Implementing CloudStack's
VPC feature

Marcus SorensenBetterServers, Inc

CloudStack 3.x network

VMs on a network

CloudStack 3.x network

VMs on multiple networks

CloudStack 3.x network

VMs w/NAT router on networks

CloudStack 3.x network

No inter-vlan communication for customer's private networks

What's a VPC?

Has multiple meanings

In CloudStack, a VPC is:A virtual router

One or more isolated networks

One or more virtual machine instances

Associated servicesACLs

Source NAT

Static NAT

Port Forwarding

Load balancing

VPN

CloudStack 4.x VPC

VPC router provides inter-vlan access

VPC Router

Debian-based system VM

CloudStack controlled/configured

HAProxy load balancer

iptables rules for ACLs, NAT, port forwarding

1 NIC one each isolated network, one on public

Gives customers a full datacenter experience

Creating a VPC

Find the VPC section

Creating a VPC

Click 'Add VPC' and define

Creating a VPC

Once VPC is created, click 'configure VPC'

Creating a VPC

Create one or more tiers

Creating a VPC

Add VMs

Creating a VPC

Create ACLs, get more IPs, etc

Current Limitations

Advanced Zones only

Load Balanced service offering only available on one of your isolated networks

Only one NIC/isolated network per VM instance

Need to acquire separate IPs for Static NAT, Port forwarding, etc

Only Site to Site VPN, no remote access VPN

No redundant router mode

Advanced: Roll your own VPC

Create an instance

Attach to multiple isolated networks and a public network

Configure instance as router

Create template of instance to deploy subsequent routers

Questions?
https://cwiki.apache.org/CLOUDSTACK/inter-vlan-routing.html