Eip Usermanual
Eip Usermanual
8.3.1
User Guide
Issue 01
Date 2024-04-30
and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei
Cloud and the customer. All or part of the products, services and features described in this document may
not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all
statements, information, and recommendations in this document are provided "AS IS" without
warranties, guarantees or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website: https://www.huaweicloud.com/intl/en-us/
Contents
1 Overview....................................................................................................................................1
1.1 What Is Elastic IP?................................................................................................................................................................... 1
1.2 Advantages................................................................................................................................................................................ 2
1.3 Application Scenarios............................................................................................................................................................. 4
1.4 Related Services....................................................................................................................................................................... 5
1.5 Features...................................................................................................................................................................................... 6
1.6 Restrictions................................................................................................................................................................................ 6
1.7 Accessing and Using EIP....................................................................................................................................................... 7
2 Related Concepts..................................................................................................................... 8
2.1 Shared Bandwidth................................................................................................................................................................... 8
2.2 Virtual IP Address.................................................................................................................................................................... 8
2.3 EIP-Metering............................................................................................................................................................................. 8
3 Operation Process................................................................................................................. 10
4 Quick Start.............................................................................................................................. 12
4.1 Applying for an EIP............................................................................................................................................................... 12
4.2 Unbinding an EIP.................................................................................................................................................................. 14
5 Creation................................................................................................................................... 16
5.1 Applying for an EIP............................................................................................................................................................... 16
5.2 Creating a Shared Bandwidth........................................................................................................................................... 18
5.3 Binding an EIP........................................................................................................................................................................ 20
6 Managing an EIP................................................................................................................... 22
6.1 Unbinding an EIP.................................................................................................................................................................. 22
6.2 Deleting and Restoring an EIP......................................................................................................................................... 22
6.3 Changing the Maximum Bandwidth Size of an EIP.................................................................................................. 25
6.4 Viewing the Expiration Time and Extending the Required Duration of an EIP............................................... 28
6.5 Modifying a Bandwidth...................................................................................................................................................... 28
6.6 Monitoring EIP and Bandwidth........................................................................................................................................ 29
6.7 Configuring Threshold-Crossing Alarms for Monitoring Indicators.................................................................... 30
7.3 Changing the Numbers of QoS Shared Bandwidths and EIPs in the Shared Bandwidths.......................... 35
7.4 Changing the Maximum Number of EIPs in a Shared Bandwidth...................................................................... 37
8 Best Practice........................................................................................................................... 41
8.1 Binding an EIP to Allow Extranet Access...................................................................................................................... 41
8.2 Binding an EIP to Allow Access from the Internet to Multiple ECSs...................................................................43
9 FAQs..........................................................................................................................................46
9.1 What Is an EIP Used for?....................................................................................................................................................46
9.2 How Does an ECS Use an EIP?......................................................................................................................................... 46
9.3 How Many ECSs Can One EIP Be Assigned to?.......................................................................................................... 46
9.4 How Can I Access an ECS from the Internet After an EIP Is Bound to the ECS?............................................ 46
9.5 Creating Multiple Subnets for an EIP External Network.........................................................................................47
9.6 Adding a Subnet in an EIP External Network............................................................................................................. 49
9.7 How Do I Bind a Virtual IP Address with an EIP?...................................................................................................... 50
9.8 How Do I Enable EIP QoS.................................................................................................................................................. 51
9.9 How Do I Access the Elastic IP Page?............................................................................................................................ 53
9.10 How Do I Access Service OM?....................................................................................................................................... 53
Issue 01 (2024-04-30) Copyright © Huawei Cloud Computing Technologies Co., Ltd. iii
Elastic IP (EIP)
User Guide 1 Overview
1 Overview
All IP addresses configured for instances in a local area network (LAN) are private
IP addresses, which cannot be used for extranet access. To enable applications on
an instance in a VPC to access the extranet, bind an EIP to the instance, which will
allow the instance to access the extranet using a fixed extranet IP address.
An EIP can be bound to or unbound from a virtual private cloud (VPC) resource,
such as an elastic cloud server (ECS), bare metal server (BMS), virtual IP address,
or elastic load balancer in a VPC subnet. A VPC resource bound with an EIP can
use the EIP to communicate with the extranet, but the EIP is not exposed on the
resource.
Network Scheme
Software is used to convert extranet and private IP addresses into each other.
Functions
● Binding an extranet IP address as required
The EIP enables you to access the extranet flexibly and with a high
performance. You can apply for an independent extranet IP address, and then
bind it to an ECS to allow the ECS to access the extranet. The binding and
unbinding operations take effect immediately.
● Setting the bandwidth limit
When applying for an extranet IP address, you can set the bandwidth limit for
it.
● Existing independently
The EIP will not be applied together with any compute or storage resource as
a bundle. The EIP is an independent resource.
● Applying for EIPs in batches
You can apply for multiple EIPs at a time.
● Manually specifying an EIP or automatically allocating an EIP
When applying for an EIP, you can choose to manually specify one or
automatically allocate one. When you choose to manually specify one, enter
an idle IP address.
● Specifying a required duration
When applying for an EIP, you can specify a required duration for it based on
your service requirements. The required duration ranges from days to an
unlimited period.
Billing rule
EIP billing factor: required duration of the EIP
EIP bandwidth billing factor: EIP bandwidth size
NOTICE
In HUAWEI CLOUD Stack 8.1.0, a new EIP billing mode is added. In the new mode,
you are billed by the actual data traffic usage in real time.
To ensure billing stability, you are advised to use the original EIP billing mode, that
is, you are billed by the required duration of the EIP.
1.2 Advantages
EIPs are used to enable cloud resources to be accessed from the Internet. EIPs can
be bound to or unbound from various service resources to meet different service
requirements.
● You can bind an EIP to an ECS or BMS to enable extranet access for the ECS
or BMS.
● You can bind a virtual IP address with an EIP so that you can access the ECSs
that have the same virtual IP address bound from the extranet, improving
fault tolerance capabilities.
● You can bind an EIP to a load balancer so that the load balancer receives
access requests from the extranet and automatically distributes the access
requests to specified multiple ECSs.
With the shared bandwidth, multiple instances can share one bandwidth.
Therefore, you can add instances without high bandwidth requirements to a
shared bandwidth.
● Multiple EIPs can share one bandwidth. The shared bandwidth helps lower
bandwidth costs compared with the dedicated bandwidth.
As shown in Figure 1-1, three EIPs with dedicated bandwidth (8 Mbit/s, 5
Mbit/s, and 7 Mbit/s) are used. The total cost equals 20 Mbit/s bandwidth
cost. As shown in Figure 1-2, the three EIPs are added to the same shared
bandwidth to meet the bandwidth requirements of three peak hours. The
total cost is less than 12 Mbit/s bandwidth cost.
● The shared bandwidth can be shared and multiplexed at the project level,
which lowers bandwidth usage costs and O&M costs.
● The shared bandwidth has a wide size range, and you can adjust the
bandwidth size anytime as required.
Using an EIP and a NAT Gateway to Let Cloud Servers in a VPC Access the
Extranet
To let multiple cloud servers in a VPC access the extranet, use an EIP and a NAT
gateway.
Create a NAT gateway. Create a SNAT rule. Add the target EIP and the target
subnet to the SNAT rule to let the cloud servers in the subnet access the extranet
over the EIP. For details, see "NAT Gateway" in Virtual Private Cloud (VPC) 8.3.1
User Guide (for Huawei Cloud Stack 8.3.1) in Virtual Private Cloud (VPC) 8.3.1
Usage Guide (for Huawei Cloud Stack 8.3.1).
Bare Metal Server (BMS) A NIC of a BMS can be bound to an EIP. In this
case, the BMS is associated with the EIP.
Elastic Load Balance (ELB) The IP address of an elastic load balancer can be
bound to an EIP. In this case, the elastic load
balancer is associated with the EIP.
Cloud Firewall (CFW) CFW 2.0 instances can be bound to EIPs for EIP
security.
1.5 Features
Context
Intel, Hygon (AMD), Kunpeng, and Phytium CPUs are supported. Intel and Hygon
(AMD) CPUs use the x86 architecture, and Kunpeng and Phytium CPUs use the
Arm architecture. For details about the features and functions supported by
servers using different CPUs, see Huawei Cloud Stack 8.3.1 Infrastructure
Service Feature List (Compute, Network, and Basic Management).
1.6 Restrictions
Before using EIPs, learn the restrictions described in Table 1-2.
Item Restrictions
Item Restrictions
Tenants in B2B scenarios) as a tenant, click in the upper left corner of the
page, select a region and resource space, and select the cloud service.
● API
Use this mode if you need to integrate this service into a third-party system
for secondary development. For details, see the API reference of this service.
2 Related Concepts
2.3 EIP-Metering
EIP-Metering is an optional cloud service independently deployed on a VM. It
monitors tenant EIP traffic and bandwidth in real time and displays EIP inbound
and outbound traffic, inbound and outbound bandwidth, and outbound network
usage of a tenant on the tenant VPC console and ManageOne Maintenance
Portal. The system pre-configures outbound bandwidth usage threshold alarms.
You can also customize threshold as required.
NOTICE
3 Operation Process
This section describes the EIP operation process. The following figure shows the
process.
Creatio You can apply for an EIP to obtain the delivered EIP resources, which
n provide a basis for binding an EIP to an ECS to access the Internet.
For details, see 5.1 Applying for an EIP and 5.3 Binding an EIP.
You can apply for shared bandwidth and add EIPs that do not require
high bandwidth to the shared bandwidth, which greatly reduces
operation costs.
For details, see 5.2 Creating a Shared Bandwidth.
You can delete an EIP. After an EIP is deleted, it is moved to the recycle
bin.
For details, see 6.2 Deleting and Restoring an EIP.
4 Quick Start
Prerequisites
● You have created EIP external networks. For details, see section "Configuring
an External Network" in Huawei Cloud Stack 8.3.1 Resource Provisioning
Guide.
● You have allocated an external network to the tenant. For details, see
Allocating an External Network to a VDC Tenant in section "Allocating
Resources" of Huawei Cloud Stack 8.3.1 Resource Provisioning Guide.
● You have enabled the EIP QoS function. By default, EIP QoS is enabled. If it is
disabled, enable it by following the instructions provided in 9.8 How Do I
Enable EIP QoS.
NOTE
● When EIP QoS is enabled, you need to set parameters such as the bandwidth name
and size when applying for an EIP.
● When EIP QoS is disabled, no bandwidth configuration is displayed on the page for
applying for an EIP.
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 4 In the displayed Select Service dialog box, click Apply Now.
Step 6 Check the EIP settings and perform either of the following operations:
● Click Add to Cart and submit the application later.
● Click Apply Now to apply for an EIP.
----End
If an ECS or BMS no longer needs an EIP, you can unbind the EIP from the ECS or
BMS and then release it to avoid wasting network resources.
Unbinding an EIP
NOTE
● You can unbind an EIP, on the EIPs page, that you have created and bound to a cloud
resource on the ELB console.
● An EIP can be released only when it has not been bound to any cloud resource. To
release an EIP that has been bound to a cloud resource, unbind it from the cloud
resource first.
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and click Unbind.
Step 4 Click OK.
----End
5 Creation
Prerequisites
● You have created EIP external networks. For details, see section "Configuring
an External Network" in Huawei Cloud Stack 8.3.1 Resource Provisioning
Guide.
● You have allocated an external network to the tenant. For details, see
Allocating an External Network to a VDC Tenant in section "Allocating
Resources" of Huawei Cloud Stack 8.3.1 Resource Provisioning Guide.
● You have enabled the EIP QoS function. By default, EIP QoS is enabled. If it is
disabled, enable it by following the instructions provided in 9.8 How Do I
Enable EIP QoS.
NOTE
● When EIP QoS is enabled, you need to set parameters such as the bandwidth name
and size when applying for an EIP.
● When EIP QoS is disabled, no bandwidth configuration is displayed on the page for
applying for an EIP.
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 4 In the displayed Select Service dialog box, click Apply Now.
Step 6 Check the EIP settings and perform either of the following operations:
● Click Add to Cart and submit the application later.
● Click Apply Now to apply for an EIP.
----End
bandwidth costs. If multiple EIPs share one bandwidth, your network operation
costs will be lowered and your system O&M as well as resource statistics will be
simplified.
Operation Process
Prerequisites
You have enabled EIP QoS.
● By default, EIP QoS is enabled. To manually enable or disable it, see 9.8 How
Do I Enable EIP QoS.
● After EIP QoS is disabled, the shared bandwidth and EIP bandwidth are not
displayed on the Console page.
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the upper right corner of the displayed page, click Create Shared Bandwidth.
----End
When applying for a load balancer by clicking Apply for Load Balancer on
the Elastic Load Balance page, you can bind an EIP to a load balancer. For
details, see "Creation" > "Applying for a Load Balancer" in Elastic Load
Balance (ELB) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Elastic Load
Balance (ELB) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
● If compute resources in HA mode are configured with a virtual IP address and
the applications deployed on the resources need to access the extranet, bind
an EIP to the virtual IP address. For details, see 9.7 How Do I Bind a Virtual
IP Address with an EIP?
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and click Bind.
Step 4 On the Bind EIP page, select the target cloud resource.
● ECS: If an ECS is unavailable, the ECS has no available NICs or each NIC has
been bound with an EIP.
● BMS: If a BMS is unavailable, the BMS has no available NICs or each NIC has
been bound with an EIP.
● Virtual IP address: A virtual IP address can be bound with an EIP only when
the virtual IP address is an IPv4 address. A virtual IP address cannot be bound
with an EIP if the virtual IP address is an IPv6 address or the virtual IP address
belongs to an intra-project subnet. After binding an EIP to a virtual IP address,
check whether it is successfully bound. For details, see 9.7 How Do I Bind a
Virtual IP Address with an EIP?
● Supplementary NIC: If this parameter is unavailable, no supplementary NIC
is available or all supplementary NICs have been bound to EIPs.
Step 5 Select the cloud resources to be bound and click OK.
----End
6 Managing an EIP
If an ECS or BMS no longer needs an EIP, you can unbind the EIP from the ECS or
BMS and then release it to avoid wasting network resources.
Unbinding an EIP
NOTE
● You can unbind an EIP, on the EIPs page, that you have created and bound to a cloud
resource on the ELB console.
● An EIP can be released only when it has not been bound to any cloud resource. To
release an EIP that has been bound to a cloud resource, unbind it from the cloud
resource first.
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and click Unbind.
----End
● An EIP can be released only when it is not bound to any instance or fails to be
bound to an instance.
● After an EIP is released, it is moved into the recycle bin. You can delete an EIP
permanently from the recycle bin.
● After an EIP is released, it is moved into the recycle bin. You can restore the
EIP from the recycle bin. After an EIP is restored, its status is no longer Soft
deleted. A restored EIP functions as usual.
Releasing an EIP
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP. Click More, and then
choose Release. The Release EIP dialog box is displayed.
NOTE
● If the EIP has been bound to an instance, unbind the EIP from the instance as described
in Unbinding an EIP.
● If you will release an EIP and will no longer use it, select Permanently release to delete
it permanently.
● If you will release an EIP and may use it again, do not select Permanently release. To
use it again, you need to restore it. For details, see Restoring an EIP.
----End
NOTICE
Step 2 Click in the upper left corner of the page, select a region and resource space,
and choose Management & Deployment > Recycle Bin.
Step 3 On the Recycle Bin page, select the EIP to be deleted permanently, and then click
Delete Permanently.
Step 4 In the Warning dialog box, click OK.
----End
Restoring an EIP
Step 1 Log in to ManageOne as a VDC administrator or VDC operator using a browser.
URL in non-B2B scenarios: https://Domain name of ManageOne Operation Portal,
for example, https://console.demo.com.
URL in B2B scenarios: https://Domain name of ManageOne Operation Portal for
Tenants, for example, https://tenant.demo.com.
URL of the unified portal: https://Domain name of the ManageOne unified portal,
for example, https://console.demo.com/momaintenancewebsite/uniportal/#/
home. On the homepage, choose Self-service Cloud Service Center to go to
ManageOne Operation Portal.
You can log in using a password or a USB key.
● Login using a password: Enter the username and password.
The password is that of the VDC administrator or VDC operator.
● Login using a USB key: Insert a USB key with preset user certificates, select
the required device and certificate, and enter a PIN.
Step 2 Click in the upper left corner of the page, select a region and resource space,
and choose Management & Deployment > Recycle Bin.
Step 3 Restore EIPs by following the instructions provided in Table 6-1.
Operation Procedure
Restoring
multiple EIPs 1. On the Recycle Bin page, tick to select multiple EIPs.
at a time 2. Click Restore in the upper part of the page, and click OK in
the displayed dialog box to restore the EIPs.
3. When restoring a released EIP, you will apply for the EIP
again. You can click OK in the displayed dialog box to view
your application.
Operation Procedure
Restoring a 1. On the EIPs page, locate the row containing the target EIP.
single EIP Then, in the Operation column, click More, and choose
Restore.
2. In the displayed dialog box, check the information and click
OK.
3. When restoring a released EIP, you will apply for the EIP
again. You can click OK in the displayed dialog box to view
your application.
----End
Prerequisites
● EIP QoS is supported.
● You have obtained the username and password of the super administrator for
logging in to the DMK platform.
● You have obtained the username and password of the team administrator for
logging in to the DMK platform.
Procedure
Step 1 Log in to the DMK platform.
● In the address box of the browser, enter https://DMK IP address:8443. On the
DMK login page, enter the username and password of the super administrator
for logging in to the DMK platform, and click Login.
● Default account: sysadmin
See the default password of the target account on the "Type A (Portal)" sheet
in Huawei Cloud Stack 8.3.1 Account List.
Step 2 In the navigation pane on the left, choose Configurations.
Step 3 Modify the corresponding common configuration item.
On the Public Configuration page, the system displays common configuration
items. You can click Edit to edit any of them.
Locate g_eip and enter the maximum bandwidth size into max_bandwidth_size.
NOTE
● The value of bandwidth_granularity is the unit step after the maximum bandwidth size
exceeds 300 Mbit/s.
– If the bandwidth is less than or equal to 300 Mbit/s, the unit step is fixed to 1 and
the bandwidth increases by the step of 1 Mbit/s.
– If the bandwidth exceeds 300 Mbit/s, the bandwidth increases by the configured
step. For example, if the value of bandwidth_granularity is set to 5, the
bandwidth increases by 5 Mbit/s each time, namely, 305 Mbit/s, 310 Mbit/s, 315
Mbit/s, and so on.
● After changing the maximum bandwidth size of an EIP, adjust the value of
bandwidth_granularity accordingly to prevent data crowding.
----End
If a cloud resource, such as an ECS or BMS, needs to continue using an EIP whose
required duration ends, you can extend the required duration of the EIP.
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and view its expiration
time.
NOTE
If you need to continue using an EIP that will expire soon, extend its required duration in
time. For details, see Extending the Required Duration of an EIP in this section.
----End
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP. Click More, and then
choose Extend.
----End
● Bandwidth-related operations are available only after you have enabled EIP
QoS on the DMK platform.
NOTE
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and then click More >
Modify.
Step 4 In the displayed dialog box, enter a name and a bandwidth size.
NOTE
The modified bandwidth limits only the traffic in the egress direction.
----End
Procedure
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the target EIP and click the EIP name.
Step 4 On the EIP details page, click the Monitoring tab.
You can view the running status of traffic and bandwidth in the last 1 hour or 3
hours by default, or view the running status of traffic and bandwidth in a specified
period. Table 6-3 describes the monitoring indicators.
----End
Procedure
Step 1 Log in to ManageOne Maintenance Portal at https://Address for accessing the
homepage of ManageOne Maintenance Portal:31943, or log in to the ManageOne
unified portal at https://Address for accessing the ManageOne unified portal and
click Maintenance Center (OperationCenter) to access ManageOne
Maintenance Portal.
● Login using a password: Enter the username and password.
– Default username: bss_admin
NOTE
For ManageOne upgraded from 8.2.0 or earlier, the default username is admin.
– Default password: See the default password of the account for logging in
to ManageOne Maintenance Portal on the "Type A (Portal)" sheet in
Huawei Cloud Stack 8.3.1 Account List.
● Login using a USB key: Insert a USB key with preset user certificates, select
the required device and certificate, and enter a PIN.
Step 2 On the menu bar in the upper part of the page, choose Monitoring >
Configuration.
Step 3 In the navigation pane, choose Threshold-Crossing Alarm Rules.
Step 4 Click Create.
Step 5 Set parameters in the Basic Information and Monitoring Scope areas based on
Table 6-4.
----End
You can add EIPs to a shared bandwidth so that the EIPs share the bandwidth. Multiple EIPs
can be added to a shared bandwidth at a time.
● An EIP that is soft deleted or expires cannot be added to a shared bandwidth.
● All EIPs added to a shared bandwidth must belong to the same group.
● After an EIP is added to a shared bandwidth, the original bandwidth size used by the EIP
will become invalid, and the new EIP bandwidth size will be the same as that of the
shared bandwidth.
● The EIP's original dedicated bandwidth will be deleted, and you will not be charged for
the dedicated bandwidth.
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the shared bandwidth list, locate the row containing the target shared
bandwidth. Then, in the Operation column, click More and choose Add EIP.
Step 4 In the Add EIP dialog box, select your target EIPs.
----End
Removing EIPs
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the shared bandwidth list, locate the row containing the target shared
bandwidth. Then, in the Operation column, click More and choose Remove EIP.
Step 4 In the Remove EIP dialog box, set the dedicated bandwidth parameters for the
EIPs to be removed.
----End
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the shared bandwidth list, locate the row containing the target shared
bandwidth, and view the EIPs added to the shared bandwidth in the EIP column.
----End
● If a service requires a low EIP bandwidth, you can add its EIP to a shared bandwidth so
that the EIP shares a bandwidth with other EIPs added to the shared bandwidth, which
saves costs.
● Before deleting an EIP that has been added to a shared bandwidth or using it as an EIP
with a dedicated bandwidth, remove the EIP from the shared bandwidth.
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP. Then, in the Operation
column, click More, and choose Add to Shared Bandwidth.
Step 4 In the Add to Shared Bandwidth dialog box, select the target shared bandwidth.
● After an EIP is added to a shared bandwidth, the original bandwidth size used by the EIP
will become invalid.
● You can select a shared bandwidth that is not added to any EIP or a shared bandwidth
that belongs to the same group as the EIP.
----End
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP. Then, in the Operation
column, click More, and choose Remove from Shared Bandwidth.
Step 4 In the Remove from Shared Bandwidth dialog box, set the EIP bandwidth after
the EIP is removed.
----End
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the shared bandwidth list, locate the row containing the target shared
bandwidth, and click Modify in the Operation column.
Step 4 In the Modify Shared Bandwidth dialog box, modify parameters as required.
----End
Before deleting a shared bandwidth, remove all EIPs associated with it. For details, see
Removing EIPs.
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared
Bandwidths.
Step 3 In the shared bandwidth list, locate the row containing the target shared
bandwidth, and click Delete in the Operation column.
----End
Prerequisites
You have the permission to modify tenant quotas or VDC quotas.
Procedure
Step 1 Go to the Quota page.
● ManageOne Operation Portal for Admins
a. Choose Organization from the main menu. In the navigation pane,
choose Tenants or VDCs.
b. Click a tenant or VDC name.
c. In the navigation pane, choose Quota.
● ManageOne Operation Portal for Tenants
a. Choose System from the main menu.
b. On the displayed VDC List page, click a VDC name.
c. In the navigation pane, choose Quota.
Step 2 Modify a quota.
1. Click Modify.
To request changes on resource pools and quotas of your own VDC in the
tenant associated with an approval process, click Apply for Changing
Quotas.
2. In the displayed dialog box, select new regions, resource pools, and AZs in the
left pane.
If you select new regions and resource pools, you need to associate the
regions with the resource spaces in the tenant, so that users in the user
groups associated with the resource spaces can request resources in these
regions. For details, see "Modifying a Resource Set" in Huawei Cloud Stack
8.3.1 Resource Provisioning Guide.
3. In the right pane of the displayed dialog box, change the shared bandwidth
quota of the VDC.
A quota item in the current VDC is set to Unlimited and cannot be modified
when the same quota item in any lower-level VDC or any enterprise project in
the current or lower-level VDCs as well as a child quota item under this quota
item are set to the maximum allowed.
4. Click OK.
----End
When replacing a QoS device, specify all maximum numbers based on QoS device
performance restrictions. In this case, you need to manually modify the OpenStack
configuration item. CPS commands are provided for you to change maximum
numbers.
NOTE
Procedure
Step 1 Ask the O&M personnel for the private key certificate id_rsa for logging in to
FusionSphere OpenStack over SSH, or copy the private key certificate from the
system.
Step 2 Use the fsp user and the private key certificate id_rsa to log in to the
FusionSphere OpenStack controller node as the fsp user.
For details, see "FAQ" > "Resource Pools" > "Logging In to a Backend Node" in
Huawei Cloud Stack 8.3.1 O&M Guide.
Step 3 Run the following command to switch to the root user:
su - root
NOTE
● To obtain the default password of the root user for SSH login, search for FusionSphere
OpenStack in the Product Name column on the "Type A (Background)" sheet of
Huawei Cloud Stack 8.3.1 Account List.
● If the account is in the revoked state, log in to the node in either of the following ways:
– If you log in to the node using SSH, you need to apply for the account and
password permission. For details, see Huawei Cloud Stack 8.3.1 O&M Guide(for
ZY)"Account Request" > "Creating a Request for Obtaining Passwords" in Huawei
Cloud Stack 8.3.1 O&M GuideHuawei Cloud Stack 8.3.1 O&M Guide(for ZY).
– You can log in to the node on the CLI page of ManageOne Maintenance Portal
without entering a password if you have obtained the one-click login permission.
Step 4 Run the following command to disable user logout upon timeout:
TMOUT=0
Step 5 Import environment variables. For details, see "FAQ" > "Resource Pools" >
"Importing Environment Variables" in Huawei Cloud Stack 8.3.1 O&M Guide.
num1 is the number of shared bandwidths, and num2 is the number of EIPs
bound to a shared bandwidth.
num1 is the number of shared bandwidths, and num2 is the number of EIPs
bound to a shared bandwidth.
cps commit
Step 10 Run the following command to check whether the new configuration takes effect:
----End
Procedure
Step 1 Obtain the region ID.
1. Enter http://DMK floating IP address:8443 in the address bar of the browser
to log in to DMK.
Default username: vpc
See the default password of the target account on the "Type A (Portal)" sheet
in Huawei Cloud Stack 8.3.1 Account List.
2. In the navigation pane on the left, choose Configurations.
3. Locate the g_regions configuration item and view the value of id, which is the
region ID.
1. Click beside Configuration File. The Configuration File area and the
Configuration File Template area are displayed.
2. Check whether the Configuration File area contains the configuration item
shared_bandwidth_eip_quota.
– If yes, change its value to num2.
– If no, add shared_bandwidth_eip_quota.
shared_bandwidth_eip_quota:
region_id: num2
Example:
shared_bandwidth_eip_quota:
sa-fb-1: 50
NOTE
1. Click beside Hosts Configuration File. The Hosts Configuration File area
and the Hosts Configuration Template area are displayed. The former
provides the hosts configuration of the last operation, and the latter provides
the hosts configuration file template to use in this operation.
2. You can edit the configuration file as required and modify the configuration of
the nodes to be upgraded in the Hosts Configuration File area.
Step 9 Click Execute.
Step 10 Click OK to update the VPC Service configuration.
Step 11 Check whether the upgrade task is successfully executed.
If it fails, contact technical support for assistance.
1. Click beside Configuration File. The Configuration File area and the
Configuration File Template area are displayed.
2. Check whether the Configuration File area contains the configuration item
shared_bandwidth_eip_quota.
– If yes, change its value to num2.
– If no, add shared_bandwidth_eip_quota.
shared_bandwidth_eip_quota:
region_id: num2
Example:
shared_bandwidth_eip_quota:
sa-fb-1: 50
Step 18 Check whether the node information added to the node configuration file exists.
1. Click beside Hosts Configuration File. The Hosts Configuration File area
and the Hosts Configuration Template area are displayed. The former
provides the hosts configuration of the last operation, and the latter provides
the hosts configuration file template to use in this operation.
2. You can edit the configuration file as required and modify the configuration of
the nodes to be upgraded in the Hosts Configuration File area.
Step 19 Click Execute.
Step 20 Click OK to update the VPC Console configuration.
Step 21 Check whether the upgrade task is successfully executed.
If it fails, contact technical support for assistance.
----End
8 Best Practice
Service flowchart
Configuration Procedure
Step 1 Divide external networks. Specifically, create and configure external networks.
For details, see section "Dividing External Networks (Huawei Cloud Stack
Scenario)" in Huawei Cloud Stack 8.3.1 Resource Provisioning Guide.
For details, see "Creation" > "Applying for a VPC" in Virtual Private Cloud (VPC)
8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Virtual Private Cloud (VPC)
8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
Step 3 Create a security group.
For details, see "Security Group" > "Creating a Security Group" in Virtual Private
Cloud (VPC) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Virtual Private
Cloud (VPC) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
Step 4 Add a security group rule.
For details, see "Security Group" > "Adding a Security Group Rule" in Virtual
Private Cloud (VPC) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Virtual
Private Cloud (VPC) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
Step 5 Apply for an ECS.
For details, see "Creating an ECS" > "Applying for an ECS" in Elastic Cloud Server
(ECS) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Elastic Cloud Server
(ECS) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
----End
● Two ECSs are created to run web applications, a load balancer is used for load
balancing, and an EIP is assigned to enable external networks to access the
applications.
● An ECS is created to run the database. The applications and database are
deployed in different subnets.
Requirement Analysis
The analysis based on the user requirements is as follows:
Based on the preceding analysis, an EIP can be bound to the load balancer to
provide a unified access entrance for external networks.
Configuration Plan
On the cloud network side, the EIP service has been deployed, and a VPC, subnets,
network ACLs, and three ECSs (ECS 1 for web applications, ECS 2 for web
applications, and ECS for the database) have been created. Therefore, you only
need to create a load balancer and bind an EIP to the load balancer. The
configuration plan is as follows:
1. Create a load balancer, and the virtual IP address of the load balancer must
be within subnet 1.
2. Add a listener and backend ECS for the load balancer.
3. Bind an EIP to the load balancer to allow access from the extranet.
Figure 8-4 shows the configuration flow based on the preceding analysis.
Configuration Procedure
Step 1 Create a load balancer.
For details, see "Applying for a Load Balancer" in Elastic Load Balance (ELB) 8.3.1
User Guide (for Huawei Cloud Stack 8.3.1) in Elastic Load Balance (ELB) 8.3.1
Usage Guide (for Huawei Cloud Stack 8.3.1).
Step 2 Add a listener and backend ECS.
For details, see "Adding a Listener" and "Adding a Backend Cloud Server" in Elastic
Load Balance (ELB) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Elastic
Load Balance (ELB) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
----End
9 FAQs
The default value of Source is 0.0.0.0/0, indicating that all IP addresses can access
VMs in the security group.
Prerequisites
An EIP external network eip_external_internet has been created.
Procedure
Creating an EIP External Network
Step 1 Log in to Service OM. For details, see 9.10 How Do I Access Service OM?
Step 2 In the navigation pane on the left, choose External Networks. In the upper right
corner of the page, click Create External Network to create another EIP external
network. Configure the network parameters as shown in Table 9-1.
Parameter Description
Parameter Description
Step 3 Set the resource label for the external network as described in Table 9-2.
Parameter Description
Used For Specify what the external network will be used for. Select EIP.
Display Indicates the external network name selected when tenants apply
Name for network resources. This name is specified by the administrator
based on information about the tenant or the cloud resource
application scenario. You can enter a name that can describe a
service. Only letters, digits, underscores (_), and hyphens (-) are
allowed.
Enter eip_external_net as the name of an EIP external network.
Step 5 Locate the row that contains the created external network, click More, and then
choose Create IPv4 Subnet.
Step 6 Configure the parameters for creating a subnet in an EIP external network.
Parameter Description
Name Specifies the subnet name, which can contain 1-64 characters.
Subnet IP Specifies the IP address range of the subnet. The value of this
Address parameter cannot be changed after the subnet is created.
Parameter Description
Gateway Specifies the gateway address of the subnet. The value of this
parameter cannot be changed after the subnet is created.
To create more subnets for an EIP external network, repeat Step 5 to Step 7 for each
subnet.
Step 9 Create an EIP network route. For details, see Commissioning Procedure > EIP
Network Configuration > EIP Network Route Configuration in Huawei Cloud
Stack 8.3.1 Network Configuration Best Practices.
----End
Procedure
Step 1 Log in to Service OM. For details, see 9.10 How Do I Access Service OM?
Step 3 In the list of external networks, select the target EIP external network, and in the
Operation column, choose More > Create IPv4 Subnet.
Step 4 Specify subnet CIDR blocks based on network planning in the environment and
configure the parameters for creating a subnet in an EIP external network.
Parameter Description
Name Specifies the subnet name, which can contain 1-64 characters.
Subnet IP Specifies the IP address range of the subnet. The value of this
Address parameter cannot be changed after the subnet is created.
Gateway Specifies the gateway address of the subnet. The value of this
parameter cannot be changed after the subnet is created.
Step 6 To create more subnets for an EIP external network for applications, repeat Step 3
to Step 5 for each subnet.
----End
Procedure
Binding a Virtual IP Address on the EIP Page
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
Step 3 On the EIPs page, locate the row containing the target EIP, and click Bind.
----End
Step 1 Log in to the Elastic IP console. For details, see 9.9 How Do I Access the Elastic IP
Page?
Step 2 In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
Step 3 In the upper right corner of the subnet list, locate the VPC containing the subnet
and click the VPC name.
Step 4 On the Subnets page, click the name of the subnet the virtual IP address belongs
to.
Step 5 Click the IP Addresses tab, locate the row containing the virtual IP address to be
bound to an EIP, and click Bind EIP in the Operation column.
----End
NOTE
After binding an EIP to a virtual IP address, check whether it is successfully bound. To do so,
ping the EIP bound to the virtual IP address from an on-premises PC to check its network
connectivity.
● Before checking its network connectivity, add the network subinterface configured with
the virtual IP address to the ECS.
● The following is an example command for adding a network subinterface to a
Linux ECS.
ip addr add VIP_IP dev eth0 label eth0:1
A network subinterface added using this example command will be deleted after
ECS restart. To use the network subinterface, you need to add it again. You can add
the command to the startup script to make the command take effect permanently.
● For a Windows ECS, choose Control Panel > Network and Internet > Network
Connections. Right-click the icon of the target NIC, and choose Properties >
Internet Protocol Version 4 (TCP/IPv4). Click Properties, and select Use the
following IP address (S). Click Advanced. In the displayed dialog box, click Add
for the IP Address field to add a virtual IP address.
● To ensure that the network is accessible, the security group associated with the ECS
needs to allow inbound access from the source IP address involved in the ping
operation. For details, see "Security Group" > "Adding a Security Group Rule" in Virtual
Private Cloud (VPC) 8.3.1 User Guide (for Huawei Cloud Stack 8.3.1) in Virtual Private
Cloud (VPC) 8.3.1 Usage Guide (for Huawei Cloud Stack 8.3.1).
configuration of the last operation, and the latter provides the hosts configuration
file template to use in this operation.
In the Hosts Configuration File area on the left, locate
is_eip_supported_bandwidth and change its value to
is_eip_supported_bandwidth: 'true'.
Example:
is_eip_supported_bandwidth: 'true'
----End
Step 2 Click in the upper left corner, select a region and resource space, and choose
Network > Elastic IP.
----End
For ManageOne upgraded from 8.2.0 or earlier, the default username is admin.
– Default password: See the default password of the account for logging in
to ManageOne Maintenance Portal on the "Type A (Portal)" sheet in
Huawei Cloud Stack 8.3.1 Account List.
● Login using a USB key: Insert a USB key with preset user certificates, select
the required device and certificate, and enter a PIN.
Step 2 In the Common Links area, click Service OM. Select your region and then access
the Service OM page.
Step 3 Choose Services > Resource > Network Resource.
----End