Assigning a Portable Subnet

0
votes

I am wondering if auto-assigning to a portable private subnet can be done? Ideally, this would be at provisioning time.

I have been following this thread but it seems you can only specify a primary subnet with this method: https://forums.softlayer.com/forum/softlayer-developer-network/general-discussion/84021-create-vm-with-ip-addresses-assigned-to-the-specified-subnets

We are looking to have a network separation of servers by putting them on separate subnets (with firewall rules to drop connections between these subnets).

Would this have to be done in post-provisioning via the API?

Thanks in advance!

Edit: Here is how I am provisioning the device:

curl -X POST --data @baseOS.json https://${SL_USERNAME}:${SL_API_KEY}@api.softlayer.com/rest/v3/SoftLayer_Virtual_Guest/createObject

baseOS.json:

{
  "parameters":[
    {
      "hostname": "test03",
      "domain": "test.com",
      "primaryBackendNetworkComponent": {
         "networkVlan": {
            "id": <SUBNET_ID>,
            "primarySubnetId": <SUBNET_ID>
          }
      },
      "datacenter": {
        "name": "mon01"
      },
      "startCpus": 1,
      "maxMemory": 1024,
      "hourlyBillingFlag": true,
      "localDiskFlag": false,
      "networkComponents": [
        {
          "maxSpeed": 10
        }
      ],
      "blockDeviceTemplateGroup": {
        "globalIdentifier": "<ID>"
      }
    }
  ]
}
1
ibm-cloud-infrastructure
If I am not wrong you just need to specify the id of your portable subnet, you just need to make sure that you are providing the correct ids for VLAN and subnet in the order. Did you try setting the correct ids in your order? - Nelson Raul Cabero Mendoza
Yes, I had tried this. Unfortunately, an error is returned: curl -X POST --data @baseOS.json https://${SL_USERNAME}:${SL_API_KEY}@api.softlayer.com/rest/v3/SoftLayer_Virtual_Guest/createObject {"error":"The subnet specified #<SUBNET_ID> (<IP>\/26) does not currently have available slots. Free up space or remove the subnet specification.","code":"SoftLayer_Exception_Public"} The portable subnet is brand new and empty so I figure it's a generic message. - vhuynh
It looks like an issue, I suggest you to open a ticket about this in the Softlayer's Portal. - Nelson Raul Cabero Mendoza
I've logged a ticket. If I was to add a secondary private subnet in post-provisioning, how would I go about doing this? - vhuynh
Sorry, changing the subnet in post-provisioning using API is not possible, you need to submit a tciket and ask softlayer´s guys change it for you - Nelson Raul Cabero Mendoza

1 Answers

0
votes

IP assignment for new servers is done out of the primary front end/backend subnets. There is no way to influence which IPs are chosen for the primaries.

If you wanted to keep security to a subnet level, you would need to assign an IP to each server from the portable subnet as a secondary and DENY traffic from the primary subnet.

Using subnets may not be the best approach if you are not fully utilizing all available IPs you will run into IP justification issues. This may result in not having enough subnets for the desired config.

While it is more to manage, it may be better to have a more robust set of firewall rules that address communication on the primary subnet.