The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "Federated Cloud Networking"
| Line 15: | Line 15: | ||
When starting a VM on these sites, it will get an IP that is '''not''' publicly accessible from outside the site. In order to connect to the VM you will need to perform some extra actions: | When starting a VM on these sites, it will get an IP that is '''not''' publicly accessible from outside the site. In order to connect to the VM you will need to perform some extra actions: | ||
=== Discovering public network === | |||
- OpenStack via OOI: network always has id "PUBLIC" | |||
- OpenNEbula? | |||
- Can we add an attribute to the networks so it can be discovered and not guessed in runtime? | |||
=== Allocating IP in public network === | |||
- Does not work for every OpenStack site with OCCI, why? | |||
- Does not work for OpenNebula | |||
- Shouldn't this be unified already? | |||
=== Assigning IP to VM === | |||
- Should work equally for OS and ONE but some OS sites require a pool to be included in the request, is this discoverable? | |||
=== Removing IP from VM === | |||
If you want to remove one of the IPs of the VM | |||
=== De-allocating IPs === | |||
IPs in OpenStack will not be removed unless explicitly done. | |||
== Security Groups == | == Security Groups == | ||
Revision as of 14:24, 6 October 2017
Each site of the federation has its own policies regarding networking and configuration is not homogeneous across all of them. In this page we describe the main user-related networking configuration aspects of the resource centers and how to discover and deal with these configurations with the available tools.
Default network
All VMs in the Federated Cloud sites will have a default network and will be assigned a IP within that network, unless explicitly requested not to have a network attached (OpenStack only). This IP may or not be publicly accessible but in both cases, the VM will have outgoing connectivity so you can reach external networks from the VM by default.
Public by default sites
In these sites, your VM will get a publicly accessible IP that will allow at least SSH (port 22) access to the VM. See below for opening other ports if needed by your application.
How to discover public by default sites?
Private by default sites
When starting a VM on these sites, it will get an IP that is not publicly accessible from outside the site. In order to connect to the VM you will need to perform some extra actions:
Discovering public network
- OpenStack via OOI: network always has id "PUBLIC" - OpenNEbula? - Can we add an attribute to the networks so it can be discovered and not guessed in runtime?
Allocating IP in public network
- Does not work for every OpenStack site with OCCI, why? - Does not work for OpenNebula - Shouldn't this be unified already?
Assigning IP to VM
- Should work equally for OS and ONE but some OS sites require a pool to be included in the request, is this discoverable?
Removing IP from VM
If you want to remove one of the IPs of the VM
De-allocating IPs
IPs in OpenStack will not be removed unless explicitly done.