Manuel D’UtilisationTable des matièresCloudPlatform (powered by Apache CloudStack) Version 4.2 Administrator's Guide1Table of Contents3Chapter 1. Getting More Information and Help111.1. Additional Documentation Available111.2. Citrix Knowledge Center111.3. Contacting Support11Chapter 2. Concepts132.1. What Is CloudPlatform?132.2. What Can CloudPlatform Do?132.3. Deployment Architecture Overview142.3.1. Management Server Overview152.3.2. Cloud Infrastructure Overview152.3.3. Networking Overview16Chapter 3. Cloud Infrastructure Concepts193.1. About Regions193.2. About Zones193.3. About Pods213.4. About Clusters223.5. About Hosts233.6. About Primary Storage233.7. About Secondary Storage243.8. About Physical Networks243.8.1. Basic Zone Network Traffic Types253.8.2. Basic Zone Guest IP Addresses263.8.3. Advanced Zone Network Traffic Types263.8.4. Advanced Zone Guest IP Addresses263.8.5. Advanced Zone Public IP Addresses273.8.6. System Reserved IP Addresses27Chapter 4. Accounts294.1. Accounts, Users, and Domains294.1.1. Dedicating Resources to Accounts and Domains304.1.1.1. How to Dedicate a Zone, Cluster, Pod, or Host to an Account or Domain304.1.1.2. How to Use Dedicated Hosts304.1.1.3. Behavior of Dedicated Hosts, Clusters, Pods, and Zones304.2. Using an LDAP Server for User Authentication314.2.1. Configuring an LDAP Server314.2.1.1. Adding an LDAP Server314.2.1.2. Removing an LDAP Configuration334.2.2. Example LDAP Configuration Commands334.2.3. Search Base334.2.4. Query Filter344.2.4.1. Active Directory344.2.4.2. ApacheDS344.2.5. Search User Bind DN354.2.6. SSL Keystore Path and Password35Chapter 5. User Services Overview375.1. Service Offerings, Disk Offerings, Network Offerings, and Templates37Chapter 6. User Interface396.1. Supported Browsers396.2. Log In to the UI396.2.1. End User's UI Overview396.2.2. Root Administrator's UI Overview406.2.3. Logging In as the Root Administrator406.2.4. Changing the Root Password416.3. Using SSH Keys for Authentication416.3.1. Creating an Instance from a Template that Supports SSH Keys416.3.2. Creating the SSH Keypair426.3.3. Creating an Instance436.3.4. Logging In Using the SSH Keypair436.3.5. Resetting SSH Keys43Chapter 7. Using Projects to Organize Users and Resources457.1. Overview of Projects457.2. Configuring Projects457.2.1. Setting Up Invitations457.2.2. Setting Resource Limits for Projects467.2.3. Setting Project Creator Permissions467.3. Creating a New Project477.4. Adding Members to a Project477.4.1. Sending Project Membership Invitations477.4.2. Adding Project Members From the UI487.5. Accepting a Membership Invitation487.6. Suspending or Deleting a Project497.7. Using the Project View49Chapter 8. Steps to Provisioning Your Cloud Infrastructure518.1. Overview of Provisioning Steps518.2. Adding Regions (optional)528.2.1. The First Region: The Default Region528.2.2. Adding a Region528.2.3. Adding Third and Subsequent Regions538.2.4. Deleting a Region548.3. Adding a Zone558.3.1. Create a Secondary Storage Mount Point for the New Zone558.3.2. Prepare the System VM Template558.3.3. Steps to Add a New Zone568.3.3.1. Basic Zone Configuration578.3.3.2. Advanced Zone Configuration608.4. Adding a Pod658.5. Adding a Cluster668.5.1. Add Cluster: KVM or XenServer668.5.2. Add Cluster: OVM668.5.3. Add Cluster: vSphere678.5.3.1. VMware Cluster Size Limit678.5.3.2. Adding a vSphere Cluster678.6. Adding a Host708.6.1. Adding a Host (XenServer, KVM, or OVM)708.6.1.1. Requirements for XenServer, KVM, and OVM Hosts708.6.1.1.1. XenServer Host Additional Requirements708.6.1.1.2. KVM Host Additional Requirements718.6.1.1.3. OVM Host Additional Requirements718.6.1.2. Adding a XenServer, KVM, or OVM Host718.6.2. Adding a Host (vSphere)728.7. Adding Primary Storage728.8. Adding Secondary Storage738.8.1. Adding an NFS Secondary Staging Store for Each Zone748.9. Initialize and Test75Chapter 9. Service Offerings779.1. Compute and Disk Service Offerings779.1.1. Creating a New Compute Offering779.1.2. Creating a New Disk Offering789.1.3. Modifying or Deleting a Service Offering799.2. System Service Offerings799.2.1. Creating a New System Service Offering799.2.2. Changing the Secondary Storage VM Service Offering on a Guest Network80Chapter 10. Setting Up Networking for Users8310.1. Overview of Setting Up Networking for Users8310.2. About Virtual Networks8310.2.1. Isolated Networks8310.2.2. Shared Networks8310.2.3. Runtime Allocation of Virtual Network Resources8410.3. Network Service Providers8410.4. Network Service Providers Support Matrix8410.4.1. Individual8410.4.2. Support Matrix for an Isolated Network (Combination)8510.4.3. Support Matrix for Shared Network (Combination)8610.4.4. Support Matrix for Basic Zone8710.5. Network Offerings8710.5.1. Creating a New Network Offering8810.5.2. Changing the Network Offering on a Guest Network9110.5.3. Creating and Changing a Virtual Router Network Offering92Chapter 11. Working With Virtual Machines9511.1. About Working with Virtual Machines9511.2. Best Practices for Virtual Machines9511.2.1. Monitor VMs for Max Capacity9611.2.2. Install Required Tools and Drivers9611.3. VM Lifecycle9611.4. Creating VMs9711.4.1. Creating a VM from a template9711.4.2. Creating a VM from an ISO9811.4.3. Configuring Usage of Linked Clones on VMware9811.5. Accessing VMs9911.6. Appending a Display Name to the Guest VM’s Internal Name9911.7. Stopping and Starting VMs10011.8. Assigning VMs to Hosts10011.8.1. Affinity Groups10111.9. Virtual Machine Snapshots for VMware10211.9.1. Limitations on VM Snapshots10311.9.2. Configuring VM Snapshots10311.9.3. Using VM Snapshots10311.10. Changing the VM Name, OS, or Group10411.11. Changing the Service Offering for a VM10511.11.1. CPU and Memory Scaling for Running VMs10511.11.2. Updating Existing VMs10611.11.3. Configuring Dynamic CPU and RAM Scaling10611.11.4. How to Dynamically Scale CPU and RAM10611.11.5. Limitations10611.12. Resetting the Virtual Machine Root Volume on Reboot10711.13. Moving VMs Between Hosts (Manual Live Migration)10711.14. Deleting VMs10811.15. Recovering a Destroyed VM10811.16. Working with ISOs10811.16.1. Adding an ISO10911.16.2. Attaching an ISO to a VM11011.16.3. Changing a VM's Base Image110Chapter 12. Working With Hosts11312.1. Adding Hosts11312.2. Scheduled Maintenance and Maintenance Mode for Hosts11312.2.1. vCenter and Maintenance Mode11312.2.2. XenServer and Maintenance Mode11312.3. Disabling and Enabling Zones, Pods, and Clusters11412.4. Removing Hosts11412.4.1. Removing XenServer and KVM Hosts11512.4.2. Removing vSphere Hosts11512.5. Re-Installing Hosts11512.6. Maintaining Hypervisors on Hosts11512.7. Using Cisco UCS as Bare Metal Host CloudPlatform11512.7.1. Registering a UCS Manager11612.7.2. Associating a Profile with a UCS Blade11612.7.3. Disassociating a Profile from a UCS Blade11712.8. Changing Host Password11712.9. Over-Provisioning and Service Offering Limits11812.9.1. Limitations on Over-Provisioning in XenServer and KVM11912.9.2. Requirements for Over-Provisioning11912.9.2.1. Balloon Driver11912.9.2.2. Hypervisor capabilities11912.9.3. Setting Over-Provisioning Ratios11912.9.4. Service Offering Limits and Over-Provisioning12012.10. VLAN Provisioning12012.10.1. VLAN Allocation Example12112.10.2. Adding Non Contiguous VLAN Ranges12112.10.3. Assigning VLANs to Isolated Networks122Chapter 13. Working with Templates12313.1. Creating Templates: Overview12313.2. Requirements for Templates12313.3. Best Practices for Templates12313.4. The Default Template12313.5. Private and Public Templates12413.6. Creating a Template from an Existing Virtual Machine12413.7. Creating a Template from a Snapshot12513.8. Uploading Templates12513.9. Exporting Templates12713.10. Creating a Windows Template12713.10.1. System Preparation for Windows Server 2008 R212713.10.2. System Preparation for Windows Server 2003 R213113.11. Importing Amazon Machine Images13213.12. Converting a Hyper-V VM to a Template13513.13. Adding Password Management to Your Templates13613.13.1. Linux OS Installation13713.13.2. Windows OS Installation13713.14. Deleting Templates137Chapter 14. Working With Storage13914.1. Storage Overview13914.2. Primary Storage13914.2.1. Best Practices for Primary Storage13914.2.2. Runtime Behavior of Primary Storage13914.2.3. Hypervisor Support for Primary Storage13914.2.4. Storage Tags14014.2.5. Maintenance Mode for Primary Storage14114.3. Secondary Storage14114.3.1. Best Practices for Secondary Storage14114.3.2. Changing the Secondary Storage IP Address14114.3.3. Changing Secondary Storage Servers14214.4. Working With Volumes14214.4.1. Creating a New Volume14214.4.1.1. Using Local Storage for Data Volumes14214.4.1.2. To Create a New Volume14314.4.2. Uploading an Existing Volume to a Virtual Machine14314.4.3. Attaching a Volume14414.4.4. Detaching and Moving Volumes14514.4.5. VM Storage Migration14514.4.5.1. Migrating a Data Volume to a New Storage Pool14614.4.5.1.1. Migrating Storage For a Running VM14614.4.5.1.2. Migrating Storage and Attaching to a Different VM14614.4.5.2. Migrating a VM Root Volume to a New Storage Pool14614.4.6. Resizing Volumes14714.4.7. Reset VM to New Root Disk on Reboot14814.4.8. Volume Deletion and Garbage Collection14814.5. Working with Snapshots14814.5.1. Automatic Snapshot Creation and Retention14914.5.2. Incremental Snapshots and Backup14914.5.3. Volume Status14914.5.4. Snapshot Restore15014.5.5. Snapshot Job Throttling15014.5.6. VMware Volume Snapshot Performance150Chapter 15. Working with Usage15115.1. Configuring the Usage Server15115.2. Setting Usage Limits15315.2.1. Globally Configured Limits15415.2.2. Default Account Resource Limits15515.2.3. Per-Domain Limits156Chapter 16. Managing Networks and Traffic15716.1. Guest Traffic15716.2. Networking in a Pod15716.3. Networking in a Zone15816.4. Basic Zone Physical Network Configuration15916.5. Advanced Zone Physical Network Configuration15916.5.1. Configuring Isolated Guest Network15916.5.2. Configure Public Traffic in an Advanced Zone16016.5.3. Configuring a Shared Guest Network16116.6. Using Security Groups to Control Traffic to VMs16216.6.1. About Security Groups16216.6.2. Security Groups in Advanced Zones (KVM Only)16216.6.3. Enabling Security Groups16316.6.4. Adding a Security Group16316.6.5. Adding Ingress and Egress Rules to a Security Group16316.7. External Firewalls and Load Balancers16416.7.1. About Using a NetScaler Load Balancer16516.7.2. Configuring SNMPCommunity String on a RHEL Server16616.7.3. Initial Setup of External Firewalls and Load Balancers16716.7.4. Ongoing Configuration of External Firewalls and Load Balancers16816.8. Load Balancer Rules16816.8.1. Adding a Load Balancer Rule16816.8.2. Configuring AutoScale16916.8.3. Sticky Session Policies for Load Balancer Rules17416.8.4. Health Checks for Load Balancer Rules17416.9. Global Server Load Balancing17516.9.1. About Global Server Load Balancing17516.9.1.1. Components of GSLB17516.9.1.2. How GSLB Works in CloudPlatform17616.9.2. Configuring GSLB17716.9.2.1. Prerequisites and Guidelines17916.9.2.2. Enabling GSLB in NetScaler17916.9.2.3. Adding a GSLB Rule18016.9.2.4. Assigning Load Balancing Rules to GSLB18116.10. Using Multiple Guest Networks18216.10.1. Adding an Additional Guest Network18216.10.2. Reconfiguring Networks in VMs18216.10.2.1. Prerequisites18316.10.2.2. Adding a Network18316.10.2.3. Removing a Network18316.10.2.4. Selecting the Default Network18316.11. Guest IP Ranges18416.12. Acquiring a New IP Address18416.13. Releasing an IP Address18416.14. Reserving Public IP Addresses and VLANs for Accounts18516.14.1. Dedicating IP Address Ranges to an Account18516.14.2. Dedicating VLAN Ranges to an Account18616.15. IP Reservation in Isolated Guest Networks18716.15.1. IP Reservation Considerations18716.15.2. Limitations18816.15.3. Best Practices18816.15.4. Reserving an IP Range18816.16. Configuring Multiple IP Addresses on a Single NIC18816.16.1. Use Cases18916.16.2. Guidelines18916.16.3. Assigning Additional IPs to a VM18916.16.4. Port Forwarding and StaticNAT Services Changes18916.17. Multiple Subnets in Shared Network19016.17.1. Prerequisites and Guidelines19016.17.2. Adding Multiple Subnets to a Shared Network19016.18. About Elastic IP19116.19. Portable IPs19316.19.1. About Portable IP19316.19.2. Configuring Portable IPs19416.19.3. Acquiring a Portable IP19416.19.4. Transferring Portable IP19516.20. Static NAT19516.20.1. Enabling or Disabling Static NAT19516.21. IP Forwarding and Firewalling19616.21.1. Egress Firewall Rules in an Advanced Zone19616.21.1.1. Prerequisites and Guidelines19616.21.1.2. Configuring an Egress Firewall Rule19616.21.1.3. Configuring the Default Egress Policy19716.21.2. Firewall Rules19816.21.3. Port Forwarding19916.22. IP Load Balancing19916.23. DNS and DHCP20016.24. Remote Access VPN20016.24.1. Configuring Remote Access VPN20016.24.2. Using Remote Access VPN with Windows20116.24.3. Using Remote Access VPN with Mac OS X20216.24.4. Setting Up a Site-to-Site VPN Connection20216.24.4.1. Creating and Updating a VPN Customer Gateway20316.24.4.2. Creating a VPN gateway for the VPC20616.24.4.3. Creating a VPN Connection20716.24.4.4. Restarting and Removing a VPN Connection20916.25. Isolation in Advanced Zone Using Private VLAN21016.25.1. About Private VLAN21016.25.2. Prerequisites21116.25.3. Creating a PVLAN-Enabled Guest Network21116.26. About Inter-VLAN Routing21216.27. Configuring a Virtual Private Cloud21416.27.1. About Virtual Private Clouds21416.27.2. Adding a Virtual Private Cloud21616.27.3. Adding Tiers21716.27.4. Configuring Network Access Control List21916.27.4.1. About Network ACL Lists21916.27.4.2. Creating ACL Lists21916.27.4.3. Creating an ACL Rule22016.27.4.4. Creating a Tier with Custom ACL List22116.27.4.5. Assigning a Custom ACL List to a Tier22116.27.5. Adding a Private Gateway to a VPC22216.27.5.1. Source NAT on Private Gateway22316.27.5.2. ACL on Private Gateway22416.27.5.3. Creating a Static Route22416.27.5.4. Blacklisting Routes22516.27.6. Deploying VMs to the Tier22516.27.7. Deploying VMs to VPC Tier and Shared Networks22516.27.8. Acquiring a New IP Address for a VPC22616.27.9. Releasing an IP Address Alloted to a VPC22716.27.10. Enabling or Disabling Static NAT on a VPC22816.27.11. Adding Load Balancing Rules on a VPC22916.27.11.1. Load Balancing Public Traffic (Public LB)22916.27.11.1.1. Enabling NetScaler as the LB Provider on a VPC Tier22916.27.11.1.2. Creating a Network Offering for Public LB23016.27.11.1.3. Creating a Public LB Rule23116.27.11.2. Load Balancing Tier-to-Tier traffic (Internal LB)23216.27.11.2.1. How Does Internal LB Work in VPC?23216.27.11.2.2. Enabling Internal LB on a VPC Tier23316.27.11.2.3. Creating a Network Offering for Internal LB23316.27.11.2.4. Creating an Internal LB Rule23416.27.12. Adding a Port Forwarding Rule on a VPC23516.27.13. Removing Tiers23616.27.14. Editing, Restarting, and Removing a Virtual Private Cloud23716.28. Persistent Networks23716.28.1. Persistent Network Considerations23716.28.2. Creating a Persistent Guest Network238Chapter 17. Working with System Virtual Machines23917.1. The System VM Template23917.2. Multiple System VM Support for VMware23917.3. Console Proxy23917.3.1. Changing the Console Proxy SSL Certificate and Domain24017.4. Virtual Router24117.4.1. Configuring the Virtual Router24117.4.2. Upgrading a Virtual Router with System Service Offerings24217.4.3. Best Practices for Virtual Routers24217.5. Secondary Storage VM242Chapter 18. System Reliability and High Availability24318.1. HA for Management Server24318.2. HA-Enabled Virtual Machines24318.3. Dedicated HA Hosts24318.4. Primary Storage Outage and Data Loss24418.5. Secondary Storage Outage and Data Loss24418.6. Limiting the Rate of API Requests24418.6.1. Configuring the API Request Rate24418.6.2. Limitations on API Throttling245Chapter 19. Managing the Cloud24719.1. Using Tags to Organize Resources in the Cloud24719.2. Setting Configuration Parameters24819.2.1. About Configuration Parameters24819.2.2. Setting Global Configuration Parameters24919.2.3. Setting Local Configuration Parameters24919.2.4. Granular Global Configuration Parameters25019.3. Changing the Database Configuration25219.4. Administrator Alerts25219.4.1. Customizing Alerts with Global Configuration Settings25319.4.2. Sending Alerts to External SNMP and Syslog Managers25319.4.2.1. SNMP Alert Details25319.4.2.2. Syslog Alert Details25419.4.2.3. Configuring SNMP and Syslog Managers25419.4.2.4. Deleting an SNMP or Syslog Manager25519.5. Customizing the Network Domain Name25519.6. Stopping and Restarting the Management Server256Chapter 20. CloudPlatform API25720.1. Provisioning and Authentication API25720.2. Allocators25720.3. User Data and Meta Data257Chapter 21. Tuning25921.1. Performance Monitoring25921.2. Increase Management Server Maximum Memory25921.3. Set Database Buffer Pool Size25921.4. Set and Monitor Total VM Limits per Host26021.5. Configure XenServer dom0 Memory260Chapter 22. Troubleshooting26122.1. Events26122.1.1. Event Logs26122.1.2. Event Notification26122.1.3. Standard Events26222.1.4. Long Running Job Events26222.1.5. Event Log Queries26322.1.6. Deleting and Archiving Events and Alerts26322.1.6.1. Permissions26422.1.6.2. Procedure26422.2. Working with Server Logs26422.3. Log Collection Utility cloud-bugtool26522.3.1. Using cloud-bugtool26522.4. Data Loss on Exported Primary Storage26522.5. Recovering a Lost Virtual Router26622.6. Maintenance mode not working on vCenter26622.7. Unable to deploy VMs from uploaded vSphere template26722.8. Unable to power on virtual machine on VMware26722.9. Load balancer rules fail after changing network offering268Appendix A. Event Types269Appendix B. Alerts271Taille: 2,6 MoPages: 272Language: EnglishOuvrir le manuel