Difference between revisions of "Virtual networks"

From Luna Node
Jump to: navigation, search
Line 20: Line 20:
  
 
Currently, load balancing configuration is not available from the panel, but we are working on it. If you need load balancing now, open a ticket and include the port/protocol, load distribution method, and virtual machines that you need in the pool (for each VM include the IP address and service port).
 
Currently, load balancing configuration is not available from the panel, but we are working on it. If you need load balancing now, open a ticket and include the port/protocol, load distribution method, and virtual machines that you need in the pool (for each VM include the IP address and service port).
 +
 +
== Firewall ==
 +
 +
Firewall service can also be activated on your network. With the firewall service, you can define rules on your virtual network which will be automatically implemented via iptables on the network nodes. Each rule consists of: protocol, source subnet/port, destination subnet/port, and the action to take (ALLOW/DENY). Rules are applied in the order that they are set in a firewall policy.
 +
 +
Currently, firewall configuration is not available from the panel, but we are working on it. If you need the service now, open a ticket and include the rules you wish to be applied on your virtual network.
 +
 +
== VPN ==
 +
 +
The virtual private network feature allows you to join your network on Luna Node Dynamic with other networks. It utilizes IKE+IPSec technologies. Open a ticket for more information; at some point this will be integrated into the panel.

Revision as of 00:07, 22 April 2014

Virtual networks give you advanced capabilities including isolated private routing, load balancing, firewall rules, and virtual private network as a service. Once you create a network, you will be able to provision virtual machines on that network and then set up any desired network services.

Currently, only isolated private routing can be configured directly from the Luna Node Dynamic panel. We are working on integrated the other services with the panel, but in the meantime you can open a ticket and we can set it up manually for you.

Create a network

Each network on your account is billed hourly at $4 per month. To create a network, head over to the Virtual networks page (reachable from Account tab). You will see the default network that virtual machines are provisioned on labeled Luna Node.

To create your own private network, enter a label, /24 or /16 subnet prefix (e.g., if you want 192.168.32.0/24 then you would write 192.168.32), and comma-separated list of DNS servers to use (enter 8.8.8.8,8.8.4.4 to use Google's public DNS). Hit create network; this operation takes several seconds.

Isolated private routing

Once you have created a network, you can provision virtual machines on that network; you will be able to select the network when you create a new virtual machine.

Virtual machines on the network will be assigned a fixed private IP that is isolated to that network -- this means no one else will be able to communicate with your VM. You can fully isolate a VM by dis-associating its [[Floating IP addresses|floating IP address] from the VM details page.

Load balancing

On your network, you can create load balancing pools that allow you to distribute network application load across multiple VM instances. The pools can be dynamically adjusted to add or remove VM instances, providing you with easy scalability. We support HTTP, HTTPS, and generic TCP protocols, and round-robin, least connections, or source IP based load distribution algorithms. The load balancing pool will have its own external floating IP address that serves as the entrypoint to your application.

Currently, load balancing configuration is not available from the panel, but we are working on it. If you need load balancing now, open a ticket and include the port/protocol, load distribution method, and virtual machines that you need in the pool (for each VM include the IP address and service port).

Firewall

Firewall service can also be activated on your network. With the firewall service, you can define rules on your virtual network which will be automatically implemented via iptables on the network nodes. Each rule consists of: protocol, source subnet/port, destination subnet/port, and the action to take (ALLOW/DENY). Rules are applied in the order that they are set in a firewall policy.

Currently, firewall configuration is not available from the panel, but we are working on it. If you need the service now, open a ticket and include the rules you wish to be applied on your virtual network.

VPN

The virtual private network feature allows you to join your network on Luna Node Dynamic with other networks. It utilizes IKE+IPSec technologies. Open a ticket for more information; at some point this will be integrated into the panel.