Community
 
Other links
 
  1. Persistent Support
  2. Comunidade
  3. CloudPlatform 3.x
 

CloudPlatform 3.x

Nova publicação    New comment
343 seguidores
 
Avatar
Pankaj Paliwal

Different hypervisors and multi tenancy?!

Avatar

Different hypervisors and multi tenancy?!

hello,

maybe two questions ...
how is multi tenancy provided within cloudplatform? ok i can use VLANs in my physical network and then use virtual routers within cloudplatform to separate traffic. another alternative are security groups. is this correct so far?!
but if I am using different hypervisors, which is supported with cloudplatform, how can multi tenancy be provided accross theses hypervisors? If a user has three VMs, one on vSphere, one on XenServer and one on KVM or OVM ... how can the multi tenant envireonment be created then so the VMs can interact with each other but still are separated from access by other tenants?


peter mueller MEMBERS
4 comentários
0
 
 

Comentário oficial

Avatar
Pankaj Paliwal
Avatar

As of version 3.0.6, only security groups and vlans are available for account isolation. You have to remember that CloudPlatform is designed to provide Infrastructure as a Service (IaaS), so some of the "advanced" features of traditional virtualization aren't available. I know of some folks using Software Defined Networking (SDN) solution from the likes of Vyatta to gain some of those advanced features, but that is definitely not an out of the box solution.

I have heard some rumblings about VXLAN support in a near future release, but someone from Citrix would need to verify the official road map.

--Mike


Mike Little MEMBERS
Ações de comentário Permalink

iniciar sessão para comentar.

 
 

Previous 4 comentários

Data Votos
Avatar
Pankaj Paliwal
Avatar

Different hypervisors and multi tenancy?!

Your assumptions are mostly correct. CloudPlatform supports two different types of isolation.

In a "Basic" network, isolation is done via security groups, implemented via iptables on the hypervisor. Only XenServer and KVM support security groups.

In an "Advanced" network, isolation is done via VLANs. Assuming you have your VLANs configured correctly on your hypervisors and switches, guest instances on different hypervisors (within the same zone) can communicate directly with each other, over the same VLAN.

Hope that helps.

--Mike


Mike Little MEMBERS
0
Ações de comentário Permalink
Avatar
Pankaj Paliwal
Avatar

thanx for the info :>


peter mueller MEMBERS
0
Ações de comentário Permalink
Avatar
Pankaj Paliwal
Avatar

Can I only use security groups or VLANs? Is there nothing for network virtualization like in VMware (VXLAN) oder Hyper-V (NVGRE, IP REWRITE) for Citrix out of the box?


Martin Slowikowski MEMBERS
0
Ações de comentário Permalink

Participate

Ask, Discuss, Answer


Ask a Question
Getting Started
Discuss the Accelerite Support Portal

Top Contributors