + + + VLAN: The VLAN associated with the VPC + gateway. + + + The new gateway appears in the list. You can repeat these steps to add more gateway for + this VPC. + + +
diff --git a/docs/en-US/add-tier.xml b/docs/en-US/add-tier.xml new file mode 100644 index 00000000000..6beaab2a151 --- /dev/null +++ b/docs/en-US/add-tier.xml @@ -0,0 +1,89 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding Tiers + Tiers are distinct locations within a VPC that act as isolated networks, which do not have + access to other tiers by default. Tiers are set up on different VLANs that can communicate with + each other by using a virtual router. Tiers provide inexpensive, low latency network + connectivity to other tiers within the VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPC that you have created for the account is listed in the page. + + The end users can see their own VPCs, while root and domain admin can see any VPC they + are authorized to see. + + + + Click the Configure button of the VPC for which you want to set up tiers. + The Add new tier dialog is displayed, as follows: + + + + + + add-tier.png: adding a tier to a vpc. + + + If you have already created tiers, the VPC diagram is displayed. Click Create Tier to + add a new tier. + + + Specify the following: + All the fields are mandatory. + + + Name: A unique name for the tier you create. + + + Network Offering: The following default network + offerings are listed: DefaultIsolatedNetworkOfferingForVpcNetworksNoLB, + DefaultIsolatedNetworkOfferingForVpcNetworks + In a VPC, only one tier can be created by using LB-enabled network offering. + + + Gateway: The gateway for the tier you create. + Ensure that the gateway is within the Super CIDR range that you specified while creating + the VPC, and is not overlapped with the CIDR of any existing tier within the VPC. + + + Netmask: The netmask for the tier you create. + For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is + 10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is + 255.255.255.0. + + + + + Click OK. + + + Continue with configuring access control list for the tier. + + +
diff --git a/docs/en-US/add-vm-to-tier.xml b/docs/en-US/add-vm-to-tier.xml new file mode 100644 index 00000000000..e401eed2656 --- /dev/null +++ b/docs/en-US/add-vm-to-tier.xml @@ -0,0 +1,45 @@ + + +%BOOK_ENTITIES; +]> + +
+ Deploying VMs to the Tier + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed. + + + Click the Add VM button of the tier for which you want to add a VM. + The Add Instance page is displayed. + Follow the on-screen instruction to add an instance. For information on adding an + instance, see Adding Instances section in the Installation Guide. + + +
diff --git a/docs/en-US/add-vpc.xml b/docs/en-US/add-vpc.xml new file mode 100644 index 00000000000..8c088a0e1fd --- /dev/null +++ b/docs/en-US/add-vpc.xml @@ -0,0 +1,75 @@ + + +%BOOK_ENTITIES; +]> + +
+ Adding a Virtual Private Cloud + When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC + network address space. You specify this set of addresses in the form of a Classless Inter-Domain + Routing (CIDR) block. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + + + Click Add VPC. The Add VPC page is displayed as follows: + + + + + + add-vpc.png: adding a vpc. + + + Provide the following information: + + + Name: A short name for the VPC that you are + creating. + + + Description: A brief description of the VPC. + + + Zone: Choose the zone where you want the VPC to be + available. + + + Super CIDR for Guest Networks: Defines the CIDR + range for all the tiers (guest networks) within a VPC. When you create a tier, ensure + that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918 + compliant. + + + DNS domain for Guest Networks: If you want to + assign a special domain name, specify the DNS suffix. This parameter is applied to all + the tiers within the VPC. That implies, all the tiers you create in the VPC belong to + the same DNS domain. If the parameter is not specified, a DNS domain name is generated + automatically. + + + + +
diff --git a/docs/en-US/configure-acl.xml b/docs/en-US/configure-acl.xml new file mode 100644 index 00000000000..299196c5502 --- /dev/null +++ b/docs/en-US/configure-acl.xml @@ -0,0 +1,139 @@ + + +%BOOK_ENTITIES; +]> + +
+ Configuring Access Control List + Define Network Access Control List (ACL) on the VPC virtual router to control incoming + (ingress) and outgoing (egress) traffic between the VPC tiers, and the tiers and Internet. By + default, all incoming and outgoing traffic to the guest networks is blocked. To open the ports, + you must create a new network ACL. The network ACLs can be created for the tiers only if the + NetworkACL service is supported. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select Network ACLs. + The Network ACLs page is displayed. + + + Click Add Network ACLs. + To add an ACL rule, fill in the following fields to specify what kind of network traffic + is allowed in this tier. + + + CIDR: The CIDR acts as the Source CIDR for the + Ingress rules, and Destination CIDR for the Egress rules. To accept traffic only from or + to the IP addresses within a particular address block, enter a CIDR or a comma-separated + list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, + 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0. + + + Protocol: The networking protocol that sources use + to send traffic to the tier. The TCP and UDP protocols are typically used for data + exchange and end-user communications. The ICMP protocol is typically used to send error + messages or network monitoring data. + + + Start Port, End + Port (TCP, UDP only): A range of listening ports that are the destination + for the incoming traffic. If you are opening a single port, use the same number in both + fields. + + + Select Tier: Select the tier for which you want to + add this ACL rule. + + + ICMP Type, ICMP + Code (ICMP only): The type of message and error code that will be + sent. + + + Traffic Type: Select the traffic type you want to + apply. + + + Egress: To add an egress rule, select Egress + from the Traffic type drop-down box and click Add. This specifies what type of + traffic is allowed to be sent out of VM instances in this tier. If no egress rules + are specified, all traffic from the tier is allowed out at the VPC virtual router. + Once egress rules are specified, only the traffic specified in egress rules and the + responses to any traffic that has been allowed in through an ingress rule are + allowed out. No egress rule is required for the VMs in a tier to communicate with + each other. + + + Ingress: To add an ingress rule, select Ingress + from the Traffic type drop-down box and click Add. This specifies what network + traffic is allowed into the VM instances in this tier. If no ingress rules are + specified, then no traffic will be allowed in, except for responses to any traffic + that has been allowed out through an egress rule. + + + + By default, all incoming and outgoing traffic to the guest networks is blocked. To + open the ports, create a new network ACL. + + + + + + Click Add. The ACL rule is added. + To view the list of ACL rules you have added, click the desired tier from the Network + ACLs page, then select the Network ACL tab. + + + + + + network-acl.png: adding, editing, deleting an ACL rule. + + + You can edit the tags assigned to the ACL rules and delete the ACL rules you have + created. Click the appropriate button in the Actions column. + + +
diff --git a/docs/en-US/delete-reset-vpn.xml b/docs/en-US/delete-reset-vpn.xml new file mode 100644 index 00000000000..318e5fe321e --- /dev/null +++ b/docs/en-US/delete-reset-vpn.xml @@ -0,0 +1,89 @@ + + +%BOOK_ENTITIES; +]> + +
+ Restarting and Removing a VPN Connection + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ASLs + + + + + Select Site-to-Site VPN. + The Site-to-Site VPN page is displayed. + + + From the Select View drop-down, ensure that VPN Connection is selected. + All the VPN connections you created are displayed. + + + Select the VPN connection you want to work with. + The Details tab is displayed. + + + To remove a VPN connection, click the Delete VPN connection button + + + + + remove-vpn.png: button to remove a VPN connection + + + To restart a VPN connection, click the Reset VPN connection button present in the + Details tab. + + + + + reset-vpn.png: button to reset a VPN connection + + + + +
diff --git a/docs/en-US/enable-disable-static-nat-vpc.xml b/docs/en-US/enable-disable-static-nat-vpc.xml new file mode 100644 index 00000000000..17f0c10540f --- /dev/null +++ b/docs/en-US/enable-disable-static-nat-vpc.xml @@ -0,0 +1,97 @@ + + +%BOOK_ENTITIES; +]> + +
+ Enabling or Disabling Static NAT on a VPC + A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to + allow Internet traffic to it. This section tells how to enable or disable static NAT for a + particular IP address in a VPC. + If port forwarding rules are already in effect for an IP address, you cannot enable static + NAT to that IP. + If a guest VM is part of more than one network, static NAT rules will function only if they + are defined on the default network. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC to which you want to deploy the VMs. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select IP Addresses. + The IP Addresses page is displayed. + + + Click the IP you want to work with. + + + In the Details tab,click the Static NAT button. + + + + + enable-disable.png: button to enable Statid NAT. + + The button toggles between Enable and Disable, depending on whether + static NAT is currently enabled for the IP address. + + + If you are enabling static NAT, a dialog appears as follows: + + + + + + select-vmstatic-nat.png: selecting a tier to apply staticNAT. + + + + + Select the tier and the destination VM, then click Apply. + + +
diff --git a/docs/en-US/images/remove-vpc.png b/docs/en-US/images/remove-vpc.png new file mode 100644 index 0000000000000000000000000000000000000000..aa9846cfd9bfd7cf6e626c856604adb0231f5a3b GIT binary patch literal 815 zcmV+~1JL}5P)X0ssI2LSV8^00001b5ch_0Itp) z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0>nu~K~zXft(9v} z+E5&a`z5z*-tTeQ8>db--v{pbYpdweJ-(i2& zmlT%FCeMqLp7VRo$@!h6NIc2eF#P#!?^)N@H$Bv8u~aTqsz~kODSK0vgk*}hyT}6< z(ePI5k5~D73E8t^G{Yg)+G8eHln~M%b`gH0Qhi8Y-%1E|Mq~I1Qm)i5vjqw9f!7^G zO65A2$xDbYNIQuja$l;kDPBT6r?G~&SgJ6W*;d%>&aR$*bZ&uWQo@>Of}2*My?uku zBSJLg2}By+yJ9(UkrBo6(>^pj+S$|h;#J4IRxhl9Jzl=gV<0(YNnq(_`aP9o@Z)x)pRz3&ydDDfkFeut#%{I0-d+yS*#X$xBh9G_(25 zpis>M;2Ibn?H?R@Hz`x7HPfnDqsbhjndYF|caGtwNWO3viX}yf#94+*ZyQY@0=4X; zQYKfyST&g&Mpop1eY^DZpvq5VctP@P(1{%$px%tC3x z3y~|;&EA6}kHh6{=e1aEa>a}wHSC&ME(L7u7zMRbjlxc1UebQ(Y3HRAtef;LEa`WQ zrUY{#D4?;;ErV9Kd=d!4Sj6ih>=@C`3z=Ag;qwJ9eFfDE3K*m^+3Q>(LMKIAf&axm z=KhDbRi$mdI}UNX6PMom;}_=k!uxIg&i>=DI7#W&Hu&6)WM0x2u~*^ tLHe}%FVAOVYuDyDytyq_>ksgs{{s*fW(qxYbS?k@002ovPDHLkV1fZdctQXG literal 0 HcmV?d00001 diff --git a/docs/en-US/images/remove-vpn.png b/docs/en-US/images/remove-vpn.png new file mode 100644 index 0000000000000000000000000000000000000000..27145cebbc70cd07c7358995151f276569cc08e0 GIT binary patch literal 735 zcmV<50wDc~P)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0(414K~zXft(03& z8bKI_=TEk2MFkHSn%-Eo(sEwWa#owhG{GtqNGYYILbWT)K@lyoEU@cx5IIzllg9ps zesnKcxalU(#bjsRXD0Jb7G?9SKZyT7J8s|RmOTMp5X_hJRvhj9HDtrD?uAE<39-9!G zEbG{+5p?s5%kUAVV1vP6_$Y<0Z(3Bozza#y_74t~W(5Gzv{W`VGxuUiuF~q2niZ$Z zlcDIr;9=|x)f+ddOrDo?mZ90wj?)De@XBASy z<2ZT7n+oAkRIS#NztX%MM&l|qHZGoCTvosVwg04Qt$tzY6+8({{{|072ZO<%Bc%qD z6}s*>16^tLo=-l9%fq$Ay$6L_J1E^dh>SX^*XLKLbez%g(ZjGsV0+iedDU7Bw&9Z! zqoh=hIV55Rvvt?$%F!2G9xAeLJB$|FQ6dRr9x42!N8Bj{GC8_hZ?L6HD4NT|pjfV4 z)f#Ck&)Y=*&p%o^tiuuCzyH96mwx^l6j+KAam(g=!K6ei;rkY}Y;2`S>Mx&)`~?;a R*6#oS002ovPDHLkV1iG*OS%96 literal 0 HcmV?d00001 diff --git a/docs/en-US/images/reset-vpn.png b/docs/en-US/images/reset-vpn.png new file mode 100644 index 0000000000000000000000000000000000000000..04655dc37ada249faf43d58b9628357ed7b649c8 GIT binary patch literal 860 zcmV-i1Ec(jP)X0ssI2saFY200001b5ch_0Itp) z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D0`W;iK~zXf<&;@Z zT2T~*@4su)m!|1MHA+e4Szj^x(F@d$(J>ht!NApw3=JLtpDyZJLPhDQO6Hn!JdJ~>N8W@5hP?&KP z204Mn6J|8qd!W?O@+4Xv9;r+T-PD^uvxRmJbOzW69F9bj$aDsaOQtcgQ-l#X^3x!U z!&?kRlO0_x(Q0?E$rMoS<~EVex8w1L6{<}dV~#b)V{;aG{ADh0iArZpO_PRTqY{}i zlE`#40`csJOCps+)mkH-%C(csT;&R7v(>&R5YMvbcXqY@U|6}a1>S%_q##jPlf}`| z2t>2hxeB5y)p{(M?Z#!kE<$7?5h$PbX~53 zjq5=?l?C$}O=qAdnn-W&YC$w{h9;3Jy15Le7V(M%Di%xrP~;gFoAayo8%WU`OrR8w zC8CK`t4FR>gB>SRXTi;FH@1``!--HN2GQ64Q1}_z{lkI5;rAatj=~W-z2T_}JY*`P z6}`8A&~9ugM+W1+=tA+@7Yskc?eWj^mvHzmV~7b1W=grCIn?RZnr%Fuh{oaROb(AP zaJW3}#+LH^*tjh05*@gR*qv_ff`CF}qA-)-f{%=i4}Ts*qHz>Di^=95pPUB6(bq(K z0~g^~(&0K6t*lWQYyycgIZXsBcm@~TaAJ + +%BOOK_ENTITIES; +]> + +
+ Releasing an IP Address Alloted to a VPC + The IP address is a limited resource. If you no longer need a particular IP, you can + disassociate it from its VPC and return it to the pool of available addresses. An IP address can + be released from its tier, only when all the networking ( port forwarding, load balancing, or + StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to + the same VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Click the Configure button of the VPC whose IP you want to release. + The VPC page is displayed where all the tiers you created are listed in a + diagram. + + + Click the Settings icon. + The following options are displayed. + + + IP Addresses + + + Gateways + + + Site-to-Site VPN + + + Network ACLs + + + + + Select IP Addresses. + The IP Addresses page is displayed. + + + Click the IP you want to release. + + + In the Details tab, click the Release IP button + + + + + release-ip-icon.png: button to release an IP. + + + + +
diff --git a/docs/en-US/remove-tier.xml b/docs/en-US/remove-tier.xml new file mode 100644 index 00000000000..b5996eb2de3 --- /dev/null +++ b/docs/en-US/remove-tier.xml @@ -0,0 +1,55 @@ + + +%BOOK_ENTITIES; +]> + +
+ Removing Tiers + You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed, + only the resources of the tier are expunged. All the network rules (port forwarding, load + balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address + still be belonging to the same VPC. + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPC that you have created for the account is listed in the page. + + + Click the Configure button of the VPC for which you want to set up tiers. + The Configure VPC page is displayed. Locate the tier you want to work with. + + + Click the Remove VPC button: + + + + + + remove-tier.png: removing a tier from a vpc. + + + Wait for some time for the tier to be removed. + + +
diff --git a/docs/en-US/remove-vpc.xml b/docs/en-US/remove-vpc.xml new file mode 100644 index 00000000000..c5eff850fd3 --- /dev/null +++ b/docs/en-US/remove-vpc.xml @@ -0,0 +1,68 @@ + + +%BOOK_ENTITIES; +]> + +
+ Editing, Restarting, and Removing a Virtual Private Cloud + + Ensure that all the tiers are removed before you remove a VPC. + + + + Log in to the &PRODUCT; UI as an administrator or end user. + + + In the left navigation, choose Network. + + + In the Select view, select VPC. + All the VPCs that you have created for the account is listed in the page. + + + Select the VPC you want to work with. + + + To remove, click the Remove VPC button + + + + + remove-vpc.png: button to remove a VPC + + + You can edit the name and description of a VPC. To do that, select the VPC, then click + the Edit button. + + + + + edit-icon.png: button to edit a VPC + + + To restart a VPC, select the VPC, then click the Restart button. + + + + + restart-vpc.png: button to restart a VPC + + + + +