| Table of Contents |
|---|
| Info |
|---|
This page contains technical notes about AWS networks |
Abiquo virtual datacenter network options in AWS
When you create a virtual datacenter in Abiquo, you have the following options to create a network:
Defaultprivate networkNone(Abiquo 6.1.2+)Customprivate network
Abiquo will create an AWS VPC according to these options as described in the following sections.
...
How Abiquo creates a virtual private cloud
When you select Default private network or Custom private network, Abiquo configures VPC networking Scenario 2 as described in the AWS documentation. See https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html .
Abiquo creates a VPC in AWS with one Availability zone only. When you create this in AWS using the wizard, it creates three routing tables, but Abiquo creates two and marks the private routing table as Main.
Abiquo creates a public subnet where the name is the AWS Subnet ID, in the format subnet-xxxx, which is the provider ID for the public subnet. The NAT gateway that AWS creates in a VPC uses a private IP in the public subnet.
The primary private IP of the NAT gateway is automatically assigned by AWS. In Abiquo we always set the first IP as the gateway, because according to the documentation, it is reserved for the VPC router. See https://docs.aws.amazon.com/vpc/latest/userguide/subnet-sizing.html.
In Abiquo the public IP of the NAT gateway enables access to the internet from the private subnet, but it does not allow incoming connections.
To connect from outside the VPC, you will need at least one VM with an IP address in the public subnet, and one public IP. To allow connections to your VM via the public IP, AWS automatically creates a DNAT rule using the internet gateway.
When you create a VPC in Abiquo, it does not onboard the IPs of the private subnets. You need to synchronize each network to onboard its IPs.
...
Abiquo can create a VPC with no network
In Abiquo 6.1.2+, the user can now choose not to create networks when they create a virtual datacenter. In this case, Abiquo will create an AWS VPC with no public subnet, internet gateway, or NAT gateway (and no expensive elastic IP!). Abiquo will still create an address range for the VPC, and the user should enter these details.
If you do not create the networks when you create the VDC, you cannot connect to your VMs or use NAT for outward internet connectivity.
To connect to a VM in an AWS VDC with the None option for networks:
In your virtual datacenter, go to Network → Private
Click + add and when you create the network, select the Internet gateway checkbox.
Edit your VM and add an IP from the public subnet
Connect to your VM as usual. For more details, see How to deploy a VM in AWS using Abiquo.
| Info |
|---|
When you create a public subnet, if there is no internet gateway, the platform creates a new one and associates it with a new route table. If an internet gateway exists but it is not associated with a route table with a destination of 0.0.0.0/0, then the platform creates a new route table. |
To allow outward NAT connectivity from VMs in an AWS VDC with the None option for networks:
Create a public subnet in your VDC (as described above)
Create a private network in your VDC
Manually create the NAT gateway in the AWS console (see AWS documentation at Create a NAT gateway)
Edit the main route table to add a new route with
target = igwanddestination 0.0.0.0/0.
...
Technical notes about AWS networks
The following notes describe how Abiquo manages AWS networks in virtual datacenters with a Default private network or Custom private network, where Abiquo configures VPC networking Scenario 2.
...