Versions Compared

Old Version 11

changes.mady.by.user MS

Saved on

compared with

New Version 12

changes.mady.by.user MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 6.0.0 - release -

...

The GCP integration supports static external IPs and ephemeral external IPs. By default, for public IPs, when users create a public IP with Abiquo's Google Cloud Platform integration, it is a static external IP. Abiquo can onboard ephemeral external IPs as ephemeral public IPs. When When the user undeploys a VM, the provider will delete the ephemeral public IP addresses.

The GCP integration has the following limitations with replacing subnet IPs:

  • Users cannot change from one IP to another IP in the same subnet. As a workaround, you can change to another network, and then go back to the original network with a new IP.
  • Abiquo does not support Ephemeral public IPs, so you cannot onboard or replace these IPs
  • Google supports this model: 1 VNIC is 1 subnet IP and 1 external/public IP. If there is an ephemeral public IP in the VM, then the user will not be able to reconfigure and add public IPs.


...

Firewall policies

Abiquo 5.4 introduces supports Firewall policies for Google Cloud Platform (GCP). Abiquo firewall policies are GCP Firewall rules and they belong to VPC networks (Abiquo global networks), so administrators can manage firewalls in the myCloudGlobal view. After administrators onboard global networks from GCP, they can onboard firewalls too. Abiquo also enables users to assign firewalls to virtual datacenters, so administrators can recommend firewalls and set a default firewall for a virtual datacenter. 

The first version of the GCP integration did not allow the user to manage firewall polices and it automatically managed Google Cloud Platform integration automatically creates a firewall rule for each global network to allow remote access to the VM. By default the rule was is called  "abq-fw-ssh-rdp-" + the SHA1 encryption of the global network name.  The GCP integration may onboard these rules from previous versions.In previous versions, Abiquo automatically assigned the firewall to VMs. Now the user must assign the firewall. The administrator can set a default firewall for a virtual datacenter. If the user doesn't assign a firewall, Abiquo will automatically assign the default firewall to VMs.

Users can create a firewall policy in the myCloud view in Virtual datacenters or in the Global view, which requires the privilege to Manage global networks. Users should be aware of the limitations on firewall names as for other entities in GCP. See GCP entity naming conventions. Users must select a firewall direction (incoming or outgoing) and enter a source or target in CIDR format. Users must also select allow or deny for the firewall type. Users must enter a priority, and for a higher priority, users should enter a lower number. There is no default in Abiquo but in GCP the default is 1000. Users can also enable Firewall rule logging in GCP. See Create a firewall policy in GCP. 

When users configure a VM, if they have the privilege to Assign firewalls to virtual machines, the platform displays all the tenant's GCP firewall policies that are managed by Abiquo. So the user experience here is very similar to the user experience in other public cloud providers. If users do not have the privilege to Assign firewalls to virtual machines, then Abiquo will enforce the default firewall. 


...


Load balancers

Abiquo supports load balancers in GCP. For more details see Abiquo and Google Cloud Platform load balancers.



...


Volumes

The GCP integration supports external storage volumes, which are zonal persistent disks. For more details, see https://cloud.google.com/compute/docs/disks#disk-types. . Users must select an Availability zone for the volume and then add their VM to the same zone. As always, when users edit VMs, they can go to the Storage tab and drag volumes into the VM.

...

The user can also configure their VM NICs by dragging and IP addresses into the Network configuration. At this point, they can also add new IP addresses in the available networks, including automatically generated IPs. Remember that in GCP each VM must have an IP in a subnet. To be able to connect to the VM, users must add a public IP address. Remember to add a Abiquo will automatically manage the firewall for remote access.

...

In GCP, the platform creates VMs with the VM name (ABQ_uuid) and they have a label with user's friendly name. But the platform identifies onboarded VMs by the name. So you cannot onboard a VM with a duplicate name from a Google Cloud region, even if it is in a different tenant. Abiquo will shortly start to identify the VM using the provider ID.


...


Tags

Abiquo creates tags as labels in GCP. See https://cloud.google.com/resource-manager/docs/creating-managing-labels. You can apply Abiquo tag policies to Abiquo tags in Google Cloud Platform. Google recommends that you do not store sensitive information using labels.