Different hypervisors and multi tenancy?!

2013년 05월 18일 12:39

Different hypervisors and multi tenancy?!

hello,

maybe two questions ...
how is multi tenancy provided within cloudplatform? ok i can use VLANs in my physical network and then use virtual routers within cloudplatform to separate traffic. another alternative are security groups. is this correct so far?!
but if I am using different hypervisors, which is supported with cloudplatform, how can multi tenancy be provided accross theses hypervisors? If a user has three VMs, one on vSphere, one on XenServer and one on KVM or OVM ... how can the multi tenant envireonment be created then so the VMs can interact with each other but still are separated from access by other tenants?

peter mueller MEMBERS 18 May 2013 - 12:39 PM

댓글 4개

공식 댓글

Pankaj Paliwal

2016년 03월 23일 07:15

As of version 3.0.6, only security groups and vlans are available for account isolation. You have to remember that CloudPlatform is designed to provide Infrastructure as a Service (IaaS), so some of the "advanced" features of traditional virtualization aren't available. I know of some folks using Software Defined Networking (SDN) solution from the likes of Vyatta to gain some of those advanced features, but that is definitely not an out of the box solution.

I have heard some rumblings about VXLAN support in a near future release, but someone from Citrix would need to verify the official road map.

--Mike

Mike Little MEMBERS 28 May 2013 - 16:30 PM

댓글을 남기려면 로그인하세요.

Previous 댓글 4개

날짜 투표수

Pankaj Paliwal

2016년 03월 23일 07:15

Different hypervisors and multi tenancy?!

Your assumptions are mostly correct. CloudPlatform supports two different types of isolation.

In a "Basic" network, isolation is done via security groups, implemented via iptables on the hypervisor. Only XenServer and KVM support security groups.

In an "Advanced" network, isolation is done via VLANs. Assuming you have your VLANs configured correctly on your hypervisors and switches, guest instances on different hypervisors (within the same zone) can communicate directly with each other, over the same VLAN.

Hope that helps.

--Mike

Mike Little MEMBERS 20 May 2013 - 18:01 PM

Pankaj Paliwal

2016년 03월 23일 07:15

thanx for the info :>

peter mueller MEMBERS 20 May 2013 - 20:13 PM

Pankaj Paliwal

2016년 03월 23일 07:15

Can I only use security groups or VLANs? Is there nothing for network virtualization like in VMware (VXLAN) oder Hyper-V (NVGRE, IP REWRITE) for Citrix out of the box?

Martin Slowikowski MEMBERS 27 May 2013 - 22:01 PM