Revision 5f7b2eda
b/docs/design/cyclades-networking.rst | ||
---|---|---|
6 | 6 |
======== |
7 | 7 |
|
8 | 8 |
A Cyclades network is a virtual network that can be, depending on it's Network |
9 |
Flavor, either an isolated Layer-2 broadcast domain or an Layer-3 network.
|
|
9 |
Flavor, either an isolated Layer-2 broadcast domain or a Layer-3 network. |
|
10 | 10 |
Networks can either be private or public. Private networks are reserved for the |
11 | 11 |
user who created it, while public networks are created by the administrator and |
12 | 12 |
are visible to all users. Also, networks can be marked with the |
13 | 13 |
`--router:external` attribute to indicate that are external networks (public |
14 |
interner)
|
|
14 |
internet)
|
|
15 | 15 |
|
16 | 16 |
Currently there are four available Networks Flavors: |
17 | 17 |
|
... | ... | |
28 | 28 |
The attributes for network objects are the following: |
29 | 29 |
|
30 | 30 |
* id: A string represeting the UUID for the network. |
31 |
* name: A human readable name |
|
31 |
* name: A human readable name.
|
|
32 | 32 |
* status: String represetng the state of the network. Possible values for the |
33 |
state include: ACTIVE, DOWN, BUILD, ERROR |
|
34 |
* subnets: List of subnet UUIDs that are associated with this network |
|
33 |
state include: ACTIVE, DOWN, BUILD, ERROR.
|
|
34 |
* subnets: List of subnet UUIDs that are associated with this network.
|
|
35 | 35 |
* public: Whether network is visible to other users or not. |
36 | 36 |
* user_id/tenant_id: The UUID of the owner of the network. |
37 | 37 |
* admin_state_up: Boolean value indicating the administrative state of the |
... | ... | |
48 | 48 |
URI: /networks |
49 | 49 |
|
50 | 50 |
The body of the request must contain the 'type' of the network. Also it can |
51 |
a 'name' attribute. |
|
51 |
contain a 'name' attribute.
|
|
52 | 52 |
|
53 | 53 |
List Networks |
54 | 54 |
^^^^^^^^^^^^^ |
... | ... | |
62 | 62 |
|
63 | 63 |
METHOD: GET |
64 | 64 |
|
65 |
URI: /networks/$(network_id)
|
|
65 |
URI: /networks/$(network_id) |
|
66 | 66 |
|
67 | 67 |
Example response: |
68 | 68 |
|
... | ... | |
97 | 97 |
|
98 | 98 |
URI: /networks/$(network_id) |
99 | 99 |
|
100 |
The network can not be deleted if there are any Ports connected to it or
|
|
100 |
The network cannot be deleted if there are any Ports connected to it or |
|
101 | 101 |
any FloatingIPs reserved from this network. The subnets that are connected |
102 | 102 |
to this network are automatically deleted upon network deletion. |
103 | 103 |
|
... | ... | |
115 | 115 |
======= |
116 | 116 |
|
117 | 117 |
A subnet represents L3-Layer characteristics of the network that is |
118 |
associated with. Specifically it represents an IP address block that is |
|
119 |
used it assign addresses to virtual machines. A subnet is associated with
|
|
120 |
a network when created. |
|
118 |
associated with. Specifically, it represents an IP address block that is
|
|
119 |
used in order to assign addresses to virtual machines. A subnet is associated
|
|
120 |
with a network when created.
|
|
121 | 121 |
|
122 | 122 |
|
123 | 123 |
The attributes for subnet objects are the following: |
124 | 124 |
|
125 | 125 |
* id: A string represeting the UUID for the subnet. |
126 |
* name: A human readable name |
|
126 |
* name: A human readable name.
|
|
127 | 127 |
* network_id: The UUID of the network that the subnet is associated with. |
128 |
* ip_version: The IP version of the subnet. Can either be 4 or 6. |
|
129 |
* cidr: cidr representing IP range for this subnet, based on the IP version |
|
128 |
* ip_version: The IP version of the subnet. Can either be 4 or 6, default is 4.
|
|
129 |
* cidr: cidr representing IP range for this subnet, based on the IP version.
|
|
130 | 130 |
* gateway: Default gateway used by devices in this subnet. If not specified |
131 | 131 |
the gateway will be the first available IP address. Set to None in order to |
132 | 132 |
get no gateway. |
133 | 133 |
* enable_dhcp(CR): Boolean value indicating whether nfdhcpd is enabled for this |
134 |
subnet or not .
|
|
134 |
subnet or not. |
|
135 | 135 |
* allocation_pools(CR): Subranges of cidr available for dynamic allocation. |
136 | 136 |
A list of dictionaries of the form {"start": "192.168.2.0", "end": 192.168.2.10"} |
137 | 137 |
* user_id/tenant_id: The UUID of the owner of the network. |
138 |
* host_routes(R): List of routes that should be used by devices with IPs from this
|
|
139 |
subnet
|
|
138 |
* host_routes(R): List of routes that should be used by devices with IPs from |
|
139 |
this subnet.
|
|
140 | 140 |
* dns_nameservers(R): List of DNS name servers used by hosts in this subnet. |
141 | 141 |
|
142 | 142 |
Note: 'host_routes' and 'dns_nameservers' is used only for compatibility with |
... | ... | |
150 | 150 |
|
151 | 151 |
URI: /subnets/ |
152 | 152 |
|
153 |
To create a subnet the used must specify the network_id and the cidr for the
|
|
154 |
subnet. If the CIDR is IPv6 subnet, the user must set the ip_version to 6. |
|
153 |
To create a subnet the user must specify the network_id and the cidr for the
|
|
154 |
subnet. If the CIDR is an IPv6 subnet, the user must set the ip_version to 6.
|
|
155 | 155 |
If allocation pools overlap, or gateway overlaps with allocation_pools then 409 |
156 | 156 |
conflict is returned. |
157 | 157 |
|
158 |
Finally, the user can create maximum 1 subnet of each ip_version, meaning that |
|
159 |
a network can have no subnets, or one IPv4 subnet or one IPv6 subnet, or one |
|
160 |
IPv4 and one IPv6 subnet. Also the user can not create a subnet for a network |
|
161 |
that has or had a port connected to it. |
|
158 |
Finally, the user can create maximum one subnet of each ip_version, meaning |
|
159 |
that a network can have no subnets, or one IPv4 subnet or one IPv6 subnet, or |
|
160 |
one IPv4 and one IPv6 subnet. Also the user cannot create a subnet for a |
|
161 |
network that has or had a port connected to it. |
|
162 |
|
|
163 |
Note: Bulk creation of subnets, is not supported. |
|
162 | 164 |
|
163 | 165 |
List user subnets |
164 | 166 |
^^^^^^^^^^^^^^^^^ |
... | ... | |
231 | 233 |
Ports |
232 | 234 |
===== |
233 | 235 |
|
234 |
A port represent a virtual switch port on a network switch. Virtual machines |
|
235 |
attach their interefaces to ports. A port that is connected to a network
|
|
236 |
A port represents a virtual switch port on a network switch. Virtual machines
|
|
237 |
attach their interfaces to ports. A port that is connected to a network |
|
236 | 238 |
gets an IP address for each subnet that is associated with the network. If the |
237 | 239 |
network has no subnets, then the port will have no IP. |
238 | 240 |
|
239 | 241 |
The attributes for port objects are the following: |
240 | 242 |
|
241 |
* id: A string represeting the UUID for the port. |
|
243 |
* id: A string representing the UUID for the port.
|
|
242 | 244 |
* network_id: The UUID of the network that this port is associated with. |
243 |
* name: A human readable name |
|
245 |
* name: A human readable name.
|
|
244 | 246 |
* status: String represetng the state of the port. Possible values for the |
245 |
state include: ACTIVE, DOWN, BUILD, ERROR |
|
246 |
* mac_address: MAC address |
|
247 |
state include: ACTIVE, DOWN, BUILD, ERROR.
|
|
248 |
* mac_address: MAC address.
|
|
247 | 249 |
* fixed_ips(R): List of dictionaries subnet_id->ip_address. |
248 |
* device_id(CR): Device using this port (VM id or Router id) |
|
250 |
* device_id(CR): Device using this port (VM id or Router id).
|
|
249 | 251 |
* device_owner(CR): Entity using this port. e.g network:router, |
250 |
network:router_gateway |
|
252 |
network:router_gateway.
|
|
251 | 253 |
* user_id/tenant_id: The UUID of the owner of the port. |
252 |
* security_groups(CRUD): List of security groups IDs associated with this port |
|
254 |
* security_groups(CRUD): List of security groups IDs associated with this port.
|
|
253 | 255 |
* admin_state_up: Boolean value indicating the administrative state of the |
254 | 256 |
port. If 'down' the port does not forward packets. |
255 | 257 |
|
... | ... | |
274 | 276 |
The port will not have a MAC address and an IPv6 address until the |
275 | 277 |
corresponding NIC goes to ACTIVE state. This will be fixed when Cyclades |
276 | 278 |
will do MAC allocation. If MAC allocation is implemented, we will also |
277 |
be able to create a Port without specified a device_id.
|
|
279 |
be able to create a Port without specifying a device_id.
|
|
278 | 280 |
|
279 | 281 |
List ports |
280 | 282 |
^^^^^^^^^^^^^ |
... | ... | |
340 | 342 |
============================== |
341 | 343 |
|
342 | 344 |
Creation of a network corresponds to only creating a Network object in Cyclades |
343 |
DB. Also, creation of a subnet corresponds to creation of a Subnet in Cyclades |
|
345 |
the DB. Also, creation of a subnet corresponds to creation of a Subnet in Cyclades
|
|
344 | 346 |
DB and the corresponding allocation pools. The Ganeti network will only be |
345 | 347 |
created in the Ganeti backend when a port is connected to this network. |
346 |
Updating fields of Ganeti networks is really hard (e.g. changing the dhcp |
|
347 |
option) or impossible (e.g. changing the subnet). For this reason, if the |
|
348 |
Updating fields of Ganeti networks is really hard (e.g., changing the dhcp
|
|
349 |
option) or impossible (e.g., changing the subnet). For this reason, if the
|
|
348 | 350 |
network has been created in a Ganeti backend, then it will be marked as |
349 | 351 |
read-only! |
350 | 352 |
|
351 |
A port is directly mapped to a Ganeti NIC. The port will be created in DB in
|
|
353 |
A port is mapped to a Ganeti NIC directly. The port will be created in DB in the
|
|
352 | 354 |
"BUILD" state and an OP_INSTANCE_MODIFY will be issued to Ganeti to create the |
353 | 355 |
NIC in the specified VM. When the job successfully completes, the NIC will be |
354 |
updated in DB to state "ACTIVE". Also the MAC address that was allocated from |
|
355 |
Ganeti will be stored in the updated NIC. |
|
356 |
updated to state "ACTIVE" in the DB. Also the MAC address that was allocated |
|
357 |
from Ganeti will be stored in the updated NIC. |
Also available in: Unified diff