lhajba/cloud-connect
1
0
Fork 0
forked from docs/cloud-connect
Code Pull Requests Activity

Changes to ccn_umn from docs/doc-exports#1450 (CCN UMN 20250121 version)

Browse Source 
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: OpenTelekomCloud Proposal Bot <proposalbot@otc-service.com>
Co-committed-by: OpenTelekomCloud Proposal Bot <proposalbot@otc-service.com>
This commit is contained in:
OpenTelekomCloud Proposal Bot
2025-12-16 13:04:05 +00:00
committed by zuul
parent f3fcc319b0
commit b6e0030d26
74 changed files with 1940 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
umn/source/central_network_operation_guide/central_networks/central_networks.rst Normal file
View File

File diff suppressed because it is too large Load Diff

153
umn/source/central_network_operation_guide/central_networks/cross-site_connection_bandwidths.rst Normal file
View File

File diff suppressed because it is too large Load Diff

20
umn/source/central_network_operation_guide/central_networks/index.rst Normal file
View File

@ -0,0 +1,20 @@
:original_name: cc_gcn_0000.html
.. _cc_gcn_0000:
Central Networks
================
- :ref:`Overview <cc_03_1010>`
- :ref:`Central Networks <cc_03_1020>`
- :ref:`Policies <cc_03_1030>`
- :ref:`Cross-Site Connection Bandwidths <cc_03_1050>`
.. toctree::
:maxdepth: 1
:hidden:
overview
central_networks
policies
cross-site_connection_bandwidths

69
umn/source/central_network_operation_guide/central_networks/overview.rst Normal file
View File

@ -0,0 +1,69 @@
:original_name: cc_03_1010.html
.. _cc_03_1010:
Overview
========
Central Network
---------------
Relying on the cloud backbone network, a central network allows you to easily set up a reliable, intelligent enterprise-grade network and manage global network resources on premises and on the cloud. By setting up a central network, you can enable communication between enterprise routers, in the same region or different regions.
Application Scenarios
---------------------
- Cross-region communication on the cloud: Enterprise routers in different regions are added to a central network as attachments so that resources in these regions can communicate with each other over one network.
.. figure:: /_static/images/en-us_image_0000002445430860.png
:alt: **Figure 1** Cross-region communication between enterprise routers
**Figure 1** Cross-region communication between enterprise routers
- Global network: By flexibly changing the central network policies, you can build a global network more conveniently.
Central Network Constraints
---------------------------
- To use a central network, the following resources must have been created:
- Enterprise router: used to set up a central network
.. note::
If you are not the owner of an enterprise router, you cannot use the enterprise router to set up a central network.
- Policy management
- A central network can only have one policy. If you apply another policy for this central network, the policy that was previously applied will be automatically cancelled.
- In each policy, only one enterprise router can be added for a region. All added enterprise routers can communicate with each other by default.
- A policy that is being applied or cancelled cannot be deleted.
- Cross-site connection bandwidth management
- A cross-site connection bandwidth cannot be changed or deleted when it is being created, updated, deleted, frozen, unfrozen, or is recovering.
- The total of cross-site connection bandwidths cannot exceed the global connection bandwidth.
- If a cross-site connection bandwidth is deleted, you will still be billed for the global connection bandwidth.
Configuration Process
---------------------
:ref:`Figure 2 <cc_03_1010__fig1846518181211>` shows the process of configuring a central network to manage global network resources.
.. _cc_03_1010__fig1846518181211:
.. figure:: /_static/images/en-us_image_0000002478587813.png
:alt: **Figure 2** Central network configuration process
**Figure 2** Central network configuration process
.. table:: **Table 1** Steps for configuring a central network
+-----+-----------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------+
| No. | Step | Description | Reference |
+=====+=========================================+=================================================================================================================================================================================================================================================================================+=======================================================================================+
| 1 | Create a central network. | After an enterprise router is created, you can create a central network and add the enterprise router to a policy of the central network. In this way, resources can communicate with each other across regions, and network resources in each region can be managed centrally. | :ref:`Creating a Central Network <cc_03_1020__section2954341203415>` |
+-----+-----------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------+
| 2 | Assign cross-site connection bandwidth. | After adding enterprise routers in different regions to the same policy, purchase a global connection bandwidth and assign a bandwidth for cross-site connections. | :ref:`Assigning a Cross-Site Connection Bandwidth <cc_03_1050__section6858346105817>` |
+-----+-----------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------+

97
umn/source/central_network_operation_guide/central_networks/policies.rst Normal file
View File

@ -0,0 +1,97 @@
:original_name: cc_03_1030.html
.. _cc_03_1030:
Policies
========
Scenarios
---------
Policies record the enterprises routers that have been added to a central network to allow you to better manage your network. You can apply policies of any version.
Constraints
-----------
- A central network can only have one policy. If you apply another policy for this central network, the policy that was previously applied will be automatically cancelled.
- In each policy, only one enterprise router can be added for a region. All added enterprise routers can communicate with each other by default.
- A policy that is being applied or cancelled cannot be deleted.
Creating a Policy
-----------------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**.
#. Locate the central network and click its name.
#. On the **Policies** tab, click **Add Policy**.
#. Select the target region and enterprise router in that region.
You can click **Add Enterprise Router** to add an enterprise router in another region.
.. figure:: /_static/images/en-us_image_0000002446287918.png
:alt: **Figure 1** Creating a policy
**Figure 1** Creating a policy
#. Click **OK**.
Applying a Policy
-----------------
#. Log in to the management console.
#. Click |image2| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**.
#. Locate the central network and click its name.
#. On the **Policies** tab, locate the policy you want to apply and click **Apply** on the right.
.. figure:: /_static/images/en-us_image_0000002483026245.png
:alt: **Figure 2** Applying a policy
**Figure 2** Applying a policy
#. In the **Policy Changes** area on the right, check the change of the enterprise router in the policy.
#. Click **OK**.
Deleting a Policy
-----------------
#. Log in to the management console.
#. Click |image3| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**.
#. Locate the central network and click its name.
#. On the **Policies** tab, locate the policy you want to delete and click **Delete** on the right.
.. figure:: /_static/images/en-us_image_0000002449787866.png
:alt: **Figure 3** Deleting a policy
**Figure 3** Deleting a policy
#. In the displayed dialog box, click **OK**.
.. |image1| image:: /_static/images/en-us_image_0000002089584376.png
.. |image2| image:: /_static/images/en-us_image_0000002125143785.png
.. |image3| image:: /_static/images/en-us_image_0000002089584372.png

39
umn/source/central_network_operation_guide/global_connection_bandwidths/adding_instances_to_a_global_connection_bandwidth.rst Normal file
View File

@ -0,0 +1,39 @@
:original_name: cc_03_1103.html
.. _cc_03_1103:
Adding Instances to a Global Connection Bandwidth
=================================================
Scenarios
---------
Central networks can use global connection bandwidths for communication.
Constraints
-----------
- Instances that can be added to a global connection bandwidth must be from the same region as the bandwidth.
- A global connection bandwidth can only be used by instances of the same type. If you want another type of instances to use a global connection bandwidth that already has instances, you need to remove the instances first.
- You can bind one global connection bandwidth to or unbind it from a central network at a time.
- To use a global connection bandwidth on a central network, you need to configure cross-site connections by referring to the following:
- :ref:`Central Networks <cc_03_1020>`
- :ref:`Policies <cc_03_1030>`
Using a Global Connection Bandwidth on a Central Network
--------------------------------------------------------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**.
#. In the central network list, click the name of the target central network.
#. Click the **Cross-Site Connection Bandwidths** tab.
#. Locate the cross-site connection and click **Assign now** in the **Global Connection Bandwidth** column.
#. On the **Assign Bandwidth** page, select the global connection bandwidth.
#. Specify the bandwidth and click **OK**.
.. |image1| image:: /_static/images/en-us_image_0000002089104752.png

82
umn/source/central_network_operation_guide/global_connection_bandwidths/creating_a_global_connection_bandwidth.rst Normal file
View File

@ -0,0 +1,82 @@
:original_name: cc_03_1102.html
.. _cc_03_1102:
Creating a Global Connection Bandwidth
======================================
Scenarios
---------
This section describes how to create a global connection bandwidth for communication over the backbone network.
Procedure
---------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Intra-Cloud** > **Global Connection Bandwidths**.
#. Click **Create Global Connection Bandwidth**.
#. Configure the parameters based on :ref:`Table 1 <cc_03_1102__table9908161616>`.
.. figure:: /_static/images/en-us_image_0000002480095461.png
:alt: **Figure 1** Creating a global connection bandwidth
**Figure 1** Creating a global connection bandwidth
.. _cc_03_1102__table9908161616:
.. table:: **Table 1** Parameters required for creating a global connection bandwidth
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Description |
+===================================+===========================================================================================================================================================+
| Bandwidth Type | Mandatory |
| | |
| | Only geographic-region bandwidths are supported. You need to select a geographic region and specify the regions that need to communicate with each other. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Geographic Region | Only **Europe** is supported if **Geographic-region** is selected for **Bandwidth Type**. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Connect Regions | Regions that need to communicate with each other in a geographic region. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Billed By | Mandatory |
| | |
| | The price of a global connection bandwidth varies by its size. |
| | |
| | - After a bandwidth is purchased, the billing starts immediately regardless of whether the bandwidth is used. |
| | - If a bandwidth is no longer required, delete it in a timely manner to avoid unnecessary fees. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Bandwidth | Mandatory |
| | |
| | Select the bandwidth, in Mbit/s. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Bandwidth Name | Mandatory |
| | |
| | Enter the name of the bandwidth. The name: |
| | |
| | - Must contain 1 to 64 characters. |
| | - Can contain letters, digits, underscores (_), hyphens (-), and periods (.). |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Enterprise Project | Mandatory |
| | |
| | Provides a cloud resource management mode, in which cloud resources and members are centrally managed by project. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
#. Click **Next**.
#. Confirm the configurations and click **Submit**.
The global connection bandwidth list page is displayed.
#. In the global connection bandwidth list, view the status of the bandwidth.
If the bandwidth status becomes **Normal**, the creation is successful.
.. |image1| image:: /_static/images/en-us_image_0000002089264608.png

28
umn/source/central_network_operation_guide/global_connection_bandwidths/deleting_a_global_connection_bandwidth.rst Normal file
View File

@ -0,0 +1,28 @@
:original_name: cc_03_1106.html
.. _cc_03_1106:
Deleting a Global Connection Bandwidth
======================================
Scenarios
---------
If a pay-per-use global connection bandwidth is no longer needed, delete the bandwidth in a timely manner to avoid extra expenditures.
Constraints
-----------
If a global connection bandwidth is in use by instances, it cannot be deleted. Remove the instances from the global connection bandwidth first.
Procedure
---------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Intra-Cloud** > **Global Connection Bandwidths**.
#. Locate the global connection bandwidth you want to delete and click **Delete** in the **Operation** column.
#. In the displayed dialog box, click **OK**.
.. |image1| image:: /_static/images/en-us_image_0000002461833813.png

24
umn/source/central_network_operation_guide/global_connection_bandwidths/index.rst Normal file
View File

@ -0,0 +1,24 @@
:original_name: cc_gpb_0000.html
.. _cc_gpb_0000:
Global Connection Bandwidths
============================
- :ref:`Overview <cc_03_1101>`
- :ref:`Creating a Global Connection Bandwidth <cc_03_1102>`
- :ref:`Adding Instances to a Global Connection Bandwidth <cc_03_1103>`
- :ref:`Removing Instances from a Global Connection Bandwidth <cc_03_1104>`
- :ref:`Modifying a Global Connection Bandwidth <cc_03_1105>`
- :ref:`Deleting a Global Connection Bandwidth <cc_03_1106>`
.. toctree::
:maxdepth: 1
:hidden:
overview
creating_a_global_connection_bandwidth
adding_instances_to_a_global_connection_bandwidth
removing_instances_from_a_global_connection_bandwidth
modifying_a_global_connection_bandwidth
deleting_a_global_connection_bandwidth

27
umn/source/central_network_operation_guide/global_connection_bandwidths/modifying_a_global_connection_bandwidth.rst Normal file
View File

@ -0,0 +1,27 @@
:original_name: cc_03_1105.html
.. _cc_03_1105:
Modifying a Global Connection Bandwidth
=======================================
Scenarios
---------
This section describes how to modify a global connection bandwidth.
You can only modify the bandwidth name and bandwidth. If you modify the bandwidth, the new bandwidth takes effect immediately.
Modifying a Global Connection Bandwidth
---------------------------------------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Intra-Cloud** > **Global Connection Bandwidths**.
#. Locate the global connection bandwidth and click **Modify Bandwidth** in the **Operation** column.
#. On the **Modify Global Connection Bandwidth** page, modify the bandwidth name and bandwidth and click **Next**.
#. Confirm the information and click **Submit**.
.. |image1| image:: /_static/images/en-us_image_0000002089264612.png

46
umn/source/central_network_operation_guide/global_connection_bandwidths/overview.rst Normal file
View File

@ -0,0 +1,46 @@
:original_name: cc_03_1101.html
.. _cc_03_1101:
Overview
========
Global Connection Bandwidth
---------------------------
A global connection bandwidth is used by instances to allow communication over the backbone network.
.. table:: **Table 1** Global connection bandwidth types
+-------------------+-----------------+-------------------------------------------------------------------------------------+--------------------------------------------------------------------------------+
| Bandwidth Type | Instance Type | Description | Scenario |
+===================+=================+=====================================================================================+================================================================================+
| Geographic-region | Central network | Select this type of bandwidth if you need communication within a geographic region. | Enterprise routers on a central network must be in the same geographic region. |
+-------------------+-----------------+-------------------------------------------------------------------------------------+--------------------------------------------------------------------------------+
Constraints on Global Connection Bandwidths
-------------------------------------------
- Instances that can be added to a global connection bandwidth must be in the same region as the bandwidth.
- A global connection bandwidth can only be used by instances of the same type. If you want another type of instances to use a global connection bandwidth that already has instances, you need to remove the instances first.
- To use a global connection bandwidth on a central network, you need to configure cross-site connections by referring to the following:
- :ref:`Central Networks <cc_03_1020>`
- :ref:`Policies <cc_03_1030>`
- Before an instance is removed from a global connection bandwidth, ensure the instance is not used to run workloads or establish network connectivity, or the workloads will be unavailable or the network will be interrupted.
- If a global connection bandwidth has been used to assign cross-site connection bandwidths for a central network, the global connection bandwidth cannot be unbound from the central network. You need to delete the cross-site connection bandwidths first.
- If a global connection bandwidth is in use by instances, it cannot be deleted.
Geographic-Region Bandwidth Application Scenario (Central Network)
------------------------------------------------------------------
In this example, enterprise routers are connected over a central network.
Enterprise router ER-A in Germany and enterprise router ER-B in Netherlands are from the same geographic region, so a geographic-region bandwidth can be used for communication between the two enterprise routers.
.. figure:: /_static/images/en-us_image_0000002482863093.png
:alt: **Figure 1** Cross-region communication between enterprise routers
**Figure 1** Cross-region communication between enterprise routers

32
umn/source/central_network_operation_guide/global_connection_bandwidths/removing_instances_from_a_global_connection_bandwidth.rst Normal file
View File

@ -0,0 +1,32 @@
:original_name: cc_03_1104.html
.. _cc_03_1104:
Removing Instances from a Global Connection Bandwidth
=====================================================
Scenarios
---------
You can unbind a global connection bandwidth from a central network.
Constraints
-----------
- Before an instance is removed from a global connection bandwidth, the instance is not used to run workloads or establish network connectivity, or the workloads will be unavailable or the network will be interrupted.
- A global connection bandwidth can only be used by one type of instances. If you want to change the instance type, remove all the instances from the global connection bandwidth and then add instances of another type by referring to :ref:`Adding Instances to a Global Connection Bandwidth <cc_03_1103>`.
- If a global connection bandwidth has been used to assign cross-site connection bandwidths for a central network, the global connection bandwidth cannot be unbound from the central network. You need to delete the cross-site connection bandwidths first.
Deleting Cross-Site Connection Bandwidth
----------------------------------------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the service list, choose **Network** > **Cloud Connect**.
#. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**.
#. In the central network list, click the name of the target central network.
#. Click the **Cross-Site Connection Bandwidths** tab.
#. Locate the cross-site connection and click **Delete Bandwidth** in the **Operation** column.
#. In the displayed dialog box, click **OK**.
.. |image1| image:: /_static/images/en-us_image_0000002089104748.png

20
umn/source/central_network_operation_guide/index.rst Normal file
View File

@ -0,0 +1,20 @@
:original_name: en-us_topic_0000002078053242.html
.. _en-us_topic_0000002078053242:
Central Network Operation Guide
===============================
- :ref:`Permissions Management <cc_03_0990>`
- :ref:`Central Networks <cc_gcn_0000>`
- :ref:`Global Connection Bandwidths <cc_gpb_0000>`
- :ref:`Monitoring and Auditing <cc_03_0881>`
.. toctree::
:maxdepth: 1
:hidden:
permissions_management/index
central_networks/index
global_connection_bandwidths/index
monitoring_and_auditing/index

16
umn/source/central_network_operation_guide/monitoring_and_auditing/index.rst Normal file
View File

@ -0,0 +1,16 @@
:original_name: cc_03_0881.html
.. _cc_03_0881:
Monitoring and Auditing
=======================
- :ref:`Using Cloud Eye to Monitor Central Network Metrics <cc_03_0882>`
- :ref:`Using CTS to Record Key Operations on Central Networks <cc_03_0887>`
.. toctree::
:maxdepth: 1
:hidden:
using_cloud_eye_to_monitor_central_network_metrics/index
using_cts_to_record_key_operations_on_central_networks/index

52
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cloud_eye_to_monitor_central_network_metrics/central_network_metrics.rst Normal file
View File

@ -0,0 +1,52 @@
:original_name: cc_03_0884.html
.. _cc_03_0884:
Central Network Metrics
=======================
Description
-----------
By setting up a central network, you can enable communication between enterprise routers, as well as between enterprise routers and your on-premises data center, in the same region or across regions. When a central network is used, attachments on the enterprise routers used in the central network policy will be monitored.
This section describes metrics reported by enterprise routers in the central network policy to Cloud Eye as well as their namespaces and dimensions. You can view the metrics on the Cloud Eye console.
Namespace
---------
SYS.ER
Metrics
-------
.. table:: **Table 1** Monitoring metrics of an attachment
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| ID | Name | Description | Value Range | Unit | Conversion Rule | Monitored Object (Dimension) | Monitoring Interval (Raw Data) |
+===================================+=========================================+=========================================================================================+=============+=======+=================+=================================+================================+
| attachment_bytes_in | Inbound Traffic | Network traffic going into the attachment | >= 0 | Byte | 1024 (IEC) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_bytes_out | Outbound Traffic | Network traffic going out of the attachment | >= 0 | Byte | 1024 (IEC) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_bits_rate_in | Inbound Bandwidth | Network traffic per second going into the attachment | >= 0 | bit/s | 1000 (SI) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_bits_rate_out | Outbound Bandwidth | Network traffic per second going out of the attachment | >= 0 | bit/s | 1000 (SI) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_packets_in | Inbound PPS | Packets per second going into the attachment | >= 0 | PPS | 1000 (SI) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_packets_out | Outbound PPS | Packets per second going out of the attachment | >= 0 | PPS | 1000 (SI) | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_packets_drop_blackhole | Packets Dropped by Black Hole Route | The number of packets dropped because they matched a black hole route on the attachment | >= 0 | Count | N/A | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
| attachment_packets_drop_noroute | Packets Dropped Due to No Route Matched | The number of packets dropped because they did not match a route on the attachment | >= 0 | Count | N/A | er_instance_id,er_attachment_id | 1 minute |
+-----------------------------------+-----------------------------------------+-----------------------------------------------------------------------------------------+-------------+-------+-----------------+---------------------------------+--------------------------------+
Dimensions
----------
================ ============================
Key Value
================ ============================
er_attachment_id Enterprise router attachment
================ ============================

51
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cloud_eye_to_monitor_central_network_metrics/creating_an_alarm_rule.rst Normal file
View File

@ -0,0 +1,51 @@
:original_name: cc_03_0886.html
.. _cc_03_0886:
Creating an Alarm Rule
======================
Scenarios
---------
This section describes how to create alarm rules and notifications for enterprise router attachments.
The alarm function provides the alarm service for monitoring data. By creating alarm rules, you define how the alarm system checks monitoring data and sends alarm notifications when monitoring data meets alarm policies.
After creating alarm rules for important metrics, you can timely know metric data exceptions and quickly rectify the faults.
Procedure
---------
#. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project.
#. Click **Service List**. Under **Management & Deployment**, click **Cloud Eye**.
The **Cloud Eye** console is displayed.
#. In the navigation pane on the left, choose **Cloud Service Monitoring** > **Enterprise Router**.
The enterprise router list is displayed.
#. Create an alarm rule and notification for an enterprise router attachment.
a. In the enterprise router list, locate the enterprise router, click |image2| to view its attachments, locate the attachment, and click **Create Alarm Rule** in the **Operation** column.
The **Create Alarm Rule** page is displayed.
b. On the **Create Alarm Rule** page, configure the parameters as prompted.
.. note::
For details about the parameters on the **Create Alarm Rule** page, see the Cloud Eye User Guide.
#. Click **Create**.
.. note::
After the alarm rule is configured, if you have enabled alarm notifications and configured related parameters, you will receive notifications once an alarm is triggered.
.. |image1| image:: /_static/images/en-us_image_0000001190483836.png
.. |image2| image:: /_static/images/en-us_image_0000002082224192.png

18
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cloud_eye_to_monitor_central_network_metrics/index.rst Normal file
View File

@ -0,0 +1,18 @@
:original_name: cc_03_0882.html
.. _cc_03_0882:
Using Cloud Eye to Monitor Central Network Metrics
==================================================
- :ref:`Central Network Metrics <cc_03_0884>`
- :ref:`Viewing Central Network Metrics <cc_03_0885>`
- :ref:`Creating an Alarm Rule <cc_03_0886>`
.. toctree::
:maxdepth: 1
:hidden:
central_network_metrics
viewing_central_network_metrics
creating_an_alarm_rule

37
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cloud_eye_to_monitor_central_network_metrics/viewing_central_network_metrics.rst Normal file
View File

@ -0,0 +1,37 @@
:original_name: cc_03_0885.html
.. _cc_03_0885:
Viewing Central Network Metrics
===============================
Scenarios
---------
You can view the metrics of attachments on the enterprise routers in a central network policy on the Cloud Eye console.
Procedure
---------
#. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project.
#. Click **Service List**. Under **Management & Deployment**, click **Cloud Eye**.
The **Cloud Eye** console is displayed.
#. In the navigation pane on the left, choose **Cloud Service Monitoring** > **Enterprise Router**.
The enterprise router list is displayed.
#. View the real-time metrics of enterprise router attachments.
a. In the enterprise router list, locate the enterprise router, click |image2| to view its attachments, locate the attachment, and click **View Metric** in the **Operation** column.
The metrics are displayed.
b. View metrics of the attachment.
.. |image1| image:: /_static/images/en-us_image_0000001190483836.png
.. |image2| image:: /_static/images/en-us_image_0000002082069408.png

16
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cts_to_record_key_operations_on_central_networks/index.rst Normal file
View File

@ -0,0 +1,16 @@
:original_name: cc_03_0887.html
.. _cc_03_0887:
Using CTS to Record Key Operations on Central Networks
======================================================
- :ref:`Key Central Network Operations <gcn_sj_0001>`
- :ref:`Viewing Central Network Audit Logs <cc_03_0889>`
.. toctree::
:maxdepth: 1
:hidden:
key_central_network_operations
viewing_central_network_audit_logs

55
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cts_to_record_key_operations_on_central_networks/key_central_network_operations.rst Normal file
View File

@ -0,0 +1,55 @@
:original_name: gcn_sj_0001.html
.. _gcn_sj_0001:
Key Central Network Operations
==============================
Scenarios
---------
With CTS, you can record operations associated with central networks and global connection bandwidths for later query, audit, and backtracking.
Prerequisites
-------------
You have enabled CTS.
Key Operations Recorded by CTS
------------------------------
.. table:: **Table 1** Central network operations that can be recorded by CTS
+---------------------------------------+--------------------------+--------------------------------+
| Operation | Resource | Trace |
+=======================================+==========================+================================+
| Creating a central network | centralNetwork | createCentralNetwork |
+---------------------------------------+--------------------------+--------------------------------+
| Updating a central network | centralNetwork | updateCentralNetwork |
+---------------------------------------+--------------------------+--------------------------------+
| Deleting a central network | centralNetwork | deleteCentralNetwork |
+---------------------------------------+--------------------------+--------------------------------+
| Adding a central network policy | centralNetworkPolicy | createCentralNetworkPolicy |
+---------------------------------------+--------------------------+--------------------------------+
| Applying a central network policy | centralNetworkPolicy | applyCentralNetworkPolicy |
+---------------------------------------+--------------------------+--------------------------------+
| Deleting a central network policy | centralNetworkPolicy | deleteCentralNetworkPolicy |
+---------------------------------------+--------------------------+--------------------------------+
| Updating a central network connection | centralNetworkConnection | updateCentralNetworkConnection |
+---------------------------------------+--------------------------+--------------------------------+
.. table:: **Table 2** Global connection bandwidth operations recorded by CTS
+----------------------------------------------------------+---------------------------+-------------------+
| Operation | Resource | Trace |
+==========================================================+===========================+===================+
| Creating a global connection bandwidth | globalConnectionBandwidth | createGcBandwidth |
+----------------------------------------------------------+---------------------------+-------------------+
| Updating a global connection bandwidth | globalConnectionBandwidth | updateGcBandwidth |
+----------------------------------------------------------+---------------------------+-------------------+
| Deleting a global connection bandwidth | globalConnectionBandwidth | deleteGcBandwidth |
+----------------------------------------------------------+---------------------------+-------------------+
| Binding a global connection bandwidth to an instance | globalConnectionBandwidth | bindGcBandwidth |
+----------------------------------------------------------+---------------------------+-------------------+
| Unbinding a global connection bandwidth from an instance | globalConnectionBandwidth | unbindGcBandwidth |
+----------------------------------------------------------+---------------------------+-------------------+

55
umn/source/central_network_operation_guide/monitoring_and_auditing/using_cts_to_record_key_operations_on_central_networks/viewing_central_network_audit_logs.rst Normal file
View File

@ -0,0 +1,55 @@
:original_name: cc_03_0889.html
.. _cc_03_0889:
Viewing Central Network Audit Logs
==================================
Scenarios
---------
After CTS is enabled, it starts recording operations on cloud resources. You can view the operation records of the last seven days on the CTS console.
This section describes how you can query or export the operation records of the last seven days on the CTS console.
Procedure
---------
#. Log in to the management console.
#. Click |image1| in the upper left corner to select a region and a project.
#. In the upper left corner of the page, click |image2| to go to the service list. Under **Management & Deployment**, click **Cloud Trace Service**.
#. In the navigation pane on the left, choose **Trace List**
#. Specify filters as needed. The following filters are available:
.. figure:: /_static/images/en-us_image_0000002122008564.png
:alt: **Figure 1** Filters
**Figure 1** Filters
- **Trace Source**, **Resource Type**, and **Search By**
Select filters from the drop-down list.
After you select **Trace name** for **Search By**, you also need to select a trace name.
After you select **Resource ID** for **Search By**, you also need to select or enter a resource ID.
After you select **Resource name** for **Search By**, you also need to select or enter a resource name.
- **Operator**: Select a specific operator (at the user level rather than the tenant level).
- **Trace Status**: Select **All trace statuses**, **Normal**, **Warning**, or **Incident**.
- Search time range: In the upper right corner, choose **Last 1 hour**, **Last 1 day**, or **Last 1 week**, or specify a custom time range.
#. Click the arrow on the left of the required trace to expand its details.
#. Click **View Trace** in the **Operation** column to view trace details.
.. |image1| image:: /_static/images/en-us_image_0000002157370221.png
.. |image2| image:: /_static/images/en-us_image_0000002121850428.png

84
umn/source/central_network_operation_guide/permissions_management/central_network_custom_policies.rst Normal file
View File

@ -0,0 +1,84 @@
:original_name: cc_03_0992.html
.. _cc_03_0992:
Central Network Custom Policies
===============================
Custom policies can be created to supplement the system-defined policies.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
- JSON: Create a JSON policy or edit an existing one.
For details, see `Creating a Custom Policy <https://docs.otc.t-systems.com/identity-access-management/umn/user_guide/permissions/creating_a_custom_policy.html>`__. The following section contains examples of common custom policies.
Example Custom Policies
-----------------------
- Example 1: Allowing users to delete central networks
.. code-block::
{
"Version": "1.1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cc:centralNetwork:delete"
]
}
]
}
- Example 2: Denying the deletion of central network policies
A policy with only "Deny" permissions must be used together with other policies. If the permissions granted to an IAM user contain both "Allow" and "Deny", the "Deny" permissions take precedence over the "Allow" permissions.
The following method can be used if you need to assign permissions of the **CC FullAccess** policy to a user but also forbid the user from deleting central network policies. Create a custom policy and assign both policies to the group that the user belongs to. Then the user can perform all operations on Cloud Connect resources except deleting central network policies. The following is an example of a deny policy:
.. code-block::
{
"Version": "1.1",
"Statement": [
{
"Effect": "Deny",
"Action": [
"cc:centralNetwork:deletePolicy"
]
}
]
}
- Example 3: Create a custom policy containing multiple actions.
A custom policy can contain the actions of multiple services that are of the global or project-level type. The following is an example policy containing actions of multiple services:
.. code-block::
{
"Version": "1.1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cc:centralNetwork:create",
"cc:centralNetwork:update",
"cc:centralNetwork:delete",
"cc:centralNetwork:get"
]
},
{
"Effect": "Allow",
"Action": [
"er:instances:create",
"er:instances:update",
"er:instances:delete",
"er:instances:get"
]
}
]
}

46
umn/source/central_network_operation_guide/permissions_management/creating_a_user_and_granting_central_network_permissions.rst Normal file
View File

@ -0,0 +1,46 @@
:original_name: cc_03_0991.html
.. _cc_03_0991:
Creating a User and Granting Central Network Permissions
========================================================
Use IAM to implement fine-grained permissions control for your Cloud Connect resources. With IAM, you can:
- Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing Cloud Connect resources.
- Grant users only the permissions required to perform a given task based on their job responsibilities.
- Entrust an account or cloud service to perform efficient O&M on your Cloud Connect resources.
Skip this part if you do not require individual IAM users for refined permissions management.
:ref:`Figure 1 <cc_03_0991__en-us_topic_0285331217_en-us_topic_0173533526_en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719>` shows the process of granting permissions.
Prerequisites
-------------
Before you assign permissions to a user group, you need to know the permissions that you can assign to the user group and select permissions based on service requirements. For details about the system permissions, see :ref:`Permissions <cc_01_0008>`. For the system policies of other services, see `System Permissions <https://docs.otc.t-systems.com/permissions/index.html>`__.
Process Flow
------------
.. _cc_03_0991__en-us_topic_0285331217_en-us_topic_0173533526_en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719:
.. figure:: /_static/images/en-us_image_0000002090740630.png
:alt: **Figure 1** Process of granting permissions
**Figure 1** Process of granting permissions
#. .. _cc_03_0991__en-us_topic_0285331217_en-us_topic_0173533526_en-us_topic_0173481716_en-us_topic_0172268189_li10269636890:
`Create a user group and assign permissions <https://docs.otc.t-systems.com/usermanual/iam/iam_01_0030.html>`__ (the **Cross Connect Administrator** policy used as an example).
#. `Create an IAM user and add it to a group <https://docs.otc.t-systems.com/usermanual/iam/iam_01_0031.html>`__.
On the IAM console, create a user and add it to the user group created in :ref:`1 <cc_03_0991__en-us_topic_0285331217_en-us_topic_0173533526_en-us_topic_0173481716_en-us_topic_0172268189_li10269636890>`.
#. `Log in <https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html>`__ and verify permissions.
After logging in to the Cloud Connect console using the user's credentials, verify that the user has all permissions for Cloud Connect resources.
- In the service list, choose **Network** > **Cloud Connect**. In the navigation pane on the left, choose **Cloud Connect** > **Central Networks**. Click **Create Central Network** in the upper right corner. If the creation is successful, the **Cross Connect Administrator** policy has taken effect.
- Choose any other service in the service list. A message will appear indicating that you have sufficient permissions to access the service.

16
umn/source/central_network_operation_guide/permissions_management/index.rst Normal file
View File

@ -0,0 +1,16 @@
:original_name: cc_03_0990.html
.. _cc_03_0990:
Permissions Management
======================
- :ref:`Creating a User and Granting Central Network Permissions <cc_03_0991>`
- :ref:`Central Network Custom Policies <cc_03_0992>`
.. toctree::
:maxdepth: 1
:hidden:
creating_a_user_and_granting_central_network_permissions
central_network_custom_policies