No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionCloud 6.3.0 Solution Description 05

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Implementation Principles

Implementation Principles

Logical Architecture

Figure 11-3 VPN logical architecture
Table 11-2 Component details

Type

Name

Description

Console layer

LVS

Provides level-1 load balancing.

Nginx

Provides level-2 load balancing.

Network Console

You can use this console to manage all VPN-related resources.

API/service layer

HaProxy

Provides load balancing for Combined APIs.

Network Service

Provides interfaces for Network Console to manage VPC resources.

Common components

API Gateway

Third-party applications call ECS APIs through the API Gateway.

SDR

Provides the resource metering and billing function.

DNS/NTP

Provides domain name resolution and time synchronization.

TaskCenter

Displays the task status.

Resource pool

Glance

Provides the image management service.

Nova

Manages the life cycle of computing instances in the FusionSphere OpenStack environment, for example, creating instances in batches, and scheduling or stopping instances on demand.

Cinder

Provides persistent block storage for running instances. Its pluggable drives facilitate block storage creation and management.

Neutron

Provides APIs for network connectivity and addressing.

Management zone

IAM

Provides Identity and Access Management (IAM).

eSight

-

Service OM

-

Metering

Provides the resource metering and billing function using SDR.

Service Flow

Figure 11-4 VPN management service flow

The tasks in all steps are as follows:

  1. VPN creation is performed on the VPN page, and the VPC calls the Neutron API to create the VPN.
  2. The Neutron VPN plugin writes the operation into the database, l3-service-agent writes the op table data into the VPN extension table, and the vRouter component sends the flow table based on the content of the extension table.
  3. The Neutron VPN NGFW agent sends VPN configuration to the VPN firewall.
Translation
Download
Updated: 2019-04-23

Document ID: EDOC1100026685

Views: 162425

Downloads: 264

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next