VM Backup plug-in framework
Hi, Can anyone tell me if there are plans to implement a more comprehensive mechanism to backup data within guest VM's, or to provide a framework for backup vendors to plug into? This is needed because: 1. The native volume snapshot functionality is slow and does not provide the required feature set. (Incremental forever, Dedup, file level indexing, tape support etc) 2. Integrating 3rd party tools is painful and can only be done at the guest/hypervisor layers which is outside of CCP. Restoring entire VM's is problematic and billing even more so. What would be ideal is a plug-in framework that lets backup vendors integrate their software with CS, so that CS aware backup and restore can be scheduled and exectued by end users. Im hoping we are not the only people out there who are struggling with this! Many thanks, Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz<http://www.vifx.co.nz/> follow us on twitter<https://twitter.com/ViFX> Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
Re: VM Backup plug-in framework
Hi Chris, Correct, I am talking about a way to orchestrate backing up and restoring an entire VM (or set of VM's), but using more efficient technique at the back end to transfer data. Today we do the following: - When a CS account is created we create a corresponding vSphere folder, and we ensure that all VM's for that account are placed in the folder. Access is restricted to that customer. - We configure Veeam to back up all VM's in the vSphere folder using a schedule that we have agreed with the customer. CS has no knowledge that these backups are being taken. - Veeam uses vSphere integrated backups (VADP, CBT) and performs incremental forever backups to our backup server - To restore, we give customers access the Veeam Enterprise Manager and they can perform file level or entire VM restores - CS seems to reference the VM name and not the UID so this does appear to work, however it hasn't been tested at scale This is less than ideal for the following reasons: - VM placement is prone to user error until we can write a script that automates this - Veeam backups occur without knowledge of CS - We can't integrate billing (we use CPBM) - There is a separate console for Self service restore - We need to implement the backup schedule on behalf of the customer which can be time consuming What I feel is missing is an integrated way to provide 'enterprise grade' data protection for CS VM's. Our Customers expect this, and some have long retention requirements (up to 7 years!) so the native snapshot function just isn't fit for purpose. It makes sense to me that CS would orchestrate the backup and restore operations, and hand off to a 3rd party system (Commvault, Veeam, snap manager etc) for the actual data transfer and long term storage Thanks! Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz <http://www.vifx.co.nz/> follow us on twitter <https://twitter.com/ViFX> Auckland | Wellington | Christchurch experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network. On 9/10/13 10:02 AM, "SuichII, Christopher" wrote: >http://mail-archives.apache.org/mod_mbox/cloudstack-dev/201309.mbox/%3C18A >67ed7-9cb0-486a-be80-e16152f33...@netapp.com%3E ><http://mail-archives.apache.org/mod_mbox/cloudstack-dev/201309.mbox/%3C18 >a67ed7-9cb0-486a-be80-e16152f33...@netapp.com%3E<http://mail-archives.apac >he.org/mod_mbox/cloudstack-dev/201309.mbox/<18A67ED7-9CB0-486A-BE80-E16152 >f33...@netapp.com>>>
Re: CloudStack.next
As a CloudStack user, here are the ares that I feel need attention: - improved IAM and implementation of a full RBAC security model. This is hurting us right now. - improved VM import functionality (ie bulk import of VM's and import of running VM's from existing vSphere clusters) - improved backup functionality and integration with 3rd party tools - HA for VPC routers Cheers, Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz <http://www.vifx.co.nz/> follow us on twitter <https://twitter.com/ViFX> Auckland | Wellington | Christchurch experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network. On 13/11/13 1:18 PM, "David Nalley" wrote: >On Tue, Nov 12, 2013 at 6:41 PM, Steve Wilson >wrote: >> Hi All, >> >> As we ramp towards freeze on 4.3 and start talking about 4.4, I thought >>it would be fun to queue up a discussion here on the list before Collab >>next week. >> >> What do you envision in the next MAJOR release of CloudStack? Call it >>5.0 or whatever you like, but what would you like to see there? What >>would you change? What would you enhance? Are there big bets we should >>be placing as a community? >> >> Feel free to post any thoughts here and I'll look forward to talking to >>many of you in person at Collab next week. You are coming to Collab, >>right? >> > > >Hi Steve, > >I'll be contrarian ;) - I don't see 5.0 (e.g. API breaking changes) >coming in at least the next 12-18 months. Breaking API compatibility >is a BIG DEAL IMO and should be done very deliberately and with a lot >of consideration, and a plan around how we help folks adapt. > >Think about the tons of integrations that we have now: Chef, Puppet, >Salt, libcloud, fog, jclouds, dasein, etc etc. Breaking that directly >disrupts our users who stand a good chance of using one of those >integrations or consume CloudStack via one of those tools. > >--David
Adding firewall rule by protocol number
Hi - is it possible to add a firewall rule by protocol number (i.e. GRE) for a standard network? It is possible to do this for a VPC ACL, but I can't seem to make it work for standard network types. Thanks, Simon Murphy Solutions Architect ViFX | Cloud infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 2854519 www.vifx.co.nz/blog<http://www.vifx.co.nz/blog> follow us on twitter<https://twitter.com/ViFX> follow us on Pinterest <http://pinterest.com/vifx/technology-trends/> Auckland | Wellington | Christchurch [cid:image012.jpg@01CE70DD.FCDE3F30] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
ACS 4.2.1 - Multi-Zone vSphere Architecture
Hi all, Im after some guidance on setting up ACS 4.2.1 with vSphere in a multi zone environment. The only way I have been able to successfully build a zone to this point is by having vSphere, ESXi console ports, ACS and the reserved system range on a single VLAN. This is OK for a small, single site deployment but how does this translate for multiple zones? The docs suggest that configuring a single /20 range for management is desired, does that imply that that range should be stretched across sites? Should it be possible to have a dedicated VLAN at each site for vCenter, ESXi console ports and the system VM's, and then have the ACS server sitting in a separate VLAN that can route between both networks? I have been unsuccessful in getting his working to date so hopefully someone out there has some experience setting up a multi-site ACS/vSphere envoronment. Any guidance would be greatly appreciated! Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz<http://www.vifx.co.nz/> follow us on twitter<https://twitter.com/ViFX> Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
RE: ACS 4.2.1 - Multi-Zone vSphere Architecture
thanks. i found the management.cidr global setting that needs to be set to make the setup work. Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Sanjeev Neelarapu [sanjeev.neelar...@citrix.com] Received: Wednesday, 27 Nov 2013, 6:12pm To: us...@cloudstack.apache.org [us...@cloudstack.apache.org]; dev@cloudstack.apache.org [dev@cloudstack.apache.org] Subject: RE: ACS 4.2.1 - Multi-Zone vSphere Architecture Hi, It is not mandatory to use single dedicated vlan in a multi zone environment. It is possible to have a dedicated VLAN at each site for vCenter, ESXi console ports and the system VM's, and then have the ACS server sitting in a separate VLAN that can route between both networks. Thanks, Sanjeev From: Simon Murphy [mailto:simon.mur...@vifx.co.nz] Sent: Monday, November 25, 2013 7:32 AM To: us...@cloudstack.apache.org; dev@cloudstack.apache.org Subject: ACS 4.2.1 - Multi-Zone vSphere Architecture Hi all, Im after some guidance on setting up ACS 4.2.1 with vSphere in a multi zone environment. The only way I have been able to successfully build a zone to this point is by having vSphere, ESXi console ports, ACS and the reserved system range on a single VLAN. This is OK for a small, single site deployment but how does this translate for multiple zones? The docs suggest that configuring a single /20 range for management is desired, does that imply that that range should be stretched across sites? Should it be possible to have a dedicated VLAN at each site for vCenter, ESXi console ports and the system VM's, and then have the ACS server sitting in a separate VLAN that can route between both networks? I have been unsuccessful in getting his working to date so hopefully someone out there has some experience setting up a multi-site ACS/vSphere envoronment. Any guidance would be greatly appreciated! Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz<http://www.vifx.co.nz/> follow us on twitter<https://twitter.com/ViFX> Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
Isolated Network with no Services
Is it possible to configure a network offering for an isolated network that has no services? I would like to give the customer the option to create a network that is totally isolated (no L3 connectivity) so that they can bring their own software router/firewall. The isolated network would be connected to other networks via the customers virtual router. I can create the network offering however it is not listed as an available service when I try to create the network. Cheers, Simon Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz<http://www.vifx.co.nz/> follow us on twitter<https://twitter.com/ViFX> Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
Re: Isolated Network with no Services
I can successfully create the network offering with no services, however when I go to deploy it is not listed under the available network offerings.Seems like only Isolated Networks with SourceNAT enabled are displayedÅ is this correct? Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz <http://www.vifx.co.nz/> follow us on twitter <https://twitter.com/ViFX> Auckland | Wellington | Christchurch experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network. On 3/12/13 6:29 PM, "Murali Reddy" wrote: >HTH > >http://blog.remibergsma.com/2012/03/10/howto-create-a-network-in-cloudstac >k-without-a-virtual-router/ > >From: Simon Murphy >mailto:simon.mur...@vifx.co.nz>> >Reply-To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" >mailto:dev@cloudstack.apache.org>> >Date: Tuesday, 3 December 2013 8:15 AM >To: "us...@cloudstack.apache.org<mailto:us...@cloudstack.apache.org>" >mailto:us...@cloudstack.apache.org>>, >"dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" >mailto:dev@cloudstack.apache.org>> >Subject: Isolated Network with no Services > >Is it possible to configure a network offering for an isolated network >that has no services? I would like to give the customer the option to >create a network that is totally isolated (no L3 connectivity) so that >they can bring their own software router/firewall. The isolated network >would be connected to other networks via the customers virtual router. > >I can create the network offering however it is not listed as an >available service when I try to create the network. > >Cheers, >Simon > > > > > >Simon Murphy >Solutions Architect > >ViFX | Cloud Infrastructure >Level 7, 57 Fort Street, Auckland, New Zealand 1010 >PO Box 106700, Auckland, New Zealand 1143 >M +64 21 285 4519 | S simon_a_murphy >www.vifx.co.nz<http://www.vifx.co.nz/> follow us on >twitter<https://twitter.com/ViFX> >Auckland | Wellington | Christchurch > >[cid:image003.jpg@01CDDF95.815BF160] > >experience. expertise. execution. > >This email and any files transmitted with it are confidential, without >prejudice and may contain information that is subject to legal privilege. >It is intended solely for the use of the individual/s to whom it is >addressed in accordance with the provisions of the Privacy Act (1993). >The content contained in this email does not, necessarily, reflect the >official policy position of ViFX nor does ViFX have any responsibility >for any alterations to the contents of this email that may occur >following transmission. If you are not the addressee it may be unlawful >for you to read, copy, distribute, disclose or otherwise use the >information contained within this email. If you are not the intended >recipient, please notify the sender prior to deleting this email message >from your system. Please note ViFX reserves the right to monitor, from >time to time, the communications sent to and from its email network.
RE: Isolated Network with no Services
works using the api. thanks. Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Murali Reddy [murali.re...@citrix.com] Received: Tuesday, 10 Dec 2013, 12:42am To: dev@cloudstack.apache.org [dev@cloudstack.apache.org]; us...@cloudstack.apache.org [us...@cloudstack.apache.org] Subject: Re: Isolated Network with no Services >From the UI yes, you can try with API directly. On 09/12/13 12:19 PM, "Simon Murphy" wrote: >I can successfully create the network offering with no services, however >when I go to deploy it is not listed under the available network >offerings.Seems like only Isolated Networks with SourceNAT enabled are >displayedÅ is this correct? > > >Simon Murphy >Solutions Architect > >ViFX | Cloud Infrastructure >Level 7, 57 Fort Street, Auckland, New Zealand 1010 >PO Box 106700, Auckland, New Zealand 1143 >M +64 21 285 4519 | S simon_a_murphy >www.vifx.co.nz<http://www.vifx.co.nz> <http://www.vifx.co.nz/> follow us on >twitter ><https://twitter.com/ViFX> >Auckland | Wellington | Christchurch > > > >experience. expertise. execution. > >This email and any files transmitted with it are confidential, without >prejudice and may contain information that is subject to legal privilege. >It is intended solely for the use of the individual/s to whom it is >addressed in accordance with the provisions of the Privacy Act (1993). The >content contained in this email does not, necessarily, reflect the >official policy position of ViFX nor does ViFX have any responsibility for >any alterations to the contents of this email that may occur following >transmission. If you are not the addressee it may be unlawful for you to >read, copy, distribute, disclose or otherwise use the information >contained within this email. If you are not the intended recipient, please >notify the sender prior to deleting this email message from your system. >Please note ViFX reserves the right to monitor, from time to time, the >communications sent to and from its email network. > > > > > > >On 3/12/13 6:29 PM, "Murali Reddy" wrote: > >>HTH >> >>http://blog.remibergsma.com/2012/03/10/howto-create-a-network-in-cloudsta >>c >>k-without-a-virtual-router/ >> >>From: Simon Murphy >>mailto:simon.mur...@vifx.co.nz>> >>Reply-To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" >>mailto:dev@cloudstack.apache.org>> >>Date: Tuesday, 3 December 2013 8:15 AM >>To: "us...@cloudstack.apache.org<mailto:us...@cloudstack.apache.org>" >>mailto:us...@cloudstack.apache.org>>, >>"dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" >>mailto:dev@cloudstack.apache.org>> >>Subject: Isolated Network with no Services >> >>Is it possible to configure a network offering for an isolated network >>that has no services? I would like to give the customer the option to >>create a network that is totally isolated (no L3 connectivity) so that >>they can bring their own software router/firewall. The isolated network >>would be connected to other networks via the customers virtual router. >> >>I can create the network offering however it is not listed as an >>available service when I try to create the network. >> >>Cheers, >>Simon >> >> >> >> >> >>Simon Murphy >>Solutions Architect >> >>ViFX | Cloud Infrastructure >>Level 7, 57 Fort Street, Auckland, New Zealand 1010 >>PO Box 106700, Auckland, New Zealand 1143 >>M +64 21 285 4519 | S simon_a_murphy >>www.vifx.co.nz<http://www.vifx.co.nz/> follow us on >>twitter<https://twitter.com/ViFX> >>Auckland | Wellington | Christchurch >> >>[cid:image003.jpg@01CDDF95.815BF160] >> >>experience. expertise. execution. >> >>This email and any files transmitted with it are confidential, without >>prejudice and may contain information that is subject to legal privilege. >>It is intended solely for the use of the individual/s to whom it is >>addressed in accordance with the provisions of the Privacy Act (1993). >>The content contained in this email does not, necessarily, reflect the >>official policy position of ViFX nor does ViFX have any responsibility >>for any alterations to the contents of this email that may occur >>following transmission. If you are not the addressee it may be unlawful >>for you to read, copy, distribute, disclose or otherwise use the >>information contained within this email. If you are not the intended >>recipient, please notify the sender prior to deleting this email message >>from your system. Please note ViFX reserves the right to monitor, from >>time to time, the communications sent to and from its email network. > >
SRX/ASA and ACS VPC
Is it possible to offload firewall, SourceNAT and inter-VLAN routing functions to hardware devices for VPC networks? Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nz<http://www.vifx.co.nz/> follow us on twitter<https://twitter.com/ViFX> Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
