Open Stack

Kevin,

Thank you for your valuable insight here.  Comments inline...

On Wed, Mar 25, 2015 at 10:09 AM, Kevin Benton <blak111 at gmail.com> wrote:
> This is a nice option for smaller deployments that didn't need the
> complexity of NAT. From a custom L3 plugin perspective, it also eliminated
> any single points of failure pretty easily since no NAT state had to be
> distributed.

Good to know.

> However, it was difficult to use with tenant self-service since one tenant
> could create a subnet that ate up the whole routing space. It basically
> required that the networking was done by an admin or that the entire
> deployment was shared by a group of users trusted to do the right thing.

Sounds like subnet allocation with the associated quota mechanism
would fit the bill here.  In fact, subnet pools were designed with
exactly this kind deployment in mind.  Especially for ipv6.

> My main interest in the IPAM work was to support fully routable deployments
> like this. Once IPAM has a workflow that covers tenant subnet allocation
> from a subnet pool shared by the whole deployment, I think deprecation of
> the "allow_overlapping_ips" option makes perfect sense since the operator
> can just create a single global subnet pool to simulate it.

This is exactly where I was thinking of going with this.  I think Ryan
is going to -- or has already -- made subnet pools mutually exclusive
with the allow_overlapping_ips=False because I didn't even want to
think about making the two modes interoperable.  It sounds like that
might be an acceptable thing to do given this feedback.

Carl