1212 |
1212 |
Now ping the outside world. If this works too, then you have also configured
|
1213 |
1213 |
correctly your physical hosts' networking.
|
1214 |
1214 |
|
1215 |
|
Make sure everything works as expected, before procceding with the Private
|
|
1215 |
Later, Cyclades will create the first NIC of every new VM by issuing an
|
|
1216 |
analogous command. The first NIC of the instance will be the NIC connected to
|
|
1217 |
the Public Network. The ``link`` variable will be set accordingly in the
|
|
1218 |
Cyclades conf files later on the guide.
|
|
1219 |
|
|
1220 |
Make sure everything works as expected, before proceeding with the Private
|
1216 |
1221 |
Networks setup.
|
1217 |
1222 |
|
1218 |
1223 |
Private Networks setup
|
... | ... | |
1221 |
1226 |
Physical hosts' private networks setup
|
1222 |
1227 |
``````````````````````````````````````
|
1223 |
1228 |
|
|
1229 |
At the physical host's level, it is the administrator's responsibility to
|
|
1230 |
configure the network appropriately, according to his/her needs (as for the
|
|
1231 |
Public Network).
|
|
1232 |
|
|
1233 |
However we propose the following setup:
|
|
1234 |
|
|
1235 |
For every possible Private Network we assume a pre-provisioned bridge interface
|
|
1236 |
exists on every host with the same name. Every Private Network will be
|
|
1237 |
associated with one of the pre-provisioned bridges. Then the instance's new NIC
|
|
1238 |
(while connecting to the Private Network) will be connected to that bridge. All
|
|
1239 |
instances' tap interfaces that reside in the same Private Network will be
|
|
1240 |
connected in the corresponding bridge of that network. Furthermore, every
|
|
1241 |
bridge will be connected to a corresponding vlan. So, lets assume that our
|
|
1242 |
Cyclades installation allows for 20 Private Networks to be setup. We should
|
|
1243 |
pre-provision the corresponding bridges and vlans to all the hosts. We can do
|
|
1244 |
this by running on all VM-capable Ganeti nodes (in our case node1 and node2):
|
|
1245 |
|
|
1246 |
.. code-block:: console
|
|
1247 |
|
|
1248 |
# $iface=eth0
|
|
1249 |
# for prv in $(seq 1 20); do
|
|
1250 |
vlan=$prv
|
|
1251 |
bridge=prv$prv
|
|
1252 |
vconfig add $iface $vlan
|
|
1253 |
ifconfig $iface.$vlan up
|
|
1254 |
brctl addbr $bridge
|
|
1255 |
brctl setfd $bridge 0
|
|
1256 |
brctl addif $bridge $iface.$vlan
|
|
1257 |
ifconfig $bridge up
|
|
1258 |
done
|
|
1259 |
|
|
1260 |
The above will do the following (assuming ``eth0`` exists on both hosts):
|
|
1261 |
|
|
1262 |
* provision 20 new bridges: ``prv1`` - ``prv20``
|
|
1263 |
* provision 20 new vlans: ``eth0.1`` - ``eth0.20``
|
|
1264 |
* add the corresponding vlan to the equivelant bridge
|
|
1265 |
|
|
1266 |
You can run ``brctl show`` on both nodes to see if everything was setup
|
|
1267 |
correctly.
|
|
1268 |
|
|
1269 |
Everything is now setup to support the 20 Cyclades Private Networks. Later,
|
|
1270 |
we will configure Cyclades to talk to those 20 pre-provisioned bridges.
|
|
1271 |
|
1224 |
1272 |
Testing the Private Networks
|
1225 |
1273 |
````````````````````````````
|
1226 |
1274 |
|
|
1275 |
To test the Private Networks, we will create two instances and put them in the
|
|
1276 |
same Private Network (``prv1``). This means that the instances will have a
|
|
1277 |
second NIC connected to the ``prv1`` pre-provisioned bridge.
|
|
1278 |
|
|
1279 |
We run the same command as in the Public Network testing section, but with one
|
|
1280 |
more argument for the second NIC:
|
|
1281 |
|
|
1282 |
.. code-block:: console
|
|
1283 |
|
|
1284 |
# gnt-instance add -o snf-image+default --os-parameters
|
|
1285 |
img_passwd=my_vm_example_passw0rd,
|
|
1286 |
img_format=diskdump,
|
|
1287 |
img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump",
|
|
1288 |
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'
|
|
1289 |
-t plain --disk 0:size=2G --no-name-check --no-ip-check
|
|
1290 |
--net 0:ip=pool,mode=routed,link=public_link
|
|
1291 |
--net 1:ip=none,mode=bridged,link=prv1
|
|
1292 |
testvm3
|
|
1293 |
|
|
1294 |
# gnt-instance add -o snf-image+default --os-parameters
|
|
1295 |
img_passwd=my_vm_example_passw0rd,
|
|
1296 |
img_format=diskdump,
|
|
1297 |
img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump",
|
|
1298 |
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'
|
|
1299 |
-t plain --disk 0:size=2G --no-name-check --no-ip-check
|
|
1300 |
--net 0:ip=pool,mode=routed,link=public_link
|
|
1301 |
--net 1:ip=none,mode=bridged,link=prv1
|
|
1302 |
testvm4
|
|
1303 |
|
|
1304 |
Above, we create two instances with their first NIC connected to the Public
|
|
1305 |
Network and their second NIC connected to the first Private Network (``prv1``).
|
|
1306 |
Now, connect to the instances using VNC and make sure everything works as
|
|
1307 |
expected:
|
|
1308 |
|
|
1309 |
a) The instances have access to the public internet through their first eth
|
|
1310 |
interface (``eth0``), which has been automatically assigned a public IP.
|
|
1311 |
|
|
1312 |
b) Setup the second eth interface of the instances (``eth1``), by assigning two
|
|
1313 |
different private IPs (e.g.: ``10.0.0.1`` and ``10.0.0.2``) and the
|
|
1314 |
corresponding netmask. If they ``ping`` each other successfully, then
|
|
1315 |
the Private Network works.
|
|
1316 |
|
|
1317 |
Repeat the procedure with more instances connected in different Private Networks
|
|
1318 |
(``prv{1-20}``), by adding more NICs on each instance. e.g.: We add an instance
|
|
1319 |
connected to the Public Network and Private Networks 1, 3 and 19:
|
|
1320 |
|
|
1321 |
.. code-block:: console
|
|
1322 |
|
|
1323 |
# gnt-instance add -o snf-image+default --os-parameters
|
|
1324 |
img_passwd=my_vm_example_passw0rd,
|
|
1325 |
img_format=diskdump,
|
|
1326 |
img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump",
|
|
1327 |
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'
|
|
1328 |
-t plain --disk 0:size=2G --no-name-check --no-ip-check
|
|
1329 |
--net 0:ip=pool,mode=routed,link=public_link
|
|
1330 |
--net 1:ip=none,mode=bridged,link=prv1
|
|
1331 |
--net 2:ip=none,mode=bridged,link=prv3
|
|
1332 |
--net 3:ip=none,mode=bridged,link=prv19
|
|
1333 |
testvm5
|
|
1334 |
|
|
1335 |
If everything works as expected, then you have finished the Network Setup at the
|
|
1336 |
backend for both types of Networks (Public & Private).
|
|
1337 |
|
1227 |
1338 |
Synnefo RAPI user
|
1228 |
1339 |
~~~~~~~~~~~~~~~~~
|
1229 |
1340 |
|
... | ... | |
1240 |
1351 |
<http://docs.ganeti.org/ganeti/2.5/html/rapi.html#introduction>`_
|
1241 |
1352 |
|
1242 |
1353 |
|
1243 |
|
|
1244 |
|
|
1245 |
|
.. _cyclades-install-rabbitmq:
|
1246 |
|
|
1247 |
|
RabbitMQ
|
1248 |
|
~~~~~~~~
|
1249 |
|
|
1250 |
|
RabbitMQ is used as a generic message broker for cyclades. It should be
|
1251 |
|
installed on two seperate :ref:`QUEUE <QUEUE_NODE>` nodes in a high availability
|
1252 |
|
configuration as described here:
|
1253 |
|
|
1254 |
|
http://www.rabbitmq.com/pacemaker.html
|
1255 |
|
|
1256 |
|
The values set for the user and password must be mirrored in the
|
1257 |
|
``RABBIT_*`` variables in your settings, as managed by
|
1258 |
|
:ref:`snf-common <snf-common>`.
|
1259 |
|
|
1260 |
|
.. todo:: Document an active-active configuration based on the latest version
|
1261 |
|
of RabbitMQ.
|
1262 |
|
|
1263 |
1354 |
.. _cyclades-install-vncauthproxy:
|
1264 |
1355 |
|
1265 |
1356 |
vncauthproxy
|