On 01/08/2015 06:36 PM, Antonio Messina wrote:
Hi all, I'm also interested in this setup.
On Fri, Dec 26, 2014 at 12:31 AM, George Shuklin
<[email protected]> wrote:
Report on progress so far:
I was able to fix policies (nova/neutron) to allow tennants to plug to 'own'
external networks, found and report few bugs about error messaging in ML2,
got working dhcp-agent (on external network! haha). Right now it works with
Can you please be a bit more specific on the issues and bug reports? I
did some testing on this kind of setup, and as far as I understand
Neutron in Juno does not allow you to change the policy for one
specific network, so the best I could do is to allow *any* tenant to
plug a port on *any* external network, while in my setup I would like
to only allow tenants to plug an interface on one specific external
network (I will create different "external" networks of this kind)
i may be wrong as i haven't tested that on juno, but in icehouse and
havana i've setup external/provider networks one for each tenant
you may need to apply a patch for BUG #1352102 (i'm not sure if it made
it into juno)
I wrote a short blogpost with the configuration I made:
http://www.s3it.uzh.ch/blog/openstack-neutron-vlan/
i've set the policy like this
"network:attach_external_network": "rule:admin_or_owner"
.a.
Up to now it looks really great from infrastructure (ops) point of view: no
SPoF on networks nodes, no NAT, no confusing local addresses with floatings.
Each instance receive white IP and use it as it is. All routing is offloaded
to network hardware. Cool oldstyle robust networking, less non-computing
(not paying) hosts, less moving parts. It may be not so great from point of
view of 'bleeding edge' part of openstack (heat/LB/etc), but I do not want
my infrastructure to bleed...
I really like this design too, very KISS-y
100% agree
--
1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
