apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-03 04:12:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/docs/en-US/elastic-ip.xml
Radhika PC f7eb139ce2 portable ip and api changes
2013-05-22 17:28:06 +05:30

104 lines
6.2 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="elastic-ip">
<title>About Elastic IP</title>
<para>Elastic IP (EIP) addresses are the IP addresses that are associated with an account, and act
as static IP addresses. The account owner has the complete control over the Elastic IP addresses
that belong to the account. As an account owner, you can allocate an Elastic IP to a VM of your
choice from the EIP pool of your account. Later if required you can reassign the IP address to a
different VM. This feature is extremely helpful during VM failure. Instead of replacing the VM
which is down, the IP address can be reassigned to a new VM in your account. </para>
<para>Similar to the public IP address, Elastic IP addresses are mapped to their associated
private IP addresses by using StaticNAT. The EIP service is equipped with StaticNAT (1:1)
service in an EIP-enabled basic zone. The default network offering,
DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network with EIP and ELB network
services if a NetScaler device is deployed in your zone. Consider the following illustration for
more details.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/eip-ns-basiczone.png"/>
</imageobject>
<textobject>
<phrase>eip-ns-basiczone.png: Elastic IP in a NetScaler-enabled Basic Zone.</phrase>
</textobject>
</mediaobject>
<para>In the illustration, a NetScaler appliance is the default entry or exit point for the
&PRODUCT; instances, and firewall is the default entry or exit point for the rest of the data
center. Netscaler provides LB services and staticNAT service to the guest networks. The guest
traffic in the pods and the Management Server are on different subnets / VLANs. The policy-based
routing in the data center core switch sends the public traffic through the NetScaler, whereas
the rest of the data center goes through the firewall. </para>
<para>The EIP work flow is as follows:</para>
<itemizedlist>
<listitem>
<para>When a user VM is deployed, a public IP is automatically acquired from the pool of
public IPs configured in the zone. This IP is owned by the VM's account.</para>
</listitem>
<listitem>
<para>Each VM will have its own private IP. When the user VM starts, Static NAT is provisioned
on the NetScaler device by using the Inbound Network Address Translation (INAT) and Reverse
NAT (RNAT) rules between the public IP and the private IP.</para>
<note>
<para>Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the destination
IP address is replaced in the packets from the public network, such as the Internet, with
the private IP address of a VM in the private network. Reverse NAT (RNAT) is a type of NAT
supported by NetScaler, in which the source IP address is replaced in the packets
generated by a VM in the private network with the public IP address.</para>
</note>
</listitem>
<listitem>
<para>This default public IP will be released in two cases:</para>
<itemizedlist>
<listitem>
<para>When the VM is stopped. When the VM starts, it again receives a new public IP, not
necessarily the same one allocated initially, from the pool of Public IPs.</para>
</listitem>
<listitem>
<para>The user acquires a public IP (Elastic IP). This public IP is associated with the
account, but will not be mapped to any private IP. However, the user can enable Static
NAT to associate this IP to the private IP of a VM in the account. The Static NAT rule
for the public IP can be disabled at any time. When Static NAT is disabled, a new public
IP is allocated from the pool, which is not necessarily be the same one allocated
initially.</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<para>For the deployments where public IPs are limited resources, you have the flexibility to
choose not to allocate a public IP by default. You can use the Associate Public IP option to
turn on or off the automatic public IP assignment in the EIP-enabled Basic zones. If you turn
off the automatic public IP assignment while creating a network offering, only a private IP is
assigned to a VM when the VM is deployed with that network offering. Later, the user can acquire
an IP for the VM and enable static NAT.</para>
<para condition="admin">For more information on the Associate Public IP option, see <xref
linkend="creating-network-offerings"/>.</para>
<para condition="install">For more information on the Associate Public IP option, see the
Administration Guide.</para>
<note>
<para>The Associate Public IP feature is designed only for use with user VMs. The System VMs
continue to get both public IP and private by default, irrespective of the network offering
configuration.</para>
</note>
<para>New deployments which use the default shared network offering with EIP and ELB services to
create a shared network in the Basic zone will continue allocating public IPs to each user
VM.</para>
</section>
Reference in New Issue View Git Blame Copy Permalink