Contents
Related pages
- Basic concepts of Abiquo networking: Networking
- Configuration of network infrastructure: Networks
- Manage datacenter networks in the UI: Network
1. Introduction to Abiquo Virtual Networks
When you create a virtual datacenter, Abiquo associates a default network (VLAN) with it and any VMs added to the virtual datacenter are automatically connected to this network if no other network information is provided. The default network may be a private, external, unmanaged or public network.
- A private network in a virtual datacenter has IP addresses in a private IP range (10/24, 172.16/12, 192.168/16). To ensure the private VLAN is unique to the virtual datacenter, the platform automatically assigns the VLAN tag to the network.
- A public network gives a virtual datacenter access to public networks using specific public IP addresses assigned to VMs - for example, for use with a gateway VM, Internet web server or load balancer.
- An external network allows you to define IP ranges and a VLAN tag, to allow the virtual datacenters to connect directly to each other, or to other networks outside of the virtual infrastructure.
- An unmanaged network is a type of external network where IP address allocation is managed outside the platform.
2. Designing and Configuring External Networks
Because external networks can be used to connect VMs in different virtual datacenters and other networks, design your external networks carefully in terms of:
- VLAN tags
- For all public, external and unmanaged networks, the Network Administrator should configure the same VLAN tags on all switches in the Abiquo environment
- Switch connections for the external network should reserve a port for the VLAN tag of the external network only, i.e. they should be in what is sometimes called "access mode". This is in contrast to the ports used by private networks, which should be in trunk mode.
- For all public, external and unmanaged networks, the Network Administrator should configure the same VLAN tags on all switches in the Abiquo environment
- IP address ranges
- For each VLAN, reserve an IP address on the VLAN for the VNIC on the DHCP Relay Server (or DHCP Server) that provides VLAN support
- Decide how many machines will be connected from inside/outside your Abiquo Datacenter
- In Abiquo, reserve IP addresses for use outside Abiquo to avoid conflicts
- Check that the IP addresses used inside Abiquo are reserved outside of Abiquo.
Further example of External Networking with MPLS Tunnel
3. Using External Networks
External networks can be used:
- Adhoc - create and use in existing virtual datacenters, connected to VMs in virtual datacenters.
- Default for virtual datacenter - assign as the default network for a virtual datacenter when it is created (instead of the default private VLAN). When you deploy a new VM in the virtual datacenter with no network configuration, it will be automatically assigned a VNIC attached to the external network.
- Default for enterprise -assign as the default network for an enterprise for a specific datacenter. When you create a new virtual datacenter for the enterprise in this datacenter, the external network will be the default. But you can override this at virtual datacenter level.
Define external networks for each enterprise datacenter
External networks are defined per physical datacenter, so the default external network needs to be configured for each physical datacenter that an enterprise is allowed to use.
The sections below provide GUI and API workflows to create external networks as the default for an enterprise and links to the User's Guide and Developer's Guide for the external network functions used.
3.1. Users and Privileges
The tasks in the workflows below may be performed by two different users. In a typical organization, the first group of tasks would be performed by a cloud administrator user and the second group of tasks could be performed by a cloud administrator or an enterprise administrator.
The list of privileges required for these tasks is given here and you can also see role definitions for more information.
Function | Privilege |
|---|---|
Check VLAN tag availability | ROLE_PHYS_DC_ENUMERATE |
Create an external network | ROLE_PHYS_DC_MANAGE |
Create an enterprise, assigning it to a physical datacenter | ROLE_USERS_MANAGE_OTHER_ENTERPRISES |
Set an external network as the default for an enterprise | ROLE_USERS_MANAGE_ENTERPRISE |
Create a new virtual datacenter | ROLE_VDC_MANAGE |
| Change the default network for a virtual datacenter | ROLE_VDC_MANAGE |
| Create multiple IP addresses |
4. GUI Workflow for Creating Default External Networks
This section describes a basic GUI workflow for creating default external networks. This section is designed to give an introductory outline of the process.
4.1. Create a new enterprise, assigning it to a datacenter
When you set the default network for this enterprise, it will only apply to VMs that are created after the default network is set. If you are creating the enterprise in the API, remember that you must add an enterprise-datacenter limit for each datacenter your enterprise will access.
Allow the new enterprise to access the datacenter.
Manage Enterprises#Creating or Editing an Enterprise
4.2. Create the external network in each physical datacenter
Go to Infrastructure View, open your datacenter and click the network tab. Click on the External page and click the + Add button to add a new network.
It is important to check the VLAN tag availability in the datacenter where this tag will be used. If you share the VLAN tag across more than one network, the check indicator will be yellow. If it is reserved in Abiquo, the check indicator will be red.
Enter the network details and select the new enterprise that will use the external network, then click Save.
Create IP addresses and click Accept.
Next click the Available IPs link and make unavailable any of the IP addresses that you wish to use for administrative purposes, for example, the gateway address.
Hypervisor networks reference#Create VLANs for Public or External Networks
4.3. For each physical datacenter enabled for the enterprise configure a default external network
When to change the default network
You can change the default network at any time, but the new default network will only be applied to new virtual appliances created after you change it.
Edit the enterprise, then edit the Allowed datacenter, and go to the Default VLAN tab.
Manage Enterprises#Setting the Default VLAN for an Enterprise and Datacenter
4.4. Create a virtual datacenter
The new virtual datacenter will get the default settings but these can be modified if required.
Set the default network for new virtual appliances
The new default network will only be assigned to virtual appliances that you create after you change the default network.
5. API Workflow for Creating Default External Networks
This section describes a basic API workflow for creating default external networks. This section is designed to give an introductory outline of the process.
5.1. Check VLAN tag availability
The first step in creating a new external network is to check the VLAN tag availability in the datacenter where it will be used.
5.2. Create the external network in each physical datacenter
5.3. Create a new enterprise, assigning it to specific datacenter
This example assumes that your enterprise was not created yet. It is also possible to use an existing enterprise, but when you set the default network for this enterprise, it will only apply to VMs that are created after the default network is set.
5.4. For each physical datacenter enabled for the enterprise configure a default external network
When to change the default network
You can change the default network at any time, but the new default network will only be applied to new virtual appliances created after you change to it.
5.5. Create a virtual datacenter
The new virtual datacenter will get the default settings but these can be modified if required.
Set the default network for new virtual appliances
The new default network will only be assigned to virtual appliances that you create after you change the default network.
5.6. Create IP addresses on the external network
You can create a single IP address or multiple IP addresses.