You could go with the first option but that may require you to create etherstubs with dladm and update nic_tag attribute in vmadm.
Much simpler would be the second option where you can further isolate the containers via CIDR subnetting. On Sat, Sep 10, 2016 at 8:38 AM, 郑圆杰 <[email protected]> wrote: > Hi, all > > > > we are working on our own yarn application that we can run the container > with lxzone. > > > > there is a interesting situation. > > Users work on the their own tenant isolated by virtual private network. > > And we have a public compute service based on yarn hosted on another > virtual private network. > > users will submit their compute tasks to compute service. > > And yarn container needs the user private data on user tenant. > > After the container complete the task, it will reply back the output data. > > > > ways to approach this situation > > 1. attach all virtual private network on a router > > 2. multiple vnic on every vms. one for private network another for > public network > > 3. floatingip > > 4. centralized data service > > > > Any best practice on this situation? > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> > <https://www.listbox.com/member/archive/rss/184463/25253051-d319687c> | > Modify > <https://www.listbox.com/member/?&;> > Your Subscription <http://www.listbox.com> > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
