Versions Compared

Old Version 9

changes.mady.by.user Huifeng Le

Saved on

compared with

New Version 10

changes.mady.by.user Huifeng Le

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. During current test, IPsec tunnel for Initiator to Responder requires Responder to be run before Initiatior, that means the SDEWAN CNF in Central cloud need to be run as Responder before a edge location (with private IP) setup, and the OIP Address range need to be confgiure first (read from IP address manager?) and can not be updated at run time, does this be expected behavior?
  2. Need to check how to get the assigned OIP after the tunnel between Central Cloud and Edge Location (with private ip) setup (through strongswan command?), this is required for Ip address manager and cluster register process.
  3. The registration of edge location information is should be done by Admin manually or triggled automatically by EMCO's edge location registration process (assume simaliar information shared)?  

Flow: Hub

Register Hub:

  • Trigger: Admin add/update hub information in Web UI or Remote Client Call with below informations:
    • Name, Description
    • Public IP address list
    • Shared flag (whether the hub can be shared cross overlays)
    • Overlay name
    • CertificateId
    • Kubeconfig
  • Steps:
    • Save in DB
    • Setup control plane host-host tunnel with Central Cloud (e.g. Add a new IPSec policy in Central Cloud CNF with: left: CIP, right: HIP, CertificateId)

Opens:

  1. In case multiple public IPs, needs to define which HIP should be used in tunnel with Central Cloud

Flow: Edge Location

Register Edge Location:

  • Trigger: Admin add/update edge location information in Web UI or Remote Client Call with below informations:
    • Name, Description
    • External IP address (empty if no public IP)
    • Flag as force Hub connectivity (Valid if external public IP is not empty)
    • Flag as use Hub for internet connectivity
    • Flag as Dedicated SFC
    • Number of overlay IP addresses
    • CertificateId
    • Kubeconfig
  • Steps:
    • Save in DB
    • if public ip is not empty, Setup host-host tunnel with Central Cloud (e.g. Add a new IPSec policy in Central Cloud CNF with: left: CIP, right: EIP, CertificateId)
    • if public ip is empty, no more actions (suppose the tunnel had been setup after edge location setup)

Opens:

  1. the OIP for control plane (with Central Cloud) will be generated by Centran Cloud responder, shall this OIP be used for data plane (e.g. edge1↔hub↔edge2) or new OIP should be created (e.g. use Hub as responder) in Add-edge-location flow in overlay, and the Number of overlay IP address will be used to block Add-edge-location flow if exceed?

Flow

...

: Overlay

Add-basic-information:

  • Trigger: Admin add/update edge location information in Web UI or Remote Client Call with below informations:
    • Name, Description
    • CertificateId
    • Overlay IP ranges
  • Steps:
    • Save in DB

Add-hub:

Add-edge-location:

Opens:

  1. A edge location can only belong to one overlay at the same time?

Flow: Application Connection

Open:

  1. The registration of application/microservice connection information is done by Admin manually or triggled automatically by EMCO's deployment process (assume simaliar information shared)?  

...

Error handling

DB Schema

Module Design

...