Versions Compared

Version Old Version 1 New Version 2
Changes made by

MS

MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

This section describes the VLAN Network configuration for the Abiquo Platform.

Virtual Networking Scenario

The Service Network is a VLAN network that includes the following virtual network types:

  • Private networks within the virtual datacenter
  • External networks belonging to enterprises that allow access to networks outside the virtual datacenter
  • Unmanaged networks belonging to enterprises that are assigned IP addresses outside the Abiquo environment
  • Public networks using public IP addresses for virtual machines

 

Virtual machines on internal private networks can only communicate within the virtual datacenter. A virtual gateway can be used for communication outside the virtual datacenter. Virtual machines on public, external and unmanaged networks can communicate outside the virtual datacenter. VLAN tags should be assigned by the Network Administrator and entered into Abiquo for each external, public and unmanaged network.

 

How Abiquo Manages the Service Network

Abiquo management of the service network has two main aspects:

  • VLANs: Virtual networks are separate VLANs to avoid network overlap and guarantee isolation.
  • ISC DHCP Servers: 
    • Abiquo remotely manages ISC DHCP Servers, so the DHCP server will always lease the right IP to the MAC address on a virtual machine.
    • When a Virtual Machine is deployed:
      • Abiquo generates a unique MAC address and binds it to an IP from the appropriate subnet and assigns it to the appropriate VLAN.  
    • The Network Administrator configures the DHCP server or relay server so that it:
      • listens to VLANs 
      • can be reached over a network from the virtual machines (on the service network) so they can obtain the IP leases
        • all tags for Abiquo managed networks (private, external, public) must be configured
    • Abiquo recommends the use of a DHCP relay server to provide VLAN support. See Configuring DHCP in the Administrator's Guide for information about how Abiquo uses DHCP.

Configuring the Service Network in the Switches

Do these steps for the following hardware to configure the service network.

  • Top-of-Rack Switch
    1. Configure all ports in trunk mode 
    2. Configure one port in access mode for each public VLAN ID for each hypervisor
      1. In Abiquo, create a public VLAN with each public VLAN tag
    3. For each external/unmanaged VLAN, you can configure one port in access mode with the corresponding VLAN IDs for each hypervisor
      1. In Abiquo, the Cloud Administrator can create external/unmanaged VLANs and/or reserve tags for future requirements
        • Abiquo recommends that external/public/unmanaged networks use tags that are excluded from all racks' VLAN ranges
  • Hypervisor Hosts
    1. Every hypervisor in the rack is connected to an 802.1Q trunk port in the top-of-rack switch. All virtual machines created in the hypervisors will have virtual NICs connected to virtual switches. One virtual switch should be created over each network interface on the hypervisor that is wired to a top-of-rack switch trunk port. Abiquo will create the necessary VLANs/VNICs in the virtual switches.
  • DHCP Server
    1. The DHCP server (Abiquo Server) should also be connected to an 802.1Q trunk port in the top-of-rack switch. This is a requirement unless you are only using unmanaged networks. See Configuring DHCP
    2. When you configure the DHCP Relay Server (or DHCP Server) that is providing VLAN support, for each VLAN you will need to supply one IP address on the service network but outside of the virtual datacenter range.
      • Private, public and external networks require DHCP configuration

 

 

Configuring Service Network VLAN Tags in Abiquo

After the Network Administrator has configured the physical networks as described above, configure the Service Network VLAN tags in Abiquo.

The following screenshots show the configuration of an example scenario in Abiquo.

This is an example to show the GUI functionality and this configuration is not supported by Abiquo.

 In this example, only one network service type is used.

NetworkVLAN ID/tag
Public2
External3
Unmanaged4
Reserved5
Reserved6
Private7

Create a public network in Abiquo using the first public IP range you have purchased for your datacenter and a configured VLAN tag (in our example tag 2).

Image Removed

After purchasing more public IPs for the datacenter, add a second public VLAN, also with the public VLAN tag (in our example, tag 2). 

Image Removed

Create an external network with a configured VLAN tag (in our example, tag 3) 

Image Removed

Create an unmanaged network with a configured VLAN tag (in our example, tag 4) 

Image Removed

Create a rack with reserved VLAN tags. In our example, tags 2 to 6 are reserved for the public, external, unmanaged networks and future networks of these types.

Image Removed

When we deploy the first virtual machine, a private network is created with the first free VLAN tag (in this case, tag 7)

Image Removed

Multiple Virtual Switches per Hypervisor

Default Configuration of One Virtual Switch

The default Service Network configuration has one virtual switch or NIC per Host. All of the vNICs of virtual machines deployed on the hypervisor are attached to the same virtual switch or NIC. It was also connected to all the VLANs in the Infrastructure. The following diagram shows only one network service type (Service Network), which is the default configuration in Abiquo 2.4.

Image Removed

Multiple Switches Using Network Service Types

The new Network Service Type feature allows you to use multiple virtual switches or NICs in each hypervisor. The 'Network Service Type' is a 'tag' for identifying the networks your virtual switches or NICs will attach to. The infrastructure administrators tag each virtual switch or NIC to enable it and identify its network in Abiquo. Then administrators of public, external and unmanaged VLANs also tag each of these VLANs with a network service type. When users deploy virtual machines, Abiquo will attach their vNICs to the virtual switches or physical NICs with the tags matching their VLANs. The following diagram shows this approach.

Image Removed

 


Private Network IP Ranges

...

Code Block
Enterprise/Customer 1 -> VirtualDC 1
Network C1 -> 192.168.0.0/24, will be in VLAN5

Enterprise/Customer 2 -> VirtualDC 2
Network C2 -> 192.168.0.0/24, will be in VLAN8

 

Related topics