Skip to content

Networking

Overview

OpenCloud’s specific Virtual Network offerings currently use a type of network called Shared Network. Networking is a separate component in OpenCloud and supports unique Domain Networks for Instances to use to communicate with each other and to the public Internet. Domain networks in OpenCloud coexist next to the storage and management networks, but the last two networks are internal and thus invisible to Customers.

Each Instance added to a network gets a virtual network interface card (NIC) with a unique MAC address assigned to it. This allows for an IP address to be assigned to the Instance through one of its assigned virtual network interface cards inside the Instance OS. An Instance can have multiple networks attached to it at the same time.

The initial Shared Network built in the customer Domain is configured by US Signal based on the networks customers provided. To add another Shared Network, customers will need to reach out and submit a new order.

Viewing Networks

  1. Click on Network > Guest Networks on the main OpenCloud Menu screen.
  2. There will be a list of Networks that are assigned to the customer Domain.
  3. The network information will provide the CIDR and the VLAN of the Shared network.
  4. Clicking on the network name will provide more information about it.

Assigning Network to Instances

  1. From the left-hand menu in the OpenCloud panel, choose Compute > Instances and click on the Instance.
  2. Choose the NICs tab in the Instance overview page and click + Add network to VM.
  3. From the drop-down menu select the shared network, and optionally provide an IP address from the subnet assigned to the network. The IP address assigned in this interface does not get pushed to the OS. The TCP/IP address will still need to be assigned in the OS.
  4. Confirm by clicking OK.
  5. The selected Instances will be added to the shared network. Customers will see the network appear in the list of networks under the NICs tab for their Instance. The NIC will have both a MAC and IP address assigned.

Network Offerings

The table below shows the current Network Offerings available in OpenCloud and the differences between each offering.

Network - Basic Network - Services Network - Basic - Self-Provisioned Network - Services - Self-Provisioned
OpenCloud is aware of the Instance IP address ❌ ✅ ❌ ✅
IP address information can be auto populated upon Instance creation ❌ ✅ ❌ ✅
DHCP is Available for Dynamic Assignments ❌ ✅ ❌ ✅
Cloud-like Instance provisioning support (e.g., cloud-init) ❌ ✅ ❌ ✅
Network can be Self-Provisioned ❌ ❌ ✅ ✅
Connectivity Outside of OpenCloud Zone is Supported ✅ ✅ ❌ ❌

Self-Provisioned Networks

Self-Provisioned Networks are networks for connecting Instances together. These networks cannot be used to egress outside of an OpenCloud Zone.

Add Network

  1. Click on Network > Guest Networks on the main OpenCloud Menu screen.
  2. Select Add Network from the top of the Screen.
  3. A Dialog Box will open and you will want to click the Shared Tab.

  4. Fill in Dialog box the required values

    Field Name Input Required/Optional
    Name Give the network a name Required
    Description Enter a Description Optional
    Zone Set the Zone you would like to build the network in Required
    Scope Choose your scope (See note below for more detail) Required
    Domain Set the domain. If left blank, it will use the root domain for your account. Optional
    Network Offering Choose your network offering Required
    Associated Network This field is left blank Optional
    IPv4 Info Fill in the IPv4 information for the Network. These fields will change slightly based on the network offering you choose. Required:
    IPv4 Gateway
    IPv4 Netmask
    IPv4 start IP
    IPv4 end IP
    IPv6 Info This section can be skipped Optional
    Network Domain A custom DNS suffix at the level of a Network. If you want to assign a special domain name to the Guest Instance Network, specify a DNS suffix. Optional
    Hide IP Address Usage Leave this option turned off Optional

  5. Once all of this information is filled in, click OK at the bottom of the screen

    The Isolated/L2 Tabs in the Add Network dialog box are not used

    Scope

    Domain: Selecting Domain limits the scope of this Guest Network to the domain you specify. The Network will not be available for other domains. If you select Subdomain Access, the guest Network is available to all the sub domains within the selected domain.
    Account: The Account for which the Guest Network is being created for. You must specify the domain the Account belongs to.
    Project: Projects are not Implemented in OpenCloud.

Edit Network

  1. Click on Network > Guest Networks on the main OpenCloud Menu screen.
  2. Select the guest network to edit.
  3. Click the Edit Network button.
  4. You can edit the name, description, Network offering, CIDR, Network domain of a guest Network.
  5. Confirm by clicking OK.

Delete Network

  1. Click on Network > Guest Networks on the main OpenCloud Menu screen.
  2. Select the guest network to delete.
  3. Click the Delete Network button.
  4. Confirm by clicking OK.

Restart Network

  1. Click on Network > Guest Networks on the main OpenCloud Menu screen.
  2. Select the guest network to restart.
  3. Click the Restart Network button.

  4. Confirm by clicking OK.

    Warning

    All services provided by this Network will be interrupted.
    If you select Clean up, the virtual routers of guest Network will be destroyed and new virtual routers will be provisioned.

Design Guide

Use Case #1 - US Signal Managed Networks

In the following example, all of the networks within this domain are using US Signal provided VLANs. These networks have the ability, and in this case, are attached to a US Signal Cloud Based Advanced Security (CBAS) appliance. In this deployment, the following three networks are configured:

  • Network Name: DMZ
    • Network Offering: Network - Basic
    • VLAN: US Signal Provisioned
    • Virtual Router: Not required
    • IP Addressing: All IP addresses are statically assigned for instances in this network. This is performed through the Console Proxy or other pre-configuration methods which are outside of the scope of OpenCloud provided services.
  • Network Name: App
    • Network Offering: Network - Services
    • VLAN: US Signal Provisioned
    • Virutal Router: Auto-created by OpenCloud
    • IP Addressing: Dynamically assigned or specified when creating or editing instances for a static DHCP reservation. Instances provide their IP address information in the OpenCloud interface.
  • Network Name: DB
    • Network Offering: Network - Basic
    • VLAN: US Signal Provisioned
    • Virtual Router: Not required
    • IP Addressing: All IP addresses are statically assigned for instances in this network. This is performed through the Console Proxy or other pre-configuration methods which are outside of the scope of OpenCloud provided services. 
%%{init: {"flowchart": {"defaultRenderer": "elk", "htmlLabels": true, "securityLevel": "loose" } }}%%
flowchart TD
    firewall[CBAS Firewall]
    A[US Signal Network] o--o|US Signal Provisioned 
    DIA/MPLS VLAN| firewall
    firewall
    subgraph DMZ["Basic"]
      web01
      web02
    end 
    subgraph App["Services"]
      app01 
      app02
      vr[Virtual 
      Router]
      vr -.->|dhcp| app01 
      vr -.->|dhcp| app02
    end 
    subgraph DB["Basic"]
      db01
      db02
    end 
firewall o--o|**DMZ**
    US Signal Provisioned
    VLAN| DMZ
    firewall o--o|**App**
    US Signal Provisioned
    VLAN| App
    firewall o--o|**DB**
    US Signal Provisioned
    VLAN| DB

Use Case #2 - Customer Managed Networks

In the following example, the networks are customer provisioned, with the exception of one US Signal provided VLAN for Internet access. These networks have the ability to be self-provisioned, but are not able to extend to a US Signal Cloud Based Advanced Security (CBAS) appliance. These networks are best used with a self-provided firewall appliance to act as the gateway for these networks, In this deployment, the following three networks are configured:

  • Network Name: DMZ
    • Network Offering: Network - Basic - Self-Provisioned
    • VLAN: Auto-assigned
    • Virtual Router: Not required
    • IP Addressing: All IP addresses are statically assigned for instances in this network. This is performed through the Console Proxy or other pre-configuration methods which are outside of the scope of OpenCloud provided services.
  • Network Name: App
    • Network Offering: Network - Services - Self-Provisioned
    • VLAN: Auto-assigned
    • Virutal Router: Auto-created by OpenCloud
    • IP Addressing: Dynamically assigned or specified when creating or editing instances for a static DHCP reservation. Instances provide their IP address information in the OpenCloud interface.
  • Network Name: DB
    • Network Offering: Network - Basic
    • VLAN: Auto-assigned
    • Virtual Router: Not required
    • IP Addressing: All IP addresses are statically assigned for instances in this network. This is performed through the Console Proxy or other pre-configuration methods which are outside of the scope of OpenCloud provided services. 
%%{init: {"flowchart": {"defaultRenderer": "elk", "htmlLabels": true, "securityLevel": "loose" } }}%%
flowchart TD
    firewall[Customer-Provided Firewall]
    A[US Signal Network] o--o|US Signal-Provided 
    DIA/MPLS VLAN| firewall
    firewall
    subgraph DMZ [Basic - Self-Prov.]
      web01
      web02
    end 
    subgraph App [Services - Self-Prov.]
      app01 
      app02
      vr[Virtual 
      Router]
      vr -.->|dhcp| app01 
      vr -.->|dhcp| app02
    end 
    subgraph DB [Basic - Self-Prov.]
      db01
      db02
    end 
    firewall o--o|**DMZ**
    Auto Provisioned
    VLAN| DMZ
    firewall o--o|**App**
    Auto Provisioned
    VLAN| App
    firewall o--o|**DB**
    Auto Provisioned
    VLAN| DB