Re: [opnfv-tech-discuss] Jump server common configuration for PXE/admin network - questions

2017-08-08 Thread Julien 
please refer to my inline comments.

Alexandru Avadanii 于2017年8月7日周一 上午3:30写道:

> Hi,
> I am looking at integrating Fuel@OPNFV/MCP with our OPNFV baremetal PODs
> (both x86_64 and aarch64).
> Right now I am playing with MaaS and its network configuration.
>
> The old Fuel@OPNFV was relying on the jump server's "pxebr" bridge
> interface, which is supposed to reach all baremetal nodes, for PXE-booting
> purposes.
> If we want to reuse this interface as-is, we need to make sure "pxebr"
> will also have internet access, one way or another, on all PODs supporting
> Fuel@OPNFV deploys.
>
Julien: no directly internet access is required for "pxebr", but the node
which Fuel master deployed should have internet access.
  During the deployment, Fuel master will the check the internet
accessible through ping during configure stage and fetch packages during
the deployment.
  Usually the deploy the Fuel master as VM and all the response in
the following based on this assumption.

>
> Afaik, each POD is configured differently, the customizations ranging from
> different IP/subnets to totally different layouts.
> E.g. Armband used to have 2 network attached to its old Fuel Master node:
> - 1 x PXE/admin - no external configuration, TFTP/DNS/DHCP was provided by
> Fuel Master node - hooked up to a port in our dumb version of "pxebr";
> - 1 x public - external gateway, no external DHCP - hooked up to jump
> server's "public" bridge;
> However, x86 PODs running Fuel were configured to use only:
> - 1 x PXE/admin interface, hooked to "pxebr", which also had external
> internet access (NAT-ed?), but no external DHCP/DNS in order not to
> conflict with the ones provided by Fuel Master;
>
> Going forward, I would like to align the new network requirements between
> our PODs and the rest of the OPNFV pool, so here are some questions:
> - is PXE/admin interface (connected to "pxebr") supposed to always have
> internet access? If so, how? NAT on the jump server? Or external gateway?
> Can we assume this is going to happen for all PODs, or should we support
> different configurations as well?
>
Julien: Use static route is OK and SNAT should be used for Fuel master.
please also check whether the firewall in the jumpser blocks the packages.

> - is LOM (the network used to access baremetal nodes IPMI interfaces)
> routed to PXE/admin or public, or is it a separate, independent network?
> This seems to vary from POD to POD.
>
Julien: I would prefer a separate network. You can refer the configuration
in securedlab repo.

> - is LOM expected to have external DNS/DHCP, or is this up to the team
> responsible for POD config?
>
Julien: Usually we configure the LOM address statically or we can not keep
consistent relationship with hardware and management IP address.

>
> Thanks,
> Alex
> ___
> opnfv-tech-discuss mailing list
> opnfv-tech-discuss@lists.opnfv.org
> https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss
>
___
opnfv-tech-discuss mailing list
opnfv-tech-discuss@lists.opnfv.org
https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss

[opnfv-tech-discuss] Jump server common configuration for PXE/admin network - questions

2017-08-06 Thread Alexandru Avadanii 
Hi,
I am looking at integrating Fuel@OPNFV/MCP with our OPNFV baremetal PODs (both 
x86_64 and aarch64).
Right now I am playing with MaaS and its network configuration.

The old Fuel@OPNFV was relying on the jump server's "pxebr" bridge interface, 
which is supposed to reach all baremetal nodes, for PXE-booting purposes.
If we want to reuse this interface as-is, we need to make sure "pxebr" will 
also have internet access, one way or another, on all PODs supporting 
Fuel@OPNFV deploys.

Afaik, each POD is configured differently, the customizations ranging from 
different IP/subnets to totally different layouts.
E.g. Armband used to have 2 network attached to its old Fuel Master node:
- 1 x PXE/admin - no external configuration, TFTP/DNS/DHCP was provided by Fuel 
Master node - hooked up to a port in our dumb version of "pxebr";
- 1 x public - external gateway, no external DHCP - hooked up to jump server's 
"public" bridge;
However, x86 PODs running Fuel were configured to use only:
- 1 x PXE/admin interface, hooked to "pxebr", which also had external internet 
access (NAT-ed?), but no external DHCP/DNS in order not to conflict with the 
ones provided by Fuel Master;

Going forward, I would like to align the new network requirements between our 
PODs and the rest of the OPNFV pool, so here are some questions:
- is PXE/admin interface (connected to "pxebr") supposed to always have 
internet access? If so, how? NAT on the jump server? Or external gateway? Can 
we assume this is going to happen for all PODs, or should we support different 
configurations as well?
- is LOM (the network used to access baremetal nodes IPMI interfaces) routed to 
PXE/admin or public, or is it a separate, independent network? This seems to 
vary from POD to POD.
- is LOM expected to have external DNS/DHCP, or is this up to the team 
responsible for POD config?

Thanks,
Alex
___
opnfv-tech-discuss mailing list
opnfv-tech-discuss@lists.opnfv.org
https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss