Skip to content
This repository has been archived by the owner on Dec 8, 2020. It is now read-only.

Network Deployment Options

Jump to bottom
Fabio Rapposelli edited this page May 16, 2014 · 4 revisions

While working through several issues opened for our vagrant-vcloud project I figured out that many vCloud Director users are not familiar with the networking options and capabilities built into the provider, this post should shed some light on the networking options available.

We're going to talk about the three most common deployment topologies:

  • Protected vApp Network with Organization VDC Edge Gateway fronting the Organization VDC Network to the External Network (common scenario for public clouds).
  • Protected vApp Network connected to an External Network (less common scenario for public clouds, common scenario for private cloud).
  • VMs directly connected to an Organization VDC Network / External Network (very common scenario for private cloud).

Protected vApp Network with Organization VDC Edge Gateway

Protected vApp Network with Organization Edge

In this scenario the vApp deployed by vagrant-vcloud has a private vApp Network (you can specify your own subnet with ip_subnet, otherwise defaults to 10.1.1.0/24) that is fronted by a vApp vShield Edge that does all the port forwarding duties for Vagrant (e.g. SSH port forwarding and all the additional forwardings you specify in your Vagrantfile).

The vShield Edge has an uplink to the Organization VDC Network specified with vdc_network_name and automatically consumes an IP from its Pool, vdc_edge_gateway and vdc_edge_gateway_ip configure the Organization VDC Edge Gateway device that connects the Organization VDC Network (vdc_network_name) with the External Network. It is important to specify vdc_edge_gateway_ip as we can't guess the external IP to be used, and this is critical for Organization VDC Edge Gateways that are directly connected to the Internet.

This Vagrantfile represents the configuration depicted in the diagram above:

precise32_vm_box_url = 'http://vagrant.tsugliani.fr/precise32.box'
 
nodes = [
  { :hostname => 'web-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url },
  { :hostname => 'sql-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url }
]
 
Vagrant.configure('2') do |config|
 
  # vCloud Director provider settings
  config.vm.provider :vcloud do |vcloud|
    vcloud.hostname = 'https://my.cloud.provider.com'
    vcloud.username = 'My Username'
    vcloud.password = 'My Password'
 
    vcloud.org_name = 'My Organization Name'
    vcloud.vdc_name = 'My Organization Virtual Data Center'
    vcloud.catalog_name = 'Vagrant'
 
    # Set configuration for vApp-level networking.
    vcloud.ip_subnet = '172.16.32.125/255.255.255.240'    # optional
    vcloud.ip_dns = ['208.67.222.222', '208.67.222.220']  # optional
    vcloud.network_bridge = false                         # optional
 
    # Set the Organization Network where we will attach our vApp to
    vcloud.vdc_network_name = 'Organization Network'
 
    # Set the Organization Edge Gateway parameters.
    vcloud.vdc_edge_gateway = 'Organization Edge Gateway'
    vcloud.vdc_edge_gateway_ip = '90.12.34.56'
  end
 
  nodes.each do |node|
    config.vm.define node[:hostname] do |node_config|
      node_config.vm.box = node[:box]
      node_config.vm.hostname = node[:hostname]
      node_config.vm.box_url = node[:box_url]
      node_config.vm.network :forwarded_port,
                             guest: 80,
                             host: 8080,
                             auto_correct: true
    end
  end
end

Protected vApp Network connected to an External Network

Protected vApp Network connected to an External Network

In this scenario the vApp deployed by vagrant-vcloud has a private vApp Network (you can specify your own subnet with ip_subnet, otherwise defaults to 10.1.1.0/24) that is fronted by a vApp vShield Edge that does all the port forwarding duties for Vagrant (e.g. SSH port forwarding and all the additional forwardings you specify in your Vagrantfile).

The vApp vShield Edge has an uplink to the Organization VDC Network specified with vdc_network_name and automatically consumes an IP from its Pool, the Vagrant User must either have access to the Organization VDC Network, or to the External Network that might be bridged to it (Organization vDC Network in Direct Mode) in order to perform a vagrant ssh successfully.

This Vagrantfile represents the configuration depicted in the diagram above:

precise32_vm_box_url = 'http://vagrant.tsugliani.fr/precise32.box'
 
nodes = [
  { :hostname => 'web-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url },
  { :hostname => 'sql-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url }
]
 
Vagrant.configure('2') do |config|
 
  # vCloud Director provider settings
  config.vm.provider :vcloud do |vcloud|
    vcloud.hostname = 'https://my.cloud.provider.com'
    vcloud.username = 'My Username'
    vcloud.password = 'My Password'
 
    vcloud.org_name = 'My Organization Name'
    vcloud.vdc_name = 'My Organization Virtual Data Center'
    vcloud.catalog_name = 'Vagrant'
 
    # Set configuration for vApp-level networking.
    vcloud.ip_subnet = '172.16.32.125/255.255.255.240'    # optional
    vcloud.ip_dns = ['208.67.222.222', '208.67.222.220']  # optional
    vcloud.network_bridge = false                         # optional
 
    # Set the Organization Network where we will attach our vApp to
    vcloud.vdc_network_name = 'Organization Network'
  end
 
  nodes.each do |node|
    config.vm.define node[:hostname] do |node_config|
      node_config.vm.box = node[:box]
      node_config.vm.hostname = node[:hostname]
      node_config.vm.box_url = node[:box_url]
      node_config.vm.network :forwarded_port,
                             guest: 80,
                             host: 8080,
                             auto_correct: true
    end
  end
end

VMs directly connected to an Organization VDC Network / External Network

VMs directly connected to an Organization VDC Network / External Network

In this scenario the vApp deployed by vagrant-vcloud doesn't have any private vApp Network, by using network_bridge = true we connect every VM in the Vagrantfile directly to the Organization VDC Network specified with vdc_network_name and every VM deployed will consume an IP from that Organization VDC Network IP Pool.

The Vagrant User must have access to the Organization VDC Network/External Network in order to perform a vagrant ssh succesfully.

This Vagrantfile represents the configuration depicted in the diagram above:

precise32_vm_box_url = 'http://vagrant.tsugliani.fr/precise32.box'
 
nodes = [
  { :hostname => 'web-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url },
  { :hostname => 'sql-vm',
    :box => 'precise32',
    :box_url => precise32_vm_box_url }
]
 
Vagrant.configure('2') do |config|
 
  # vCloud Director provider settings
  config.vm.provider :vcloud do |vcloud|
    vcloud.hostname = 'https://my.cloud.provider.com'
    vcloud.username = 'My Username'
    vcloud.password = 'My Password'
 
    vcloud.org_name = 'My Organization Name'
    vcloud.vdc_name = 'My Organization Virtual Data Center'
    vcloud.catalog_name = 'Vagrant'
 
    # Set configuration for vApp-level networking.
    vcloud.network_bridge = true
 
    # Set the Organization Network where we will attach our vApp to
    vcloud.vdc_network_name = 'Organization Network'
  end
 
  nodes.each do |node|
    config.vm.define node[:hostname] do |node_config|
      node_config.vm.box = node[:box]
      node_config.vm.hostname = node[:hostname]
      node_config.vm.box_url = node[:box_url]
      node_config.vm.network :forwarded_port,
                             guest: 80,
                             host: 8080,
                             auto_correct: true
    end
  end
end

Closing Remarks

I hope this will give a better understanding to everyone using vagrant-vcloud and to every vCloud user in general (this applies to vCloud Hybrid Services too!).

Clone this wiki locally