Configuring Provider Services Access
This chapter contains the following sections:
- About Intercloud Fabric Provider Services Access
- Guidelines and Limitations
- Configuring Provider Services Access Workflow
About Intercloud Fabric Provider Services Access
Cisco Intercloud Fabric Provider Services Access allows cloud virtual machines provisioned in the Intercloud Fabric secure shell to have access to services from providers. Provider Services Access enables access to the following services and beyond:
Note | In the default mode, cloud VMs do not have access to provider networks. |
Intercloud Fabric Provider Services Access provides the following functionality:
-
VMs provisioned on Intercloud Fabric's secure shell can access services from your provider.
-
An IT administrator can manage access through system-wide policies.
Provider Services Access can only be implemented for AWS VPC clouds.
Guidelines and Limitations
The following limitations apply to Intercloud Fabric Provider Services Access:
-
Intercloud Fabric Provider Services Access is supported only on AWS.
-
With AWS as the provider, only AWS VPC is supported. (AWS Classic is not supported.)
-
The VPC network address space (services subnets) should not overlap with the enterprise address space.
-
Monitoring, troubleshooting, and configuring provider services, such as RDS and ELB, are outside the scope of the current Intercloud Fabric solution.
The following guidelines apply to Intercloud Fabric Provider Services Access:
Configuring Provider Services Access Workflow
Configuring Provider Services Access involves the following high-level tasks:
Step 1 | Enabling Intercloud Fabric system-wide policies:
|
Step 2 | Managing the Intercloud Fabric routing policy:
|
Step 3 | Managing
Intercloud Fabric cloud security groups:
|
Step 4 | Enabling Intercloud Fabric
Provider Services Access while creating a VM:
|
Managing Virtual Machine Policies
Use this procedure to manage a virtual machine (VM) policy.
Managing Routing Policies
A routing policy defines the forwarding entries in the Intercloud Fabric solution. The routing policy is used by the routing service on the Intercloud Fabric cloud or VMs with Provider Services Access enabled. The routing policy is global to the system with one global policy for the routing service and another for the VMs with Provider Services Access. You can edit a routing policy to add additional prefixes.
Use this procedure to manage a routing policy.
Step 1 | Log in to Intercloud Fabric. | ||||||||||
Step 2 | Choose
.
The list of routing policies is displayed. | ||||||||||
Step 3 | Select the
routing policy, click the gear icon, and choose
Edit to edit a routing policy.
| ||||||||||
Step 4 | You can edit
some of the following for
Routing
Policy:
| ||||||||||
Step 5 | Click Save. |
Managing Cloud Security Groups
A cloud security group is a collection of CIDRs that can access VM instances that are created in the public cloud. These are global groups and can be referenced from the public Intercloud Fabric cloud.
Use this procedure to manage a cloud security group.
Step 1 | Log in to Intercloud Fabric. | ||||||||||||
Step 2 | Choose
.
The list of cloud security groups is displayed. | ||||||||||||
Step 3 | Click the + icon to create a cloud security group. | ||||||||||||
Step 4 | Complete the
following fields for
Cloud
Security Group:
| ||||||||||||
Step 5 | To perform an
action on the cloud security group, select the cloud security group, click the
gear icon, and choose any of the following actions:
| ||||||||||||
Step 6 | Click Submit. | ||||||||||||
Step 7 | To view the status of the task, see the Cisco Intercloud Fabric Administration Guide, section "Managing Service Requests." |
Managing Virtual Machines
Use this procedure to manage virtual machines.
Step 1 | Log in to Intercloud Fabric. | ||||||||||||||||||||
Step 2 | Choose
.
The list of VMs is displayed. See the Cisco Intercloud Fabric Administration Guide, section "Icons Used in Intercloud Fabric." | ||||||||||||||||||||
Step 3 | Click the Dashboard icon to view the VM dashboard. | ||||||||||||||||||||
Step 4 | Click the + icon to create a new VM. | ||||||||||||||||||||
Step 5 | Complete the
following fields for
Create
Virtual Machine:
| ||||||||||||||||||||
Step 6 | Click Submit. | ||||||||||||||||||||
Step 7 | To view the status of the task, see the Cisco Intercloud Fabric Administration Guide, section "Managing Service Requests." | ||||||||||||||||||||
Step 8 | To perform an
action on the VM, select it, click the gear icon, and choose any of the
following actions:
|