Geoff,
Thank you for explaination. Basically the idea behind that was to have
(for instance) database tier and web-app tier. Web-apps-tier servers have to
communicate with databases, but databases are closed for outside world. The
easiest way is to have 2 NICs at web-tier VMs and route inside VM without need
to send all the requests to VPC router. Don't know if it does any benefit in a
term of "VR load". I do agree that isolation model of VPC is more strict and
clean. Prevents from such "backdors" to happen. I just got wrong feeling,
that such scenario is also supported, because it works unless I reboot. I also
agree with your comments and will not consider this as an issue anymore. Thank
you for detailed explaination - this is what I have been looking for. I have
no issues for 4.5.1 to happen.
Regards,
Vadim.
-----Original Message-----
From: Daan Hoogland [mailto:daan.hoogl...@gmail.com]
Sent: Wednesday, May 06, 2015 12:04 PM
To: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.5.1
Geoff, Vadim, I think the concept of a vpc private gateway is for this purpose.
Of course more then one road leads to Rome (sorry for the Dutchism)
Op wo 6 mei 2015 om 11:01 schreef Geoff Higginbottom <
geoff.higginbot...@shapeblue.com>:
> Hi Vadim,
>
> My first question is why would you want to?
>
> The concept of a VPC is to isolate the VMs on the different Tiers and
> use ACLs to pass only the traffic which needs to pass between the Tiers.
>
> However, I have just tested this on 4.4.2 (never tried it before) by
> taking a VPC with two tiers with one VM on each, and then adding a NIC
> to each VM on the other tier.
>
> It appears to work with the VMs both having NICs on each Tier, and
> both getting DHCP info correctly, even after a reboot of VMs and VR.
>
> However the default route is not set correctly and is transposed for
> each VM, with the default gateway being allocated on eth1 and not eth0.
>
> Now all that said, whilst CloudStack allows you to do this, in my
> opinion it 'breaks' the VPC model as you are no longer isolating the
> VMs on each Tier.
>
> If you really must interconnect the VMs on a VPC bypassing the ACLs
> then consider adding a 2nd NIC to each VM linked to an isolated or
> shared network. I have tested this in the past, and have just tested
> again on
> 4.4.2 and this works as expected, but why not just configure the ACLs
> to allow the VMs to communicate over the required protocols etc.
>
> Whilst it looks the behaviour may have changed in 4.5.1, I do not see
> this as a regression as I would consider it an unsupported
> configuration in the first place.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbot...@shapeblue.com
>
> -----Original Message-----
> From: Vadim Kimlaychuk [mailto:vadim.kimlayc...@elion.ee]
> Sent: 06 May 2015 09:09
> To: dev@cloudstack.apache.org
> Subject: RE: [VOTE] Apache Cloudstack 4.5.1
>
> I didn't report a bug yet. I don't know if it works at 4.5.0, but I know
> that it worked at 4.0 -- last stable relase I was able to test. I wish to
> troubleshoot VR to get more information about why its happening, but
> don't know where to start.
>
> Vadim.
>
> -----Original Message-----
> From: sebgoa [mailto:run...@gmail.com]
> Sent: Wednesday, May 06, 2015 10:49 AM
> To: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.5.1
>
>
> On May 6, 2015, at 9:38 AM, Vadim Kimlaychuk
> <vadim.kimlayc...@elion.ee>
> wrote:
>
> > Hi,
> >
> > I am sorry for not being authorized to vote for release,
>
>
> Everyone can VOTE on a release, you don't need to be a committer.
> The entire community can vote and chime in on the VOTE threads and
> help test This is very important .
>
> > but it seems VPC is not working at 4.5.1. I have
> > 4.5-RC20150407T1726 at
> production and using VPC is very limited. I am not able to use 2 NICs
> from different tiers at the same VM. Look for detatiled problem
> desctiption at user list under subject "VPC usage scenario"
> >
>
> Did you report bugs ?
>
> > Regards,
> >
> > Vadim.
> >
> > -----Original Message-----
> > From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com]
> > Sent: Wednesday, May 06, 2015 10:21 AM
> > To: dev@cloudstack.apache.org
> > Subject: Re: [VOTE] Apache Cloudstack 4.5.1
> >
> > I¹m a -0 for now (testing still on going)
> >
> > I have upgraded a 4.3.1 Adv XenServer build, and a 4.4.2 Adv
> > XenServer
> build. In both cases the upgrade was successful, all System VMs and
> VRs upgraded OK, however I was not able to create any new VRs or System VMs.
> >
> > We are still analysing the logs and this may well turn out to be a
> > -1, but it could simply be an issue with the system vm template etc
> > hence the -0 for now
> >
> > Still need to test a local storage build, and a Basic with Security
> Groups build, in for a busy week!
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> > D: +44 20 3603 0542 <tel:+442036030542> | S: +44 20 3603 0540
> > <tel:+442036030540> | M: +447968161581 <tel:+447968161581>
> >
> > geoff.higginbot...@shapeblue.com | www.shapeblue.com
> > <htp://www.shapeblue.com/> | Twitter:@cloudstackguru
> > <https://twitter.com/#!/cloudstackguru>
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> > <x-apple-data-detectors://5>
> >
> >
> >
> >
> > On 06/05/2015 05:57, "Marcus" <shadow...@gmail.com> wrote:
> >
> >> +1 (binding)
> >> On May 5, 2015 10:26 AM, "David Nalley" <da...@gnsa.us> wrote:
> >>
> >>> Thanks for running with this Rohit.
> >>>
> >>> +1 (binding)
> >>>
> >>> On Mon, May 4, 2015 at 7:20 AM, Rohit Yadav <bhais...@apache.org>
> wrote:
> >>>> Hi All,
> >>>>
> >>>> I've created a 4.5.1 release, with the following artifacts up for
> >>>> a
> >>> vote:
> >>>>
> >>>> Git Branch and Commit SH:
> >>>>
> >>>
> >>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlo
> >>> g;
> >>> h=
> >>> ref
> >>> s/heads/4.5
> >>>> Commit: 0eb4eb23701f0c6fec8bd5461cd9aa9f92c9576d
> >>>>
> >>>> List of changes:
> >>>>
> >>>
> >>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blob_pl
> >>> ai
> >>> n;
> >>> f=C
> >>> HANGES.md;hb=4.5
> >>>> https://github.com/apache/cloudstack/commits/4.5-RC20150504T1217
> >>>>
> >>>> Source release (checksums and signatures are available at the
> >>>> same
> >>>> location):
> >>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.5.1/
> >>>>
> >>>> PGP release keys (signed using 0EE3D884):
> >>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>>>
> >>>> Vote will be open for 72 hours.
> >>>>
> >>>> For sanity in tallying the vote, can PMC members please be sure
> >>>> to indicate "(binding)" with their vote?
> >>>>
> >>>> [ ] +1 approve
> >>>> [ ] +0 no opinion
> >>>> [ ] -1 disapprove (and reason why)
> >>>>
> >>>> For convenience of testing, you may use the following
> >>>> repositories and location to download systemvm templates:
> >>>>
> >>>> http://packages.shapeblue.com/cloudstack/testing/
> >>>> http://packages.shapeblue.com/systemvmtemplate/4.5/
> >>>>
> >>>> Regards.
> >>>
> >
> > Find out more about ShapeBlue and our range of CloudStack related
> > services
> >
> > IaaS Cloud Design &
> > Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> > CSForge – rapid IaaS deployment
> > framework<http://shapeblue.com/csforge/>
> > CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> > CloudStack Software
> > Engineering<http://shapeblue.com/cloudstack-software-engineering/>
> > CloudStack Infrastructure
> > Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> > CloudStack Bootcamp Training
> > Courses<http://shapeblue.com/cloudstack-training/>
> >
> > This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is addressed.
> Any views or opinions expressed are solely those of the author and do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or show
> it to anyone. Please contact the sender if you believe you have received this
> email in error.
> Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue
> Services India LLP is a company incorporated in India and is operated
> under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda
> is a company incorporated in Brasil and is operated under license from
> Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The
> Republic of South Africa and is traded under license from Shape Blue
> Ltd. ShapeBlue is a registered trademark.
>
> Find out more about ShapeBlue and our range of CloudStack related
> services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment
> framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Software Engineering<
> http://shapeblue.com/cloudstack-software-engineering/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is addressed.
> Any views or opinions expressed are solely those of the author and do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or show
> it to anyone. Please contact the sender if you believe you have
> received this email in error. Shape Blue Ltd is a company incorporated
> in England & Wales. ShapeBlue Services India LLP is a company
> incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
> Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA
> Pty Ltd is a company registered by The Republic of South Africa and is traded
> under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>
