Virtual networks
Virtual networks give you advanced capabilities including isolated private routing, load balancing, firewall rules, and virtual private network as a service. Once you create a network, you will be able to provision virtual machines on that network and then set up any desired network services.
Currently, only isolated private routing can be configured directly from the Luna Node Dynamic panel. We are working on integrated the other services with the panel, but in the meantime you can open a ticket and we can set it up manually for you.
Create a network
Each network on your account is billed hourly at $4 per month. To create a network, head over to the Virtual networks page (in the sidebar). You will see the default network that virtual machines are provisioned on labeled Luna Node.
To create your own private network, enter a label, /24 or /16 subnet prefix (e.g., if you want 192.168.32.0/24 then you would write 192.168.32), and comma-separated list of DNS servers to use (enter 8.8.8.8,8.8.4.4 to use Google's public DNS). Hit create network; this operation takes several seconds.
Isolated private routing
Once you have created a network, you can provision virtual machines on that network; you will be able to select the network when you create a new virtual machine.
Virtual machines on the network will be assigned a fixed private IP that is isolated to that network -- this means no one else will be able to communicate with your VM. You can fully isolate a VM by dis-associating its [[Floating IP addresses|floating IP address] from the VM details page (in the IP sub-tab).
Load balancing
On your network, you can create load balancing pools that allow you to distribute network application load across multiple VM instances. The pools can be dynamically adjusted to add or remove VM instances, providing you with easy scalability. We support HTTP, HTTPS, and generic TCP protocols, and round-robin, least connections, or source IP based load distribution algorithms. The load balancing pool will have its own external floating IP address that serves as the entrypoint to your application.
To get started with load balancing, create a new virtual network (from Virtual Networks sidebar option) and then select the network from the networks list.
Firewall
Work on integration of the OpenStack firewall service into the panel has stopped in favor of Security groups.
Firewall service can also be activated on your network. With the firewall service, you can define rules on your virtual network which will be automatically implemented via iptables on the network nodes. Each rule consists of: protocol, source subnet/port, destination subnet/port, and the action to take (ALLOW/DENY). Rules are applied in the order that they are set in a firewall policy.
Currently, firewall configuration is not available from the panel, but we are working on it. If you need the service now, open a ticket and include the rules you wish to be applied on your virtual network.