Sounds like you are complicating the setup (or feel the need to do so, for
whatever reason).
Did you test:
parent domain with domain admin "admin" - then just regular users accounts
(QA/DEV) - so each QA and DEV can create their own resources (networks,
VMs, etc) - QA and DEV are separate accounts/tenants so can't access each
other's resources (i.e. different tenants)
THe domain admin account for that domain ("admin" account), being the
domain admin, should be able to manage resources of all user's inside his
own domain. - but if you provision a resource as ADMIN user (domain admin
user), those resources will be owned by ADMIN account only (as expected) -
so keep that in mind.
Best,
On Thu, 3 Jun 2021 at 11:04, Yordan Kostov <[email protected]> wrote:
> Thank you Andrija,
>
> Indeed tested that, if ON "bypass vlan overlap" option, it is
> possible to create 2 shared networks in the same vlan.
> IP gets assigned but for some reason the interface is shutdown in
> some time(Ubuntu 20). I am now troubleshooting the reason for this.
>
> The design I am trying to create current is - 3 groups of users -
> lets call them QA and DEV and ADMIN teams.
> - Network A is for QAs.
> - Network B is for DEVs.
> - ADMIN should have access to both networks.
>
> I tried that setup with one parent domain (admins) and to child (QA and
> DEV). Assigning a network to child domain DEV hides the network from QA.
> ADMIN domain see the network but cannot create instances inside.
>
> If those 3 accounts are under one domain is it possible to:
> - assign Network A to be operated and visible only to QA and
> Admins
> - assign Network B to be operated and visible only to DEV and
> Admins
>
> The only solution I have found so far is the following:
> - Define 2 networks - A and B with VR (DHCP, DNS, USERDATA) only available
> to ADMINS so nobody sees them
> - Define L2 network AA with USERDATA assigned to QA that overlaps vlan id A
> - Define L2 network BB with USERDATA assigned to DEV that overlaps vlan id
> B
>
> Both users and admins can create instances. Users will not be able to
> change or choose IP address.
>
> Regards,
> Jordan
>
>
>
>
> -----Original Message-----
> From: Andrija Panic <[email protected]>
> Sent: Thursday, June 3, 2021 10:38 AM
> To: users <[email protected]>
> Subject: Re: 2 networks with DHCP in the same subnet?
>
>
> [X] This message came from outside your organization
>
>
> Considering you are trying to create 2 shared networks (irrelevant of
> their IP range), and I ASSUME you want them on the same VLAN? - then I
> don't think this alone is possible (2 network with the same VLAN)
>
> If you can do it, then it's easy to test what you are asking.... and have
> first hand-answer :)
>
> IN ACS workdl, in theory, 2 DHCP CAN operate in the same network, since
> ACS provisions explicit DHCP reservations for each IP - i.e. you can't just
> boot another VM (provisionined manually, outside ACS) in the same VLAN - as
> DHCP will reject to give it an IP.
>
> Best,
>
> On Wed, 2 Jun 2021 at 15:43, Yordan Kostov <[email protected]> wrote:
>
> > Dear all,
> >
> > Is it possible to have one /24 network - for example
> > 10.10.10.0/24 where it is divided into 2 shared networks as follow:
> >
> > * Network A - 10.10.10.2-50 where 2 is Virtual router with DHCP for
> > the ip range mentioned
> > * Network B - 10.10.10.51-200 where 51 is Virtual router with DHCP
> for
> > the ip range mentioned
> >
> > I understand 2 DHCPs cannot operate in the same network but I was
> > wondering if this can be achieved somehow?
> >
> > Best regards,
> > Jordan
> >
>
>
> --
>
> Andrija Panić
>
--
Andrija Panić
