info@shapeblue.

com +44(0) 20 3603 0540

I N S TA L L AT I O N A N D U S E C A S E S

UPDATED

2025
 Apache CloudStack
Proof-of-Concept Guide
Installation and Operation Instructions

London - Mountain View

Cape Town – Bangalore
Summary

Table of Contents
INTRODUCTION ............................................................................................................................................... 3
ABOUT THIS GUIDE .......................................................................................................................................... 5
CLOUDSTACK INSTALL GUIDE .......................................................................................................................... 7
HARDWARE REQUIREMENTS ...................................................................................................................................... 8
SOFT REQUIREMENTS ............................................................................................................................................... 9
INFRASTRUCTURE DESIGN ......................................................................................................................................... 9
MANAGEMENT SERVER SETUP OVERVIEW.................................................................................................................. 10
PREPARING THE MANAGEMENT SERVER .................................................................................................................... 11
INSTALLING CLOUDSTACK........................................................................................................................................ 12
PREPARING THE NFS SHARES................................................................................................................................... 12
INSTALLING THE DATABASE SERVER ........................................................................................................................... 12
KVM HYPERVISOR SETUP ....................................................................................................................................... 14
PREPARING THE OPERATING SYSTEM ......................................................................................................................... 14
INSTALL AND CONFIGURE THE CLOUDSTACK AGENT ..................................................................................................... 15
INSTALLING AND CONFIGURING LIBVIRT ..................................................................................................................... 16
CONFIGURING THE NETWORKING ............................................................................................................................. 17
ADDING A CLOUDSTACK ZONE ................................................................................................................................. 18
DOMAIN HIERARCHY, USER ACCOUNTS AND RESOURCE LIMITS ....................................................................33
OVERVIEW ........................................................................................................................................................... 34
TOPICS COVERED ................................................................................................................................................... 34
ACCESSING THE CONTROL PANEL .............................................................................................................................. 34
CREATING A DOMAIN ............................................................................................................................................. 35
LIMITING RESOURCES AT THE DOMAIN LEVEL .............................................................................................................. 36
ADDING A DOMAIN ADMINISTRATOR ACCOUNT .......................................................................................................... 37
ADDING A USER ACCOUNT AND SETTING LIMITS .......................................................................................................... 40
MANAGING GUEST INSTANCES .......................................................................................................................42
OVERVIEW ........................................................................................................................................................... 43
TOPICS COVERED................................................................................................................................................... 43
ACCESSING THE CONTROL PANEL .............................................................................................................................. 43
REGISTERING A NEW TEMPLATE................................................................................................................................ 44
CREATING A GUEST NETWORK AND MANAGING EGRESS RULES ...................................................................................... 46
REGISTERING A USERDATA ...................................................................................................................................... 49
CREATING AN INSTANCE RUNNING A WEB SERVER ....................................................................................................... 51
CONFIGURING FIREWALL AND PORT FORWARDING FOR PUBLIC WEB SERVER ACCESS ......................................................... 51
SCALING UP/DOWN GUEST INSTANCES ..................................................................................................................... 55
REMOVING AND RECOVERING INSTANCES................................................................................................................... 57
VIRTUAL PRIVATE CLOUD ...............................................................................................................................61
OVERVIEW ........................................................................................................................................................... 62
TOPICS COVERED ................................................................................................................................................... 62
VPC ARCHITECTURE OVERVIEW ............................................................................................................................... 62
CREATING A VPC .................................................................................................................................................. 64
CREATING ACL LISTS.............................................................................................................................................. 65
CREATING NETWORK TIERS ..................................................................................................................................... 69
REGISTERING A MANAGED USERDATA SCRIPT FOR THE BACKEND INSTANCES .................................................................... 72
CREATING BACKEND INSTANCES ............................................................................................................................... 73

London - Mountain View

1 Sao Paulo - Cape Town – Bangalore
Summary

CREATING AND CONFIGURING THE INTERNAL LOAD BALANCER ....................................................................................... 75

REGISTERING A MANAGED USERDATA SCRIPT FOR THE FRONTEND INSTANCES .................................................................. 78
CREATING FRONTEND INSTANCES ............................................................................................................................. 81
CREATING AND CONFIGURING THE EXTERNAL LOAD BALANCER FOR FRONTEND TIER .......................................................... 82
ACCESSING THE SERVICE WITHIN THE VPC .................................................................................................................. 83
AUTOSCALE INSTANCE GROUP .......................................................................................................................84
OVERVIEW ........................................................................................................................................................... 85
TOPICS COVERED ................................................................................................................................................... 85
ACCESSING THE CONTROL PANEL .............................................................................................................................. 85
CREATING A GUEST NETWORK AND MANAGING EGRESS RULES ...................................................................................... 86
CREATING A LOAD BALANCER WITH AUTOSCALING....................................................................................................... 88
REGISTERING A MANAGED USERDATA SCRIPT FOR THE AUTOSCALING ............................................................................. 90
CREATING AN AUTOSCALING INSTANCE GROUP ........................................................................................................... 91
SIMULATING AUTOSCALING USING APACHE BENCHMARK .............................................................................................. 97
REFERENCES AND RESOURCES ......................................................................................................................102

London - Mountain View

2 Sao Paulo - Cape Town – Bangalore
Introduction

Introduction

London - Mountain View

3 Sao Paulo - Cape Town – Bangalore
Introduction

Apache CloudStack is the leading open-source cloud orchestration platform, used by many of the
world’s largest public and private clouds. It is a multi-hypervisor, multi-tenant, high-availability
Infrastructure as a Service (IaaS) cloud management platform.

CloudStack provides a cloud orchestration layer, automating the creation, provisioning, and
configuration of IaaS components (such as virtual servers). It transforms existing virtual infrastructure
into a cloud-based IaaS platform. By leveraging existing infrastructure, CloudStack significantly reduces
the cost and time required for organizations to build a multi-tenant IaaS platform.

One of the platform’s key advantages is its simplicity and ease of use, even in large-scale environments.
With CloudStack, you can seamlessly orchestrate public, on-premises, and hybrid cloud environments
without the need for a large operations team to manage them over time.

As more organizations build on-premises clouds or enter the service provider market with public clouds,
the demand for the right set of tools to build, manage, and scale IaaS platforms continues to grow.
However, choosing the appropriate technology stack can be challenging. Several factors must be
considered, including future growth, team size, budget, project timelines, previous experience, available
hardware, and existing infrastructure.

London - Mountain View

4 Sao Paulo - Cape Town – Bangalore
About this Guide

About this Guide

London - Mountain View

5 Sao Paulo - Cape Town – Bangalore
About this Guide

This Lab Guide provides detailed operational instructions designed to assist in the PoC evaluation
process. By following our PoC guide, you will ensure the creation of a fully functional and thoroughly
tested cloud management system. Additionally, you’ll gain a clear understanding of what to expect from
the technology and how to configure everything in a timely and efficient manner.

By the end of this PoC, you will have a highly available, reliable, and flexible CloudStack-powered cloud.
You will gain the confidence to set up and manage a CloudStack IaaS, ensuring the smooth
implementation of the cloud orchestration layer into your infrastructure.

Let’s get started!

Conventions

The following conventions are used to highlight important areas and required inputs:

Highlight a section of interest.

Highlighted text that is related to an important area in the GUI or Component/Feature.

Highlight a button/item from the list in the GUI that requires direct interaction.

1 Numerical sequence when many steps are illustrated by a single screenshot.

Highlighted text which can be copied and pasted directly into the UI.

Highlight text which can be copied and pasted directly into the command prompt.

Note

Warning

London - Mountain View

6 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

CloudStack Install Guide

London - Mountain View

7 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Warning

Hardware requirements
To establish a functional architecture for Apache CloudStack evaluation, the following
hardware is the minimum requirement.
Storage
Primary and Secondary storage created as NFS exports on the CloudStack Management server
500GB of RAID based storage on CloudStack Management server

Hosts
Item Quantity/Description
No. hosts (per cluster required) 3
Clusters/Pods (1 cluster per pod) 1
No. cores (per host) 8
Memory (per host) 32-64GB
Local storage Disk to support Hypervisor/OS
Network Interfaces 2 Ethernet cards
Network throughput 1Gb/s

Management Server
Item Quantity/Description
No. cores 8
Memory 16GB
Local storage 150GB for OS + 500GB for primary and secondary storage of RAID based storage
Network Interfaces 1 Ethernet card
Network throughput 1Gb/s

Networking
Item Quantity/Description
No. Switches 1
VLAN 802.1q support required for advanced network zones.
No. ports Enough ports to connect 2 interfaces on each host considering 1 port for public/guest
networks and 1 port for storage/management (+) 1 interface for
storage/management network for the CloudStack management server.
Throughput 1 Gb/s

London - Mountain View

8 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Soft Requirements
Note

IP Address / VLAN Space

Item Quantity/Description Network IP Address VLAN ID
Public Network 10 public addresses – /24 network IP range - RFC [Link]/24 48
1918 addresses routable within POC environment
Guest Network 20x VLANs dedicated to CloudStack use. 101-120
Management and Storage 40x RFC 1918 addresses [Link]/24 49
Network

Hostname and IP addresses

Host hostname IP Address Netmask

CloudStack Management Server [Link] [Link] [Link]
KVM Host 01 [Link] [Link] [Link]
KVM Host 02 [Link] [Link] [Link]
KVM Host 03 [Link] [Link] [Link]
Reserved System VM IP Address Range - [Link] – [Link] [Link]

Infrastructure Design
Physical Layout

Switch for
Management / Storage
and Public/Guest
Networks

London - Mountain View

9 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Logical Layout

Management Server Setup Overview

Warning

Warning

Warning

London - Mountain View

10 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Preparing the Management Server

Log in to the management server’s OS as the root user.

[Link] mgmt [Link] [Link] [Link]

[Link] host01 [Link]
[Link] host02 [Link]
[Link] host03 [Link]

hostname -f

Note

dnf -y install chrony

systemctl enable --now chronyd

Note
A NTP daemon is required to synchronize the clocks of the servers in your cloud.

vi /etc/selinux/config

SELINUX=enforcing

SELINUX=permissive

setenforce permissive

systemctl stop firewalld

systemctl disable firewalld

London - Mountain View

11 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Installing CloudStack

[cloudstack]
name=cloudstack
baseurl= [Link]
enabled=1
gpgcheck=1
gpgkey=[Link]

dnf -y install cloudstack-management

Warning

Note
Apache CloudStack requires space for Primary and Secondary Storage (refer to the CloudStack Design). Both
storage types can be configured using NFS shares. This section explains how to set up the NFS shares before
adding the storage to CloudStack.

Preparing the NFS Shares

dnf -y install nfs-utils

mkdir -p /export/primary
mkdir -p /export/secondary

vi /etc/exports

/export *(rw,async,no_root_squash,no_subtree_check)

exportfs -a

Installing the Database Server

Note
We’ll begin by installing MySQL and configuring specific options to ensure optimal performance
with CloudStack. The MySQL 8 server will be installed from the AlmaLinux 8 AppStream repository,
which needs to be enabled in the operating system.

London - Mountain View

12 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

dnf -y install mysql-server

systemctl enable mysqld

vi /etc/[Link].d/[Link]

server_id=1
innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
max_connections=350
log-bin=mysql-bin
binlog-format = 'ROW'

systemctl start mysqld

cloudstack-setup-databases cloud:password@localhost --deploy-as=root

It will configure the database with the following information.

Database cloud
User cloud
Password password

cloudstack-setup-management
systemctl enable cloudstack-management
systemctl start cloudstack-management

Note
The Management Server should now be up and running.

London - Mountain View

13 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

KVM Hypervisor Setup

Note
To install the KVM hosts, ensure you have hosts that meet the hardware requirements.

Note
Before continuing, ensure that the latest updates have been applied to the hosts.

Warning

The procedure for installing the Hosts include the following steps:
Prepare the Operating System
Install and configure libvirt
Configure Security Policies (SELinux)
Install and configure the Agent

Preparing the Operating System

[Link] mgmt [Link] [Link] [Link]

[Link] host01 [Link]
[Link] host02 [Link]
[Link] host03 [Link]

hostname -f

Note

dnf -y install chrony

systemctl enable --now chronyd

Note
A NTP daemon is required to synchronize the clocks of the servers in your cloud.

London - Mountain View

14 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

vi /etc/selinux/config

SELINUX=enforcing

SELINUX=permissive

setenforce permissive

systemctl stop firewalld

systemctl disable firewalld

Install and Configure the CloudStack Agent

[cloudstack]
name=cloudstack
baseurl= [Link]
enabled=1
gpgcheck=1
gpgkey=[Link]

dnf -y install cloudstack-agent

Warning

London - Mountain View

15 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Installing and Configuring Libvirt

Note

Note

listen_tls = 0
listen_tcp = 1
tcp_port = 16509
auth_tcp = “none”
mdns_adv = 0

Note

systemctl mask [Link] [Link] [Link] [Link] [Link]

LIBVIRTD_ARGS=-l

systemctl restart libvirtd

London - Mountain View

16 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Configuring the Networking

Warning

Note

Warning

Note

Note

nmcli connection add type bridge con-name cloudbr0 ifname cloudbr0

nmcli connection modify eth0 master cloudbr0
nmcli connection up eth0

nmcli connection modify cloudbr0 [Link] '10.0.33.x/20' [Link] '[Link]' \

[Link] '[Link]' [Link] [Link] manual
nmcli connection up cloudbr0

nmcli connection add type bridge con-name cloudbr1 ifname cloudbr1

nmcli connection modify eth1 master cloudbr1
nmcli connection up eth1

nmcli connection up cloudbr1

London - Mountain View

17 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Adding a CloudStack Zone

Note

1. To access the CloudStack UI, open the following URL in your web browser:
[Link]
2. Login using the following credentials, then click Login.
Username: admin
Password: password
Domain: Blank

London - Mountain View

18 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

3. In the left of navigation pane, click Infrastructure > Zones, then click Add Zone.

4. In the wizard, select Core, click Next and then, on the next page, select Advanced to
create an Advanced Zone and click Next again.

London - Mountain View

19 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Note

5. Fill in the informations required for Zone Details as follows and then click Next.
Name: poc-zone
IPv4 DNS1: [Link]
Internal DNS 1: [Link]
Hypervisor: KVM
Default guest CIDR for Isolated Networks: [Link]/24

London - Mountain View

20 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

6. Next, configure traffic types for the hosts’ physical networks. Click Add Physical Network
to create a new physical network and configure the Traffic Types as follows:

London - Mountain View

21 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

7. Remove Guest and Public traffics from Physical Network 1 clicking on the garbage bin
button for both.

London - Mountain View

22 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

8. Add Guest and Public traffic in the Physical Network 2 by clicking on Add Traffic button
and then, click Add button:

London - Mountain View

23 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

9. Click Edit (the pencil button) for each traffic type and set the traffic label as follows. Once
all traffic labels are defined, click Next:

Name Traffic Type Traffic label

Physical Network 1 - Management cloudbr0
Physical Network 2 - Public cloudbr1
- Guest

London - Mountain View

24 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

cloudbr0

10. Next, configure the Public traffic and add public IPs to be used by the Virtual Routers and
System VMs on the public NIC. Complete the form as follows, click Add, and then click
Next:
Gateway: [Link]
Netmask: [Link]
VLAN/VNI: 48
Start IP: [Link]
End IP: [Link]

London - Mountain View

25 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

Note

11. Complete the form to create and setup the POD, then click Next.

Note

Pod name: POD1

Rerved system gateway: [Link]
Rerved system netmask: [Link]
Start Rerved system IP: [Link]
End Rerved system IP: [Link]

London - Mountain View

26 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

12. Next, configure the Guest Traffic VLANs, then click Next.

VLAN/VNI Range: 101 - 120

London - Mountain View

27 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

13. Next, complete the form with the Cluster name, then click Next.
Cluster Name: cluster01

14. Add the first host, then click Next. Additional hosts will be added once the Zone is ready.
Host Name: [Link]
Username: root
Password: <the root password>
Tags: Blank

London - Mountain View

28 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

15. Complete the form as follows to add a NFS Primary Storage, then click Next.
Name: Primary Storage
Scope: Cluster
Protocol: nfs
Server: [Link]
Path: /export/primary
NFS mount options: Blank
Provider: DefaultPrimary
Storage Tags: Blank

16. Complete the form as follows to add a NFS Secondary Storage, then click Next.
Provider: NFS
Name: Secondary Storage
Server: [Link]
Path: /export/secondary

London - Mountain View

29 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

17. Click Launch Zone to proceed.

18. The Zone will be ready after all resources is configured. Click Enable Zone to finish the
wizard.

London - Mountain View

30 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

19. Add the remaining hosts by clicking Infrastructure > Hosts in the left navigation pane,
then click Add Host.

London - Mountain View

31 Sao Paulo - Cape Town – Bangalore
CloudStack Install Guide

20. Fill in the form as follow and click OK.

Zone Name: Poc Zone
Pod name: POD1
Cluster name: cluster01
Host Name: [Link]
Username: root
Password: <The root password>
Host Tags: Blank

Repeat this step to add host03.

London - Mountain View

32 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Domain Hierarchy, User Accounts and Resource Limits

London - Mountain View

33 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Overview
Apache CloudStack implements domain hierarchies to logically isolate user accounts. This
model can be used to define, for example, departments within the same organization if used
to building on-premises clouds or, different customers when building public clouds. You could
also have a specific domain for sales partners or customers for example.
A domain can contain multiple user accounts. In Apache CloudStack, a user account assumes
a profile defined in roles. There is a set of predefined roles for the most common user
profiles, these being the main ones:

Role Description
Root Admin Manages the entire platform, including physical and logical resources across all domains
and accounts.
Domain Admin Manages all logical resources within the domain and its sub-domains, including user
accounts, sub-domains, and all related virtual computing resources.
User Manages virtual computing resources associated with the user’s own account.

Topics covered
• Managing Domains
• Setting Resource Limits
• Managing User Accounts

Accessing the Control Panel

21. To access the CloudStack UI, open the following URL in your web browser:
[Link]
22. Login using the following credentials, then click Login.
Username: admin
Password: password
Domain: Blank

London - Mountain View

34 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Creating a Domain

Note

London - Mountain View

35 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Name: POC
Network Domain: Blank
Domain: Blank

Limiting Resources at the Domain Level

Note
This screen displays the computing resource limits at the domain level. By default, the resources are set to -1,
which indicates unlimited resource.

Max. User VMs: 10

Max. Public IPs: 5
Max. Volumes: -1
Max. Snapshots: -1
Max. Templates: -1
Max. Networks: 5
Max. VPCs: 2
Max. CPU Cores: -1
Max. Memory (MiB): 4096
Max. Primary Storage (GiB): 50
Max. Secondary Storage (GiB): -1

London - Mountain View

36 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Adding a Domain Administrator Account

Role: Domain Admin (Domain Admin)

Username: admin
Password: password
Confirm Password: password
Email: admin@[Link]
First Name: Administrator
Last Name: PoC Domain
Domain: ROOT/POC
Account: admin
Timezone: <select your timezone>
Network Domain: Blank

London - Mountain View

37 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

London - Mountain View

38 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Max. User VMs: 0

Max. Public IPs: 0
Max. Volumes: 0
Max. Snapshots: 0
Max. Templates: 0
Max. Networks: 0
Max. VPCs: 0
Max. CPU Cores: 0
Max. Memory (MiB): 0
Max. Primary Storage (GiB): 0
Max. Secondary Storage (GiB): 0

London - Mountain View

39 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Adding a User Account and Setting Limits

Username: admin
Password: password
Domain: poc

Role: User
Username: user-1
Password: password
Confirm Password: password
Email: user-1@[Link]
First Name: User-1
Last Name: PoC Domain
Domain: ROOT/POC
Account: poc-user-account
Timezone: <select yours>
Network Domain: Blank

London - Mountain View

40 Sao Paulo - Cape Town – Bangalore
Domain Hierarchy, User Accounts and Resource Limits

Max. User VMs: 10

Max. Public IPs: 5
Max. Volumes: -1
Max. Snapshots: -1
Max. Templates: -1
Max. Networks: 5
Max. VPCs: 2
Max. CPU Cores: -1
Max. Memory (MiB): 4096
Max. Primary Storage (GiB): 50
Max. Secondary Storage (--GiB): -1

London - Mountain View

41 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Managing Guest Instances

London - Mountain View

42 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Overview
This instruction provides you with a basic overview of launching, resizing, and managing an Apache
CloudStack Instance.
Apache CloudStack offers a user-friendly interface that simplifies obtaining and configuring capacity It
gives users full control over their computing resources and operates within a reliable, proven
environment.
CloudStack significantly reduces the time needed to provision and boot new virtual machine Instances
to just minutes, enabling you to quickly scale capacity up or down as your computing requirements
change.

Topics Covered
• Download Template
• Create an Isolated Network
• Modify egress firewall rules
• Launch an Instance
• Using Userdata
• Manage Firewall
• Scale up/down Instance
• Instance console access
• Destroy Instance
• Recover Instance
• Expunge Instance

Accessing the Control Panel

To access the CloudStack UI, open the following URL in your web browser:
[Link]

Username: user-1
Password: password
Domain: poc

London - Mountain View

43 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Registering a new Template

Note
An Apache CloudStack template provides a root disk with a pre-installed operating system for launching an
Instance, which is a virtual machine in the cloud. The template may also include a pre-installed and
configured application server.

Note
You will use a pre-configured template that includes cloud-init, which is set up to run commands during
Instance startup.

London - Mountain View

44 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

URL: [Link]
Name: Debian 11
Description: Debian GNU/Linux 11 (64-bit)
Zone: poc-zone
Hypervisor: KVM
Format: QCOW2
Root disk controller: virtio
OS Type: Debian GNU/Linux 11 (64-bit)
Template Type: USER
Userdata: None
Userdate link policy: None
Extratable: No
Dynamically Scalable: Yes
Public: Yes
Password Enabled: Yes
HVM: Yes

London - Mountain View

45 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Creating a Guest Network and Managing Egress Rules

Note

Note
An Apache CloudStack guest network provides a VLAN-isolated layer that connects the Instance network to
the Virtual Router gateway.

Note
The Virtual Router handles network communication between Instances and the public network. It also
manages firewall rules, userdata, metadata, DHCP for Instances, load balancing, Remote VPN, and TCP/UDP
port forwarding.

London - Mountain View

46 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Name: my-isolated-network
Description: My Isolated Network
Zone: Poc Zone
Network Offering: Offering for Isolated networks with Source Nat service enabled
External Id: Blank
Gateway: Blank
Netmask: Blank
DNS 1: Blank
DNS 2: Blank
Ipv4 address for the VR in this network: Blank
Network Domain: Blank

London - Mountain View

47 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Note
During the creation of an Isolated Network, the parameters Gateway, Netmask, DNS 1, DNS 2, and Ipv4
address for the VR in this network can be customized. However, if left blank, these parameters will inherit the
default values from the Zone configuration.

Click on my-isolated-network and then copy the CIDR address.

Click Egress Rules and add a rule to allow Instances to access the internet as follows. Then
click Add.

Source CIDR: [Link]/24

Destination CIDR: [Link]/0
Protocol: All

London - Mountain View

48 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Registering a UserData
Note
When creating an Instance, you can use Managed UserData to customize its configuration during the boot
process. Managed UserData lets you define settings, scripts, or commands that are automatically applied
when the Instance starts. This can include tasks such as installing software, configuring services, or setting
environment variables.

In the left navigation pane, click Compute > User Data, then click Register a userdata.

London - Mountain View

49 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Complete the form as follows, then click OK.

Name: webserver
Userdata: #! /bin/bash
apt update
apt install -y apache2
echo '<html><h2>Hello from your new WebServer!</h2></html>' >
/var/www/html/[Link]
systemctl enable --now [Link]
systemctl restart [Link]
Base64 encoded: No
Userdata parameters: Blank

London - Mountain View

50 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Creating an Instance running a Web Server

Note
When creating an Instance, you can use Managed UserData to customize its configuration during the boot
process. Managed UserData allows you to define settings, scripts, or commands that are automatically
applied when the Instance starts. This can include tasks like installing software, configuring services, or
setting environment variables.
The cloud-init tool, which is available inside the Debian 11 Template we use, plays a crucial role in this
process. Cloud-init fetches the UserData provided during Instance creation and processes it within the guest
OS (the virtual machine). This UserData is consumed by cloud-init during the boot sequence, ensuring that
the specified configurations and commands are executed automatically, simplifying the initialization and
customization of Instances without manual intervention.

In the left navigation pane, click Compute > Instances, then click Add Instance.

Complete the form as follows, then click Launch Instance:

Zone: poc-zone
Template: Debian 11
Compute Offering: Small Instance
Advanced Mode: Yes
- Stored Userdata: webserver
Name: WebServer01
Group: None
Keyboard Language: None
Start Instance: Yes

London - Mountain View

51 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Configuring Firewall and Port Forwarding for Public Web Server Access

Private Port: Start: 80 – End: 80

Public Port: Start: 80 – End: 80

London - Mountain View

52 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

It will display a list of of Instances available on my-isolated-network network. Select

WebServer01 and click OK.

Click the Firewall tab, complete the form as follows, and then click Add.

Source CIDR: [Link]/0

Protocol: TCP
Start Port: 80
End Port: 80

The added rule will be displayed in the firewall list.

In the Details tab, copy the IP address.

London - Mountain View

53 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Open a new browser tab, paste the copied address, and press enter:

Note
The Web Server is now running.

London - Mountain View

54 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Scaling Up/Down Guest Instances

Note
Scaling out/in involves adjusting the number of Instances to handle changes in load or demand. Scaling out
adds more Instances, while scaling in removes excess Instances. This approach ensures that your application
can manage varying workloads efficiently.
In contrast, scaling up/down changes the allocated resources of existing Instances, such as increasing
memory, CPU or disk. This method helps in handling increased demand without modifying the number of
Instances.

Note
Compute offering in Apache CloudStack define the specifications for virtual machine Instances, such as CPU,
memory, network rate, and disk size. These offerings are critical for ensuring that Instances have the
necessary resources to meet performance and capacity requirements.

Username: admin
Password: password
Domain: poc

London - Mountain View

55 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Name: Poc Instance

Description: Personal PoC Instance
Compute Offering Type: Fixed Offering
CPU Cores: 2
CPU (in Mhz): 1200
Memory (in MB): 768
Host tags: Blank
Network Rate (Mb/s): Blank
Offer HA: Yes
Dynamic scaling enable: Yes
CPU Cap: No
Volatile: No
Deployment planner: None
GPU: None
Public: No
Domain: ROOT/POC
Zone: All Zones
Compute only disk offering: No
Disk Offering: Medium Disk, 20 GB
Disk offering strictness: No

London - Mountain View

56 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Username: user-1
Password: password
Domain: poc

Removing and Recovering Instances

Note
When an Apache CloudStack Instance is no longer needed, it can be destroyed by the user. By default, a
normal user account can only destroy the Instance but cannot permanently remove it from the cloud
infrastructure. The ability for users to expunge Instances is controlled by the Global Setting variable
[Link]. If this variable is set to true, users can expunge Instances, which means they
can permanently remove them from the cloud infrastructure.
If no action is taken within the period defined by the Global Setting variable [Link], the event
purge thread will permanently remove the resource from the infrastructure. Until this purge occurs, Domain
and Account Limits continue to be enforced.

London - Mountain View

57 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Note
When an Instance is destroyed by a regular user account, it may appear as permanently removed from the
user’s view. However, if the Global Setting [Link] variable is set to true, users can view
and recover such destroyed Instances. By default, this setting is false, meaning users cannot see or recover
destroyed Instances.

Username: admin
Password: password
Domain: poc

London - Mountain View

58 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Note
A domain admin account has the capability to manage destroyed Instances, which includes the ability to both
recover and permanently purge these Instances. This functionality allows domain admins to handle Instances
that regular users have destroyed but not permanently removed. Here’s what a domain admin can do:

London - Mountain View

59 Sao Paulo - Cape Town – Bangalore
Managing Guest Instances

Username: user-1
Password: password
Domain: poc

London - Mountain View

60 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Virtual Private Cloud

London - Mountain View

61 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Overview
Virtual Private Cloud (VPC) enables you to create an architecture that mimics a traditional
physical network. Key features of VPC include:

Network Tier isolation

Separates network traffic into distinct layers or network “tiers” providing multiple
isolated network segments within a VPC. This structure enhances security by allowing
each tier to serve a specific function (such as public-facing services, backend operations,
or database access) and simplifies network management.

Access Control List (ACL)

Provides granular control over network traffic by defining rules that permit or deny data
flows.

Site-to-site IPsec VPN

Establishes secure connections between your on-premises infrastructure and your VPC
using IPsec protocols.

Client VPN
Enables remote users to securely connect to your network using a VPN client. This
feature is available for both VPCs and Isolated Network setups, offering secure access
for remote connections regardless of the network structure.

Internal and External Load Balancer

Distributes incoming traffic across multiple Instances to ensure high availability and
reliability of applications, both within the VPC and for external access.

Topics covered
• How to create VPC
• How to create ACLs List
• How to create VPC subnets
• How to create internal and external Load Balancer

VPC Architecture Overview

London - Mountain View

62 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

In this step, you will design and implement a simple architecture to showcase the capabilities
of Virtual Private Cloud (VPC) components for delivering services. Here’s how the architecture
will be structured:

• Define VPC CIDR: Allocate a CIDR block for your VPC to segment network traffic. This
CIDR block will be further divided into subnets to organize and manage traffic
flow,by creating different Networks inside VPC.
• Subnetting
o Frontend Subnet: ([Link]/25) This subnet will manage incoming traffic
from the internet, distributing it to frontend instances through load
balancing to ensure high availability and efficient content delivery.
o Backend Subnet: ([Link]/25): This subnet will handle processing and
serving content, accessible only via the frontend subnet. Internal load
balancing will manage traffic between backend instances for scalable
processing.
• Instances
o Frontend Instances: Deploy 2 Instances in the frontend subnet. These will
handle external user requests and distribute traffic.
o Backend Instances: Deploy 3 Instances in the backend subnet. These will
process requests and provide content.
• Load Balancing:
o External Load Balancer: Set up a load balancer in the frontend subnet to
distribute incoming traffic across the frontend Instances using a round-robin
algorithm.

London - Mountain View

63 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

o Internal Load Balancer: Configure an internal load balancer in the backend

subnet to distribute traffic among backend Instances. This load balancer is
only accessible from the frontend subnet.
• Request Handling:
o The external load balancer will direct incoming user requests to the frontend
Instances.
o Each frontend Instance will use the internal load balancer to distribute traffic
to the backend Instances.
o The round-robin algorithm will ensure that each request is distributed evenly
across the Instances, allowing for balanced load handling and high
availability.

Creating a VPC

Username: user-1
Password: password
Domain: poc

1. In the left navigation pane, click Network > VPC, then click Add VPC.

2. Complete the form as follows, then click OK.

Name: My VPC
Description: Blank
Zone: poc-zone
CIDR: [Link]/24
Network Domain: Blank
VPC Offering: Default VPC Offering
DNS 1: Blank
DNS 2: Blank
IPv4 address for the VR in this Network: Blank
Start: yes

London - Mountain View

64 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Creating ACL Lists

In Apache CloudStack, a Network ACL (Access Control List) is a set of ordered rules that
control the flow of traffic within a Virtual Private Cloud (VPC). These rules are evaluated
sequentially, starting from the lowest number, to determine whether traffic is permitted or
denied. ACLs are associated with VPC Network tiers and can be applied to multiple network
tiers, but each tier can only have one ACL assigned at a time. The ACL rules specify the types
of traffic, sources, destinations, and protocols allowed or denied, providing a secure,
organized structure for traffic management between different network tiers within the VPC.

Note
Before setting up the VPC networks, we will first create the necessary ACLs to control access for each VPC
network tier.

London - Mountain View

65 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

3. In the VPC list, select My VPC, then click Network ACL Lists. A list of default ACLs will be
displayed.

4. Add two new ACLs, one for Frontend and one for Backend. Click Add Network ACL List,
and complete the form to create the Frontend ACL List as follow. Once done, click OK:

ACL List Name: ACL-FE

Description: Frontend ACL List

London - Mountain View

66 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

5. Click Add Network ACL List again to create the Backend ACL List, and follow the same
process as before.

ACL List Name: ACL-BE

Description: Backend ACL List

6. Click ACL-FE, select ACL list Rules to add an rule that denies all incoming traffic from the
backend tier. Click Add ACL and complete the form as specified, and then click OK.

#Rule: 1
CIDR List: [Link]/25
Action: Deny
Protocol: All
Traffic Type: Ingress
Description: Deny all ingress traffic from backend tier.

London - Mountain View

67 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

7. Return to ACL lists and click ACL-BE, then click ACL List Rules. Add a rule to allow incoming
HTTP traffic (port 80) from the frontend tier by clicking Add ACL button and complete the
form as specified, then click OK.

#Rule: 1
CIDR List: [Link]/25
Action: Allow
Protocol: TCP
Start Port: 80
End Port: 80
Traffic Type: Ingress
Description: Allow http ingress traffic from frontend tier.

London - Mountain View

68 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

8. Click Add ACL again to deny any other ingress traffic from the frontend. Complete the
form as specified, and then click OK.

#Rule: 2
CIDR List: [Link]/25
Action: Deny
Protocol: All
Traffic Type: Ingress
Description: Deny all ingress traffic from frontend tier.

Creating Network Tiers

9. In the left navigation pane, go to Network > VPC, then click My VPC.

London - Mountain View

69 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

10. Click the Networks tab, then click Add new Network Tier.

London - Mountain View

70 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

11. Complete the form as specified, then click OK.

Name: Frontend Tier

Network Offering: Offering for Isolated Vpc networks with Source Nat service enabled
Gateway: [Link]
Netmask: [Link]
External Id: Blank
ACL: ACL-FE

12. Click the Networks tab, then click Add new Network Tier again.

Name: Backend Tier

Network Offering: Offering for Isolated Vpc networks with Internal LB support
Gateway: [Link]
Netmask: [Link]
External Id: Blank
ACL: ACL-BE

London - Mountain View

71 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Registering a Managed UserData Script for the Backend Instances

Note

13. In the left navigation pane, go to Compute > User Data, then click Register a userdata.

London - Mountain View

72 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

14. Complete the form as specified, then click OK.

Name: backend-webserver
Userdata: ## template: jinja
#cloud-config
package_update: true
packages:
- apache2
runcmd:
- a2enmod cgid
- sed -i '/<Directory \/var\/www\/>/!b;n;c\ Options Indexes FollowSymLinks
ExecCGI' /etc/apache2/[Link]
- sed -i 's|<Directory /var/www/>|<Directory /var/www/html>|'
/etc/apache2/[Link]
- sed -i 's/DirectoryIndex .*/DirectoryIndex [Link]/' /etc/apache2/mods-
available/[Link]
- sed -i 's|#AddHandler cgi-script .cgi|AddHandler cgi-script .py|'
/etc/apache2/mods-available/[Link]
- rm -rf /var/www/html/[Link]
-|
cat << 'EOF' > /var/www/html/[Link]
#!/usr/bin/env python3
import socket
print("Content-type: text/plain\n")
print([Link]())
EOF
- chmod 705 /var/www/html/[Link]
- systemctl enable --now [Link]
- systemctl restart [Link]
Base64 encoded: No
Userdata parameters: Blank

London - Mountain View

73 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Creating Backend Instances

15. In the left navigation pane, go to Compute, then select Instances.

16. Click Add Instance.

Note
To create each of the three backend Instances, modify only the Name field as follows: backend-Instance-01,
backend-Instance-02, backend-Instance-03.

17. Complete the forms for each Instance (backend-Instance-01, backend-Instance-02,

backend-Instance-03) as specified, then click Launch Instance:

London - Mountain View

74 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Zone: poc-zone
Template: Debian 11
Compute Offering: Small Instance
Networks:
- Backend Tier: Yes
- Frontend Tier: No
Advanced Mode: Yes
- Stored Userdata: backend-webserver
Name: backend-Instance-0[1,2,3]
Group: None
Keyboard Language: None
Start Instance: Yes

Creating and configuring the Internal Load Balancer

Note

18. In the left navigation pane, go to Network, select VPC, then select My VPC.

19. Click the Networks tab, expand the Internal LB menu, and then click Add Internal LB.

London - Mountain View

75 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

20. Complete the form as follows, then click OK.

Name: Backend LB service

Description: Internal LB service for Backend service
Source IP Address: Blank
Source Port: 80
Instance Port: 80
Algorithm: Round-robin

21. Copy the Source IP Address; it will be used later.

London - Mountain View

76 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

22. Select the Backend LB Service.

23. Click the Assigned Instances tab, then click Assign Instance.

24. Select all backend Instances, then click Ok.

London - Mountain View

77 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Registering a Managed UserData Script for the Frontend Instances

Note

25. In the left navigation pane, go to Compute and select User Data. Then click Register a
userdata.

London - Mountain View

78 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

26. Complete the form as follows, then click OK to create the userdata.
Name: frontend-webserver
Userdata: ## template: jinja
#cloud-config
package_update: true
packages:
- apache2
runcmd:
- a2enmod cgid
- sed -i '/<Directory \/var\/www\/>/!b;n;c\ Options Indexes
FollowSymLinks ExecCGI' /etc/apache2/[Link]
- sed -i 's|<Directory /var/www/>|<Directory /var/www/html>|'
/etc/apache2/[Link]
- sed -i 's/DirectoryIndex .*/DirectoryIndex [Link]/' /etc/apache2/mods-
available/[Link]
- sed -i 's|#AddHandler cgi-script .cgi|AddHandler cgi-script .py|'
/etc/apache2/mods-available/[Link]
- rm -rf /var/www/html/[Link]
-|
cat << EOF > /var/www/html/[Link]
#! /usr/bin/env python3
import requests
import socket
h = [Link]()
r = [Link]("[Link] ds.meta_data.internal_lb }}/")
print("Content-type: text/html\n\n")
print("<html>\n<body>")
print("<meta http-equiv=\"refresh\" content=\"10\"/>")
print("<div style=\"width: 100%; font-size: 40px; font-weight: bold; text-align:
center;\">")
print('%s - %s' % (h, [Link]))
print("</div>\n</body>\n</html>")
EOF
- chmod 705 /var/www/html/[Link]
- systemctl enable --now [Link]
- systemctl restart [Link]
Base64 encoded: No
Userdata parameters: internal_lb

London - Mountain View

79 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

London - Mountain View

80 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Creating Frontend Instances

27. In the left navigation pane, go to Compute and select Instances. then click Add Instance.

Note
When completing the Instances form, set the internal_lb key to the value copied from step 21. Additionally,
update the Name field as follows: frontend-Instance-01, frontend-Instance-02.

28. Complete the forms for frontend-Instance-01 and frontend-Instance-02, ensuring the
internal_lb value is set correctly. Then, click Launch Instance. The internal_lb setting is
crucial for enabling proper load balancing across the backend tier Instances behind the
Internal Load Balancer.

Zone: poc-zone
Template/ISO: Debian 11
Compute Offering: Small Instance
Networks:
- Backend Tier: No
- Frontend Tier: Yes
Advanced Mode: Yes
- Stored Userdata: backend-webserver
internal_lb: [Link]
Name: frontend-Instance-0[1,2]
Group: None
Keyboard Language: None
Start Instance: Yes

London - Mountain View

81 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

Creating and Configuring the External Load Balancer for Frontend Tier
29. In the left navigation pane, go to Network > VPC, and then click My VPC.

30. Select the Public IP Address tab, then click Acquire New IP. Choose one IP Address from
the list, then click OK.

31. Click on the acquired IP address.

London - Mountain View

82 Sao Paulo - Cape Town – Bangalore
Virtual Private Cloud

32. Copy the IP Address; it will be used later.

33. Click the Load Balancing tab, complete the form as specified, and then click Add.
Name: www
Public port: 80
Private port: 80
CIDR list: Blank
Algorithm: Round-robin
Protocol: TCP
AutoScale: No

34. Select the tier Frontend Tier, choose all Instances from the list, and then click OK.

Accessing the Service within the VPC

35. Open a new tab in your browser, and paste the IP Address copied in the step #32.

Note
The web page will refresh automatically every 10 seconds. Each time the page reloads, you will see both the
frontend and backend hostnames change. This demonstrates the load balancing in action, as the frontend
Instance connects to different backend Instances via the internal load balancer, displaying the hostname of
each Instance handling the request.

London - Mountain View

83 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

AutoScale Instance Group

London - Mountain View

84 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Overview
Apache CloudStack provides an Autoscaling feature that enables automatic scaling of
Instances in response to changes in demand. This is particularly useful for environments
where workloads fluctuate, allowing resources to be dynamically adjusted based on
predefined conditions or thresholds. Autoscaling is commonly used in both private and public
cloud environments, ensuring that the necessary compute resources are available during
peak times while minimizing costs during low usage periods.

The Autoscaling functionality in CloudStack integrates with the Virtual Router, which acts as a
load balancer for distributing incoming traffic across multiple Instances. Based on pre-
configured metrics, CloudStack will automatically increase (scale-out) or decrease (scale-in)
the number of Instances to meet the demand. This provides a seamless way to manage
resources efficiently without manual intervention.

Autoscaling relies on performance counters to monitor the state of the Instances. The
following key metrics can be used to trigger scaling actions:

• Instance CPU: Average percentage of CPU utilization per Instance.

• Instance Memory: Average percentage of memory utilization per Instance.
• Public Network (Receive): Mbps received per Instance.
• Public Network (Transmit): Mbps transmitted per Instance.
• Load Balancer: Average number of connections per Instance.

In a typical setup, an Autoscaling Group defines the rules and conditions for scaling, including
the minimum and maximum number of Instances, health checks, and the metrics to monitor.
The Autoscaling Group ensures that the appropriate number of Instances are always running
to handle traffic, scaling up when necessary and removing unneeded Instances during quieter
periods.

Topics covered
• Creating Load Balancer with Autoscaling enabled
• Creating specific UserData
• Creating Autoscale Instance Group
• Simulating Autoscaling using Apache Benchmark

Accessing the Control Panel

To access the CloudStack UI, open the following URL in your web browser:
[Link]

Username: user-1
Password: password
Domain: poc

London - Mountain View

85 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Creating a Guest Network and Managing Egress Rules

Name: autoscaling-network
Description: Autoscaling Network
Zone: Poc Zone
Network Offering: Offering for Isolated networks with Source Nat service enabled
External Id: Blank
Gateway: Blank
Netmask: Blank
DNS 1: Blank
DNS 2: Blank
Ipv4 address for the VR in this network: Blank
Network Domain: Blank

London - Mountain View

86 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Click on autoscaling-network and then copy the CIDR address.

London - Mountain View

87 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Click Egress Rules and add a rule to allow Instances to access the internet as follows. Then
click Add.
Source CIDR: [Link]/24
Destination CIDR: [Link]/0
Protocol: All

Creating a Load Balancer with Autoscaling

Note
Unlike a traditional Load Balancer where Instances need to be manually associated, when Autoscale is
enabled, there is no need to manually add Instances. The Autoscaling Group automatically manages this
process by adding or removing Instances based on the defined scaling policies, ensuring that the Load
Balancer always has the appropriate number of Instances to handle incoming traffic.

Now, click on Public IP addresses tab and acquire 2 new IP addresses by clicking on Acquire
new IP button.

London - Mountain View

88 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

The two Public IP addresses will be displayed, with one of them serving as the Source NAT
and the other designated for the Load Balancer.

Now, click on Firewall tab and enable incoming http connections completing the form as
follows and then, click Add.
Source CIDR: Blank
Protocol: TCP
Start port: 80
End port: 80

The firewall rule will be listed as bellow.

Click on Load balancing tab and complete the form as follows and then, click Add:
Name: my-autoscaling-app
Public port: 80
Private port: 80
CIDR list: Blank
Algorithm: Round-robin
Protocol: TCP
AutoScale: Yes

London - Mountain View

89 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Registering a Managed UserData Script for the Autoscaling

In the left navigation pane, go to Compute > User Data, then click Register a userdata.

Complete the form as specified, then click OK.

Name: autoscaling-webserver-userdata
Userdata: #cloud-config
package_update: true
packages:
- apache2
runcmd:
- a2enmod cgid
- sed -i '/<Directory \/var\/www\/>/!b;n;c\ Options Indexes FollowSymLinks
ExecCGI' /etc/apache2/[Link]
- sed -i 's|<Directory /var/www/>|<Directory /var/www/html>|'
/etc/apache2/[Link]
- sed -i 's/DirectoryIndex .*/DirectoryIndex [Link]/' /etc/apache2/mods-
available/[Link]
- sed -i 's|#AddHandler cgi-script .cgi|AddHandler cgi-script .py|' /etc/apache2/mods-
available/[Link]
- rm -rf /var/www/html/[Link]
-|
cat << EOF > /var/www/html/[Link]
#!/usr/bin/env python3
import socket
import time
[Link](5)
print('Content-type: text/html\\n\\n')
print('<h1><p style="text-align: center;">Apache CloudStack Autoscaling
Demo</p></h1>')
print('<h2><p style="text-align: center;"><strong> Instance:
</strong>{}</p></h2>'.format([Link]()))
EOF
- chmod 705 /var/www/html/[Link]
- systemctl enable --now [Link]
- systemctl restart [Link]

London - Mountain View

90 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Base64 encoded: No
Userdata parameters: Blank

Note
The managed UserData script for the Autoscaling Instances Group automates the configuration of the Apache
web server to run CGI scripts in Python. It enables the CGI module and updates the Apache configuration to
allow CGI script execution in the /var/www/html/ directory. The default file to be served is changed to
[Link], which is set to be treated as a CGI script. The [Link] script fetches the hostname of backend
instances and displays it alongside the frontend hostname. A sleep 5 command is included in the script to
simulate a slight delay, which is useful for testing how the Autoscaling system handles load and latency under
real-world conditions, allowing users to observe the scaling behaviour in action.

Creating an Autoscaling Instance Group

In the left navigation pane, go to Compute > AutoScale Instance Groups, then click New
AutoScale Instance Group.

London - Mountain View

91 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

The form New AutoScale Instance Group will be shown. First, select a Zone where the
Autoscaling Group will be created.

Next, select the Debian 11 Template.

Next, select a Compute offering.

London - Mountain View

92 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Select the Network autoscaling-network.

Select the Load Balancing my-autoscaling-app.

Note
In this simulation example, we will create a ScaleUp and ScaleDown Policies based on the number of load
balancer connections per Instance. The values used are reduced and do not reflect a real-world scenario. The
purpose here is to demonstrate the concept and illustrate how the scaling mechanism works. This simplified
approach focuses on applying the principles of Autoscaling and understanding its functionality rather than
replicating production-level scaling conditions.

London - Mountain View

93 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Complete the form to create a Scale Up Policy, then click Add condition.
Name: ScaleUpPolicy-0
Duration (in sec): 20
Quiet time (in sec): 20
Counter: Load Balancer - average connections per vm
Operator: Greater than
Threshold: 1

Note
The ScaleUp Policy defines the conditions under which an AutoScale Instance Group will automatically scale
up, meaning new Instances will be added to handle increased demand. When creating an AutoScale Instance
Group, at least one ScaleUp policy is required. The scaling process is triggered when all conditions in the
ScaleUp policy are met.

Next, complete the form to create a Scale Down Policy, then click Add condition.
Name: ScaleDownPolicy-0
Duration (in sec): 20
Quiet time (in sec): 20
Counter: Load Balancer - average connections per vm
Operator: Less than
Threshold: 1

London - Mountain View

94 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Note
The ScaleDown Policy defines the conditions under which an AutoScale Instance Group will automatically
scale down, meaning Instances will be removed when demand decreases. Unlike the ScaleUp Policy, the
ScaleDown policy ensures that resources are reduced when conditions meet specified thresholds. The scaling
down process is triggered when all conditions in the ScaleDown policy are satisfied, and the system will
decrease the number of Instances to optimize resource usage during lower demand periods.

Now, enable Advanced Mode, then select the autoscaling-webserver-userdata in the

Userdata section.

To finish the AutoScale Instance Group creation, complete the fields in the Details section
and then click Create.
Name: webserver-autoscaling-group
Expunge Instance grace period (in sec): 20
Max members: 3
Min members: 1
Polling interval (in sec): 20

London - Mountain View

95 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Note
The Expunge Instance Grace Period (20 seconds) defines the time an instance will remain in the system
before being permanently removed after it is marked for expunging. The Max Members is set to 3, meaning
the AutoScaling Group can have up to 3 Instances running simultaneously, while the Min Members is set to 1,
ensuring at least one Instance is always running. The Polling Interval (20 seconds) specifies how frequently
the system checks the scaling conditions, determining whether to scale up or down based on the current load
and metrics.

The webserver-autoscaling group is now listed on the AutoScale Instance Group page.
Click on it to view or manage its details.

London - Mountain View

96 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

Next, click on the Events tab. Here, you can view all SCALEUP events related to the
AutoScale Instance Group.

Related to the SCALEUP event, as defined in the AutoScale Instance Group, an Instance
will be created based on the minimum number of Instances specified.

Simulating Autoscaling using Apache Benchmark

Note
To perform the web request simulation against the load balancer, ensure that Apache Benchmark (ab) is
installed on your desktop. This tool is required to execute the task and simulate traffic towards the load
balancer for testing the autoscaling behaviour.

London - Mountain View

97 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

To generate traffic in the load balancer, copy the IP address from the webserver-
autoscaling Autoscaling Group in the Details page.

Next, open a terminal on your desktop and run the following command, replacing
ip_address with the AutoScale Instance Group IP address you copied earlier.
ab -n 200 -c 4 [Link]
Note
The Apache Benchmark (ab -n 200 -c 4 [Link] command will send 200 total requests to the
specified IP address, with 4 concurrent requests at a time. Given that the webpage has a 5-second delay (due
to the [Link](5) in the Python script), the overall time for the load test will account for the processing of
each request. Depending on network latency and server response times, this will help simulate load and
observe the behaviour of the Autoscaling Group under stress, especially as it scales to meet demand.

London - Mountain View

98 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

London - Mountain View

99 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

As the Apache Benchmark command continues generating traffic to the load balancer
endpoint, the SCALEUP trigger will keep scaling the number of Instances until the
maximum limit defined in the AutoScale Instance Group is reached.

London - Mountain View

100 Sao Paulo - Cape Town – Bangalore
Autoscaling Group

When the Apache Benchmark command completes, the SCALEDOWN trigger will be
executed, and the instances will be removed until the number of Instances returns to the
minimum defined in the AutoScale Instance Group.

London - Mountain View

101 Sao Paulo - Cape Town – Bangalore
References and Resources

References and Resources

London - Mountain View

102 Sao Paulo - Cape Town – Bangalore
References and Resources

For additional information and support, you can explore the following resources:

• Apache CloudStack Official Website: Visit the CloudStack website to learn more about
its features, updates, and community.

• Official Documentation: Access the Apache CloudStack Documentation for detailed

guidance on configuring and managing your CloudStack environment.

• ShapeBlue Website: Discover more about CloudStack support, services, consultancy,

and training at ShapeBlue.
• Advisory Session with a Cloud Architect: Schedule a session to discuss your CloudStack
architecture and deployment with a professional architect at ShapeBlue. Visit Get an
Advisory Session for more details.

London - Mountain View

103 Sao Paulo - Cape Town – Bangalore
 [Link]/

Apache CloudStack is the leading open source cloud orchestration platform, in use by
many of the world’s largest public and private clouds. It is a multi-hypervisor, multi-
tenant, high-availability Infrastructure as a Service cloud management platform. CloudStack
is software that provides a cloud orchestration layer, giving automation of the creation,
provisioning and configuration of IaaS components.

CloudStack turns an existing virtual infrastructure into a cloud-based infrastructure as a

Service (IaaS) platform. The fact CloudStack leverages existing infrastructure means that
the cost and time for an organisation to build a multi-tenant IaaS platform is greatly reduced.

info@[Link] [Link]

ShapeBlue is the largest independent integrator of CloudStack technologies globally

and are specialists in the design and implementation of IaaS cloud infrastructures for
both private and public cloud implementations. We combine 100’s of person-years of
experience in designing and building complex network, storage and compute
infrastructures with globally leading skills in Apache CloudStack.