[openstack-dev] [Neutron] L3 HA VRRP concerns
Sylvain Afchain
sylvain.afchain at enovance.com
Mon Mar 3 09:13:04 UTC 2014
Hi everyone,
Sorry for the late reply, I was on vacation :)
See, inline comments
-Sylvain
----- Original Message -----
> From: "Assaf Muller" <amuller at redhat.com>
> 1) Is there a way through the API to know, for a given router, what agent is
> hosting
> the active instance? This might be very important for admins to know.
Do you mean keepalived active instance or where the active instance was scheduled ?
Currently only the vrid is returned by the router-show command. I agree with you it's a important thing, I'll try to address it.
> 2) The current approach is to create an administrative network and subnet for
> VRRP traffic per router group /
> per router. Is this network counted in the quota for the tenant? (Clearly it
> shouldn't). Same
> question for the HA ports created for each router instance.
The current approach is to create a admin network/subnet per tenant not per router and this admin network/subnet is not set to any tenant.
> 3) The administrative network is created per router and takes away from the
> VLAN ranges if using
> VLAN tenant networks (For a tunneling based deployment this is a non-issue).
> Maybe we could
> consider a change that creates an administrative network per tenant (Which
> would then limit
> the solution to up to 255 routers because of VRRP'd group limit), or an admin
> network per 255
> routers?
see 2)
> 4) Maybe the VRRP hello and dead times should be configurable? I can see
> admins that would love to
> up or down these numbers.
Sure, I started to introduce it.
> 5) The administrative / VRRP networks, subnets and ports that are created -
> Will they be marked in any way
> as an 'internal' network or some equivalent tag? Otherwise they'd show up
> when running neutron net-list,
> in the Horizon networks listing as well as the graphical topology drawing
> (Which, personally, is what
> bothers me most about this). I'd love them tagged and hidden from the normal
> net-list output,
> and something like a 'neutron net-list --all' introduced.
I agree, will be a nice improvement, maybe addressed in another BP ?
> 6) The IP subnet chosen for VRRP traffic is specified in neutron.conf. If a
> tenant creates a subnet
> with the same range, and attaches a HA router to that subnet, the operation
> will fail as the router
> cannot have different interfaces belonging to the same subnet. Nir suggested
> to look into using
> the 169.254.0.0/16 range as the default because we know it will (hopefully)
> not be allocated by tenants
Yes we could change the default value in the neutron.conf file.
More information about the OpenStack-dev
mailing list