Open Stack

Let's talk about this at the team meeting.  I think Mark is asking
essentially the same thing I was asking in a previous thread last week.

Dan


On Mon, Feb 4, 2013 at 8:48 AM, Ilya Shakhat <ishakhat at mirantis.com> wrote:

> Maybe I don't see it quite correctly, but both L3 and DHCP agents operate
> with processes running on network controller, however HAProxy is VM that is
> launched on demand by Nova and it is not planned to contain any of
> OpenStack modules. That's why we faced the need to be able to communicate
> between host and tenant networks. The most similar code is from
> 'quantum-debug ping-all', where a new port is created inside target network
> and then command is executed in shell (using ip netns if needed).
>
> Ilya
>
>
> 2013/2/4 Mark McClain <mark.mcclain at dreamhost.com>
>
>> Why do you need to access tenant VMs?  Could you not use namespaces on a
>> network host(s) and let the HAProxy agent manipulate the processes
>> directly.  This is how the L3 and DHCP agents work.  Namespaces also
>> require less resources than using service VMs.
>>
>> mark
>>
>>
>> On Feb 4, 2013, at 8:06 AM, Oleg Bondarev <obondarev at mirantis.com> wrote:
>>
>> Hi guys,****
>> ** **
>> Within LBaaS effort we need to configure HAProxy service which is running
>> on one of tenant’s VMs in a certain subnet.****
>>  Initially we were planning to configure two interfaces on such HAProxy
>> VMs – one for tenant network and other for provider network – thus having
>> an ability to simply reach the VM by ssh using an ip from provider network.
>> ****
>> But finally we found this way inappropriate because it overloads provider
>> network and provides an ability to a tenant to access provider network
>> which is not good as well.****
>> ** **
>> So I’d like to find a proper way of reaching tenant’s VM to be able to
>> execute commands on it.****
>> In Quantum code I found that it can be done by using ‘ip netns exec’
>> (quantum/debug/debug_agent.py: QuantumDebugAgent.exec_command()) which is
>> close to what I need. Are there any better ways to do it in quantum?****
>> ** **
>> Thanks,****
>> Oleg****
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130204/e09a1958/attachment.html>