文档中心API Explorer
ZHEN
文档中心ZCFZCF Network ServiceZCF

ZCF Network Service

Core Concepts

Concept Description
ZCF Network Service The network service module of ZCF. In the UI, it is displayed as ZNS Network Center and is used to manage ZNS network infrastructure and network service objects.
Fabric The network infrastructure layer of ZNS. It contains objects such as compute managers, hosts, transport zones, uplinks, profiles, and edge clusters. After Fabric is ready, you can continue to configure gateways and profiles.
Compute Manager ZNS uses the compute manager to connect to a compute platform and identify compute-side base resources such as hosts and clusters. After a compute manager is registered, ZNS can obtain the host resources required for subsequent network configuration.
Host A compute node that carries service networks and transport node capabilities. After a host is connected to ZNS, you can apply a transport node profile to it, and the host can participate in uplinks, transport zones, and subsequent network configuration.
Transport Zone Defines the host or node scope in which network segments can be transported. Common types include VLAN and Overlay.
IP Address Pool Defines an allocatable IP address range. It is commonly used to provide a TEP address source for host switch profiles and can also serve as the basis for address planning for other network resources.
Uplink A logical uplink object in ZNS. It maps physical NICs on hosts to the Bond-Uplink mapping of a subsequent host switch.
Uplink Profile Defines reusable parameters such as uplink aggregation mode, member count, MTU, Overlay VLAN, and Transport VLAN.
Host Switch Profile Defines host-side switch configuration, including switch type, type, transport zones, IP address pool, uplink profile, and Bond-Uplink mapping. After it is applied to hosts, it affects host-side data-plane network configuration.
Transport Node Profile A host configuration template that references host switch profiles. ZNS administrators can apply this configuration to target hosts.
Edge Cluster Profile A configuration template used to create edge clusters. It contains common edge cluster configuration and description information.
Edge Cluster A set of edge resources that carries network service capabilities such as north-south routing. It can be associated with Tier-0 gateways and Tier-1 gateways.
Tier-0 Gateway A core gateway for external networks or upper-layer routing. It provides edge routing and high availability capabilities. Tier-1 gateways can connect to external networks through a Tier-0 gateway.
Tier-1 Gateway A gateway for tenant or service networks. It can link to a Tier-0 gateway and provide routing capabilities for segments.
Segment A network object in ZNS that carries service network segments. It can be implemented based on a VLAN or Overlay network. After you create a Geneve or VPC network in the ZStack Cloud console, a corresponding segment can be generated in ZNS.
Router QoS Profile Used to control bandwidth and burst capability for router-direction traffic.
Segment QoS Profile Used to control ingress and egress traffic rate limiting rules for segments.
SpoofGuard Profile A security profile used to prevent VM IP/MAC address spoofing.
SDN Controller A configuration item in the ZStack Cloud console that is used to connect to ZNS. Its configuration determines how ZStack Cloud networks are associated with ZNS resources such as compute managers, gateways, and segments.

Access ZNS Network Center

About this task

ZNS administrators can access ZNS Network Center from the Global Management view in ZCF. After access, the left navigation pane displays ZNS management features, including Fabric Overview, Cluster Management, Quick Start, Fabric, IP Management, Connectivity, and Network Profiles.

Procedure

  1. Log in to ZCF.
  2. In the upper-right corner, switch to Global Management.
  3. In the top navigation bar, click ZNS Network Center.
  4. Select the target page in the left navigation pane.

    The left navigation pane contains Fabric Overview, Cluster Management, Quick Start, Hosts, Edge Clusters, Profiles, Transport Zones, Compute Managers, Settings, IP Address Pool, Tier-0 Gateway, Tier-1 Gateway, Segments, Router QoS Profile, Segment QoS Profile, and SpoofGuard Profile.

Results

You can view or configure ZNS resources from ZNS Network Center.

View Fabric Overview

About this task

The Fabric Overview page shows Fabric resource counts and includes a Resource Summary section, helping ZNS administrators quickly confirm whether the base ZNS resources are ready.

Procedure

  1. Navigate to ZNS Network Center.
  2. In the left navigation pane, click Fabric Overview.
  3. View Fabric resource counts.

    The resource count area displays the number of Compute Managers, Hosts, Edge Clusters, and Transport Zones. Click a resource card to open the corresponding resource details page.

  4. View Resource Summary.

    The Resource Summary section displays the number of data-plane resources, such as transport node profiles, host switch profiles, uplink profiles, edge cluster profiles, and uplinks.

  5. To get the latest data, click Refresh.

Results

After you confirm that the key resource counts in Fabric Overview match the site plan, you can continue to view cluster status or configure Fabric.

View Cluster Management Status

About this task

The Cluster Management page displays the health state of the ZNS control plane cluster and the running state of nodes, VIP, database, OVN, and controllers.

Procedure

  1. Navigate to ZNS Network Center.
  2. In the left navigation pane, click Cluster Management.
  3. View the cluster summary.

    The page displays cluster health state, the number of online nodes, VIP address and VIP holder, primary database node, and OVN Northd state.

  4. View the cluster node list.

    Node cards display node name, IP address, health state, role, version, uptime, API port, collection time, and component state.

  5. Click View Details for the target node.

    Node details show basic information, running state, and software version. Running state includes information about zstack-zns, Controller Manager, etcd, Patroni, PostgreSQL, OVN Northd, OVN Northbound, OVN Southbound, Keepalived, work queue, and event queue.

  6. View control plane service status.

    The control plane service area displays the health state of the database, OVN, and controllers, including the primary node, replica count, replication delay, OVN Raft Leader node, work queue, and event queue.

  7. To get the latest data, click Refresh.

Results

After the cluster, database, OVN, and controllers are healthy, you can continue with Fabric initialization or routine network configuration.

Use Quick Start to Initialize ZNS

About this task

The Quick Start page initializes base ZNS resources through a step-by-step wizard. The workflow registers or reuses a compute manager and creates resources such as transport zones, uplinks, IP address pools, profiles, edge clusters, Tier-0 gateways, and Tier-1 gateways.

Note: Quick Start creates or reuses multiple types of ZNS resources. Before you run it, confirm that the compute manager, host NICs, IP address pools, LAG mode, VLAN, and gateway plan are ready.
Note: If a Quick Start task has been started, is running, or has completed, the system automatically returns to the Quick Start status page when you open the Quick Start configuration page. Check the current task progress and step results on the status page first.

Procedure

  1. Navigate to ZNS Network Center.
  2. In the left navigation pane, click Quick Start.
  3. Confirm or enter compute manager information.

    A compute manager connects to the compute platform. After ZNS is installed from the marketplace, the current ZStack Cloud environment is usually registered automatically as a compute manager. To connect to another compute platform, enter the compute manager information according to the site plan.

  4. Confirm the transport zone and IP address pool plan.

    Transport zones usually include VLAN and Overlay types. IP address pools must be consistent with the address plan for host TEPs, gateways, or other network resources.

    The IP address pool CIDR must be a valid IPv4 CIDR, for example 172.31.10.0/24. An empty Overlay VLAN means that no value is specified. If you enter a value, it must be an integer from 0 to 4094.

  5. Configure uplinks and host NIC mappings.

    Uplinks map logical uplinks to physical NICs on each host. When you select NICs, use the physical NICs planned for the ZNS data plane. Do not select management NICs or NICs that already carry other service traffic.

    You must select NICs for each selected host. If you select two uplinks, the two uplinks on the same host cannot reuse the same NIC.

  6. Configure edge cluster, Tier-0 gateway, and Tier-1 gateway information.
  7. Check all parameters before you submit the task.

    Confirm that resource names, IP address pools, LAG mode, host NIC mappings, edge hosts, Tier-0 gateway, and Tier-1 gateway match the plan before you run Quick Start.

    When you submit the task, the system runs Quick Start validation first. The Quick Start task starts only after the validation passes.

  8. After execution is complete, return to the Quick Start page to view execution status and step results.

    Step results display the execution state for registering the compute manager, creating transport zones, creating uplinks and host switches, creating the edge cluster, creating the Tier-0 gateway, and creating the Tier-1 gateway. Resources might be shown as created, reused, or skipped.

Results

After Quick Start completes, you can check the generated or reused ZNS resources on the Fabric, IP Management, and Connectivity pages.

Manually Configure Fabric

If the site does not use Quick Start, configure Fabric manually item by item. Manual configuration is suitable when you need fine control over compute managers, host NIC mappings, profiles, edge clusters, and gateway planning.

The recommended configuration order is as follows:

  1. Register or confirm the compute manager.
  2. Confirm Fabric global settings and transport zones.
  3. Create an IP address pool.
  4. Create uplinks and configure host NIC mappings.
  5. Create uplink profiles, host switch profiles, and edge cluster profiles.
  6. Add a transport node profile and apply the configuration to target hosts.
  7. Create an edge cluster.
Note: Applying configuration to hosts pushes host-side data-plane network configuration. Before you run the operation, confirm that NICs, Bond/LAG, VLAN, IP address pools, and the maintenance window meet site requirements.

Register or Confirm a Compute Manager

About this task

The Compute Managers page manages registered compute platforms and displays their connection status and configuration state.

Procedure

  1. Go to ZNS Network Center > Compute Managers.
  2. View existing compute managers.

    The list displays Name, Type, FQDN / IP, Version, Connection Status, Configuration State, and Created At.

  3. Confirm that the target compute manager Connection Status is Connected and Configuration State is Deployed.
  4. To add a compute manager, click Register Compute Manager.
  5. Enter compute manager parameters.

    The form fields include Name, Description, Type, FQDN / IP, Username, and Password.

    FQDN / IP must be the compute platform API address that includes the http or https protocol, for example http://192.0.2.10:8080.

    Name is required and cannot contain spaces. Username and Password are required, must be 255 characters or fewer, and cannot contain spaces.

  6. After you confirm that the parameters are correct, click OK.

Results

After the compute manager is registered, you can view its connection status and configuration state in the list.

Confirm Global Settings and Transport Zones

About this task

Before you create host switches, edge clusters, and gateways, confirm Fabric global settings and transport zones. Global settings affect BFD detection and tunnel MTU. Transport zones define the transport scope of VLAN and Overlay segments.

Procedure

  1. Go to ZNS Network Center > Settings.
  2. View BFD settings.

    BFD settings include BFD Minimum Receive Interval (ms), BFD Minimum Transmit Interval (ms), and BFD Probe Multiplier (times).

    BFD Minimum Receive Interval (ms) and BFD Minimum Transmit Interval (ms) must be greater than or equal to 0. BFD Probe Multiplier (times) must be an integer greater than or equal to 0.

  3. View tunnel settings.

    Tunnel settings include Tunnel MTU (bytes). Tunnel MTU must be an integer and cannot be less than 1280.

  4. To adjust global settings, click Edit, modify the parameters, and click OK.
    Note: Modify global settings only when the site network plan or troubleshooting procedure explicitly requires the change.
  5. Go to ZNS Network Center > Transport Zones.
  6. Confirm that VLAN and Overlay transport zones exist.

    The transport zone list displays Name, Traffic Type, and Created At.

Results

After you confirm that global settings and transport zones match the plan, you can continue to create IP address pools and uplinks.

Create an IP Address Pool

About this task

The IP Address Pool page defines network address allocation ranges. When you configure Fabric manually, prepare the IP address pool before you create a host switch profile.

Procedure

  1. Go to ZNS Network Center > IP Address Pool.
  2. Click Create IP Address Pool.
  3. Enter Name.
  4. Enter CIDR.

    CIDR is required and must be in IPv4 CIDR format, for example 192.168.1.0/24. Enter an address range that can be used by the ZNS data plane or related network resources according to the site network plan.

  5. After you confirm that the parameters are correct, click OK.

Results

After the IP address pool is created, you can view its name, CIDR, version number, and creation time in the IP address pool list.

Create an Uplink

About this task

The Uplinks page records the mapping between logical uplinks and host physical NICs. When you create a host switch profile later, you can select these uplinks in Bond-Uplink Mapping.

Procedure

  1. Go to ZNS Network Center > Hosts.
  2. Click the Uplinks tab.
  3. Click Create Uplink.
  4. On the host selection page, select the hosts for which you want to configure uplinks.

    The host list displays Name, Management IP, Hostname, Status, Configuration State, Provision State, and Created At.

  5. Enter the uplink name, description, and host NIC mappings.

    Host NIC mappings map each host physical NIC to a logical uplink. Use the physical NICs planned for the ZNS data plane.

    Note: Do not select management NICs or physical NICs that already carry other service traffic.
  6. After you confirm that the mappings are correct, click OK.

Results

After the uplink is created, you can view the uplink name, description, host NIC mappings, and creation time on the Uplinks tab.

Create Profiles

About this task

The Profiles page manages edge cluster profiles, host switch profiles, and uplink profiles. Profiles store reusable configurations and reduce repeated input.

Procedure

  1. Go to ZNS Network Center > Profiles.
  2. Create an uplink profile.

    Click the Uplink Profiles tab, and then click Create Uplink Profile. The form fields include Name, Description, MTU, LAG Mode, LAG Members, Overlay VLAN, and Transport VLAN.

    LAG Mode and LAG Members must match the link aggregation configuration on the physical switch.

    An empty MTU means that no value is specified. If you enter a value, it must be an integer from 1 to 9216. LAG Members must be an integer from 1 to 16. Empty Overlay VLAN and Transport VLAN values mean that no value is specified. If you enter a value, it must be an integer from 0 to 4094.

  3. Create a host switch profile.

    Click the Host Switch Profiles tab, and then click Create Host Switch Profile. The form fields include Name, Description, Switch Type, Type, Transport Zones, IP Address Pool, and Uplink Profile.

    Transport zones are populated by the page by default. You cannot add or remove transport zones when you create a host switch profile.

    If the transport zones include an Overlay type, an IP address pool is required. After you select the type, IP address pool, and uplink profile, the page displays Bond-Uplink Mapping. Mapping items are generated based on the LAG member count of the selected uplink profile, for example bond0-0 and bond0-1. Select the corresponding uplink for each Bond member according to the host-side network plan.

  4. Create an edge cluster profile.

    Click the Edge Cluster Profiles tab, and then click Create Edge Cluster Profile. The form fields include Name and Description.

  5. Return to the profile lists and confirm that the profiles have been created.

    Different tabs display different fields. The Host Switch Profiles list displays uplink profile, switch type, type, and IP address pool. The Uplink Profiles list displays LAG mode, LAG members, MTU, Overlay VLAN, and Transport VLAN. The Edge Cluster Profiles list displays name, description, and creation time.

Results

After profiles are ready, you can continue to add a transport node profile and apply it to hosts.

Add a Transport Node Profile and Apply It to Hosts

About this task

A transport node profile references host switch profiles and is used to apply host-side network configuration to target hosts. Applying configuration affects the host data-plane network. Run the operation only after you confirm the plan.

Note: Applying configuration to hosts pushes related settings such as host switch, uplink, IP address pool, Bond/LAG, and TEP. Run the operation during a maintenance window and confirm the rollback plan in advance.

Procedure

  1. Go to ZNS Network Center > Hosts.
  2. Click the Transport Node Profiles tab.
  3. Click Add Transport Node Profile.
  4. Select the target host switch profile.

    The selection page displays host switch profile name, switch type, type, IP address pool, and creation time.

  5. Enter transport node profile information and click OK.
  6. Return to the Hosts tab and select the hosts to which you want to apply the configuration.

    Prefer hosts that are connected, have a normal configuration state, and match the network plan.

  7. In the host actions, select Apply Configuration, and then select the transport node profile that you created.

    You must select a transport node profile when you apply configuration. When you apply configuration in bulk, all selected hosts use the same transport node profile.

  8. After you confirm that the hosts, transport node profile, and NIC plan are correct, submit the operation.

Results

After the operation completes, you can view host connection status, configuration state, and provision state in the host list.

Create an Edge Cluster

About this task

The Edge Clusters page manages edge resources that carry routing and network service capabilities. Before you create a Tier-0 gateway, prepare an available edge cluster.

Procedure

  1. Go to ZNS Network Center > Edge Clusters.
  2. Click Create Edge Cluster.
  3. Select an edge cluster profile.

    The selection page displays edge cluster profile name, description, and creation time.

  4. Select hosts, and enter the edge cluster name and description.
  5. After you confirm that the parameters are correct, click OK.

Results

After the edge cluster is created, you can view its name, configuration state, edge cluster profile, host count, description, and creation time in the edge cluster list.

Configure Connectivity

The Connectivity page contains Tier-0 gateways, Tier-1 gateways, and segments. ZNS administrators use Tier-0 and Tier-1 gateways to provide routing capabilities, and use the Segments page to view the network objects and deployment state that correspond to service networks.

When you configure connectivity resources, create or confirm the edge cluster first, then create the Tier-0 gateway, and then create the Tier-1 gateway that links to the Tier-0 gateway. Segments can be generated by the ZStack Cloud network creation workflow. ZNS administrators can check their state in ZNS Network Center.

Configure a Tier-0 Gateway

About this task

The Tier-0 Gateway page manages core gateways and configures edge routing and high availability mode.

Procedure

  1. Go to ZNS Network Center > Tier-0 Gateway.
  2. View existing Tier-0 gateways.

    The list displays Name, Configuration State, HA Mode, Edge Cluster, Router Link CIDR, Description, and Created At.

  3. To create a Tier-0 gateway, click Create Tier-0 Gateway.
  4. Select an edge cluster.

    The edge cluster is required. The selection page displays edge cluster name, configuration state, edge cluster profile, host count, and creation time.

  5. Enter the Tier-0 gateway name, HA mode, Router Link CIDR, and description.

    On the current page, HA mode is fixed to Active-Standby. The name is required, must be 64 characters or fewer, and cannot contain spaces. The description must be 256 characters or fewer.

  6. After you confirm that the parameters are correct, click OK.

Results

After the Tier-0 gateway is created, you can check whether its configuration state is Deployed in the Tier-0 gateway list.

Configure a Tier-1 Gateway

About this task

The Tier-1 Gateway page manages gateways for tenant or service networks and can link to Tier-0 gateways.

Procedure

  1. Go to ZNS Network Center > Tier-1 Gateway.
  2. View existing Tier-1 gateways.

    The list displays Name, Configuration State, HA Mode, Edge Cluster, Linked Tier-0 Gateway, Description, and Created At.

  3. To create a Tier-1 gateway, click Create Tier-1 Gateway.
  4. Select the linked Tier-0 gateway.

    The linked Tier-0 gateway is required. The selection page displays Tier-0 gateway name, configuration state, HA mode, and creation time.

  5. Enter the Tier-1 gateway name, HA mode, QoS profiles, and description.

    On the current page, HA mode is fixed to Active-Standby. The name is required, must be 64 characters or fewer, and cannot contain spaces. The description must be 256 characters or fewer.

    Ingress QoS Profile and Egress QoS Profile are optional. Select them according to the service traffic control plan.

  6. After you confirm that the parameters are correct, click OK.

Results

After the Tier-1 gateway is created, you can check whether its configuration state is Deployed in the Tier-1 gateway list.

View Segments

About this task

The Segments page displays VLAN and Overlay network segments and lets you check configuration state and address information. Some segments can be generated by the ZStack Cloud network creation workflow. ZNS administrators can check deployment results on this page.

Procedure

  1. Go to ZNS Network Center > Segments.
  2. View the segment list.

    The list displays Name, Configuration State, Traffic Type, VNI/VLAN ID, Connected Gateway, Gateway Address, IP CIDR, IP Range, MTU, Description, and Created At.

  3. Locate the target segment by name or connected gateway.
  4. Confirm that the target segment Configuration State is Deployed.

Results

After you confirm that the segment is deployed, use the connected gateway, gateway address, IP CIDR, and IP range to troubleshoot service network state.

Configure Network Profiles

The Network Profiles page contains Router QoS Profile, Segment QoS Profile, and SpoofGuard Profile. ZNS administrators can create profiles as required by services and select the corresponding profiles when gateways, segments, or service networks use them.

QoS profiles control network traffic bandwidth and burst capability. SpoofGuard profiles prevent VM IP/MAC address spoofing.

Create a Router QoS Profile

About this task

The Router QoS Profile page configures traffic shaping rules in the router direction.

Procedure

  1. Go to ZNS Network Center > Router QoS Profile.
  2. Click Create Router QoS Profile.
  3. Enter profile parameters.

    The form fields include Name, Direction, Description, Action, Bandwidth (kbps), and Burst Size (kb).

    Direction is required. Empty bandwidth and burst size values mean that no value is specified. If you enter a value, it cannot be negative.

  4. After you confirm that the parameters are correct, click OK.

Results

After the profile is created, you can view profile name, direction, action, default profile, bandwidth, burst size, description, and creation time in the list.

Note: Default profiles cannot be deleted. Before you delete a profile, confirm that it is no longer used by service gateways.

Create a Segment QoS Profile

About this task

The Segment QoS Profile page configures ingress and egress rate limiting rules for segments.

Procedure

  1. Go to ZNS Network Center > Segment QoS Profile.
  2. Click Create Segment QoS Profile.
  3. Enter basic information.

    Basic information includes Name and Description.

  4. Enter ingress configuration.

    Ingress configuration includes Action, Average Bandwidth (kbps), Peak Bandwidth (kbps), and Burst Size (kb).

    Empty average bandwidth, peak bandwidth, and burst size values mean that no value is specified. If you enter a value, it cannot be negative.

  5. Enter egress configuration.

    Egress configuration includes Action, Average Bandwidth (kbps), Peak Bandwidth (kbps), and Burst Size (kb).

    Empty average bandwidth, peak bandwidth, and burst size values mean that no value is specified. If you enter a value, it cannot be negative.

  6. After you confirm that the parameters are correct, click OK.

Results

After the profile is created, you can view default profile, ingress average bandwidth, ingress peak bandwidth, ingress burst size, egress average bandwidth, egress peak bandwidth, egress burst size, description, and creation time in the list.

Note: Default profiles cannot be deleted. Before you delete a profile, confirm that it is no longer used by service segments.

Create a SpoofGuard Profile

About this task

The SpoofGuard Profile page prevents VM IP/MAC address spoofing.

Procedure

  1. Go to ZNS Network Center > SpoofGuard Profile.
  2. Click Create SpoofGuard Profile.
  3. Enter basic information.

    Basic information includes Name and Description.

  4. Set State.

    You can enable or disable the profile based on service security requirements. The default state is Enabled.

  5. After you confirm that the parameters are correct, click OK.

Results

After the profile is created, you can view profile name, state, default profile, description, and creation time in the list.

Note: Default profiles cannot be deleted. Before you delete a profile, confirm that it is no longer used by service networks.

Relationship with ZStack Cloud Resources

Role Boundary

In ZNS Network Center, ZNS administrators prepare and maintain network infrastructure, gateways, segment state, and network profiles. ZStack Cloud administrators create and use L2 networks, L3 networks, VPC networks, and VMs in the ZStack Cloud console.

When ZStack Cloud networks use ZNS resources, ZNS administrators can check the state of resources such as compute managers, Tier-1 gateways, segments, and network profiles in ZNS Network Center.

Resource Relationship

Object What to Check in ZNS Relationship
Compute Manager Confirm that the compute platform is registered, the connection status is Connected, and the configuration state is Deployed. The ZStack Cloud console connects to ZNS through an SDN Controller.
Tier-1 Gateway Provides uplink and routing capabilities for service networks. Create it according to the service domain or tenant plan. When you create a ZNS network in the ZStack Cloud console, you can select or associate the target Tier-1 gateway according to the plan.
Segment Check segment name, configuration state, traffic type, VNI/VLAN ID, connected gateway, and address information. After you create a Geneve or VPC network in the ZStack Cloud console, a corresponding segment might be generated in ZNS.
QoS and SpoofGuard Profiles Create profiles according to service performance and security requirements, and maintain profile state. After service networks or gateways use profiles, you can check the associated profile state in ZNS.

Multiple ZStack Cloud Environments

When multiple ZStack Cloud environments connect to the same ZNS environment, ZNS administrators must plan Tier-1 gateways according to service isolation or connectivity requirements. If multiple ZStack Cloud environments share the same Tier-1 gateway, the gateway can carry VM networks in the same service domain or VM networks that require connectivity. If multiple ZStack Cloud environments use different Tier-1 gateways, the gateways can isolate different tenants or service domains.

Note: Whether VM networks in different ZStack Cloud environments can communicate also depends on CIDR conflicts, routing policies, uplink networks, and network configuration in the ZStack Cloud console. When you plan Tier-1 gateways, also confirm service isolation, service connectivity, and uplink network requirements.
上一篇许可证下一篇统一运维