Friday, January 6, 2012

Eucalyptus Platform Concepts - Networking: IP Addresses

Networking in Eucalyptus requires understanding of three different types of IP addresses and four different networking modes. In this post, we'll take a look at the different IP addresses and what they do.

Eucalyptus clouds deploy three different types of IP addresses: public, private, and elastic.

Public IP Addresses

Public IP addresses are probably the easiest IP address to understand in Eucalyptus. These are the outward-facing IP addresses users use to communicate with their virtual machine instances. These are not allocated directly to the virtual machines - rather, they are mapped IP addresses stored in an iptables database on the Cluster Controller (CC). The CC routes traffic intended for the Public IP to the Private IP address of the virtual machine to which it is assigned.

  • Try not to confuse the concept of a Public IP address in the cloud with the concept of a public IP address on the Internet. In Internet terms, a public IP address is a publicly routable address, whereas a private IP address is non-routable and requires Network Address Translation (NAT) in order to communicate with the outside world. In cloud terms, a Public IP address is whatever address a user might use to connect directly to a virtual machine instance. If that user is on your internal network, the cloud Public IP address might very well be in a non-Internet-routable private IP address range. For example, an instance can be assigned a cloud Public IP address in the range, which is a non-routable or private IP address in Internet terms.

Private IP Addresses

The Private IP address is the actual address the virtual machine receives, and the only one of which it is aware. Virtual machine instances also use cloud Private IP addresses for internal networking purposes. They must be configured on a separate subnet from the Public IP address range. For example, if Public IP addresses are configured in the range, Private IP addresses might be configured with a range of to avoid any chance of overlap.

Elastic IP Addresses

Elastic IP addresses are permanent Public IP addresses that can be mapped to different virtual machine instances by a user. This mapping allows a user to provide a publicly available service - such as a web site - with an IP address that never changes, even if the underlying virtual machine instance and its associated Private IP address changes.

For example, assume Susan has a CentOS 5.x web server at, and she has configured it with an Elastic IP address. The actual IP configuration might look something like this:

Let's say Susan wants to upgrade the web server to CentOS 6.x. First, she would set up the new web server - a new instance in the cloud - and test it to make sure it was working properly.

Once she was satisfied that everything worked as it should, she would then re-map the Elastic IP address to the new server.

No changes to public DNS are required to make this change. The Eucalyptus cloud manages everything behind the scenes.

If something went wrong at this point, Susan could re-map the Elastic IP address back to the old web server, and the change would happen instantaneously. If, however, everything continues to work as expected, Susan can decommission the old server, and the upgrade would be complete.

In the next post, we'll continue our discussion of Networking concepts and define the Network Modes currently available in Eucalyptus.

No comments:

Post a Comment