Bangalore CloudStack Users Group Meetup

April 18th 2013, 5:30PM OnwardsCentre For Internet & Society

http://www.meetup.com/CloudStack-Bangalore-Group/

An Introduction To CloudStack Networking

Cloudstack Bangalore Users GroupApril 18th 2013

Shanker BalanManaging Consultant

shanker.balan@shapeblue.com

About ShapeBlue

“ShapeBlue are expert builders of public & private clouds. They are the leading global CloudStack / CloudPlatform integrator &

consultancy”

“An Introduction To CloudStack Networking”

L2 Basic NetworkL3 Advanced

NetworkManagement

TrafficStorage TrafficGuest TrafficPublic Traffic

Virtual RouterElastic IP

NATElastic Load

BalancerVPN

Security GroupsIP FirewallStatic NAT

DNSDHCP

Inter VLAN Routing

Virtual Private CloudVPC

Port ForwardingVLAN

Virtual RouterInterface BondingExternal Devices

…

Basic ScopingBusiness Size Business

Unit(s)IT Team(s) IT Team Size User Base

SizeNetwork Model

Small One One Small Small Fully Shared

Small One One Small Medium Fully Shared

Medium One Many Medium Medium Fully Isolated

Medium Many Many Medium Medium Fully Isolated

Large Many Many Large Large Fully Isolated

CloudStack Physical Networking

Shared Network (Basic Network)

• L2 Switching Fabric• Fully shared L2 Layer• “Security Groups” for traffic

isolation• Simple• Easy to scale• Inexpensive L2 Switches• Aka “Basic Zone”

Isolated Network (Advanced Network)

• L3 Switching Fabric• Fully Isolated L3 VLAN• VLANs provide isolation• Complex to setup and

operate• Not so easy to scale• Expensive L3 Switches• Aka “Advanced Zone”

Network Traffic Types

Basic Network Advanced Network

Network Traffic TypesTraffic Type Basic

NetworkAdvanced Network

Purpose

Management Yes Yes Traffic between Cloudstack components

Storage Yes Yes Traffic between primary and secondary storage

Guest Yes Yes Traffic between VMs

Public No Yes Traffic between VMs and the Internet

It is highly recommended to assign the different traffic types to different dedicated NICs on the Hypervisor, and also to use NIC Bonding where possible.

IP Addressing

Basic Network• One Large Shared Subnet

– Management Traffic– Storage Traffic– Guest Traffic

Advance Network• Management Traffic Subnet• Guest Traffic Subnet• Public Traffic Subnet

(routable ISP provided subnet)

• VLAN ID for guest traffic

Basic Zone Deployment

Advanced Zone Deployment

Feature ComparisonNetwork Feature Basic Network Advanced Network

Number Of Networks Single Network Multiple Networks

Load Balancer Physical Physical & Virtual

VPN Support No Yes

Port Forwarding Physical Physical & Virtual

1:1 NAT Physical Physical & Virtual

Source NAT No Physical & Virtual

Summary

• Basic Network– Simple Design– Simple To Build– Limited features

• Advanced Network– Complex Design– Complex To Build– Advanced Features

• Blog Post– http://www.shapeblue.com/2012/05/01/cloudstack-

networking-considerations/

Thank You

Q & A Session