<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 10, 2015 at 1:51 AM, Li, Chen <span dir="ltr"><<a href="mailto:chen.li@intel.com" target="_blank">chen.li@intel.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div link="blue" vlink="purple" lang="EN-US">
<div>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">Hi list,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">I’m trying to understand how manila use NFS-Ganesha, and hope to figure out what I need to do to use it if all patches been merged (only one patch is under reviewing, right ?).<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">I have read:<u></u><u></u></span></p>
<p class="MsoNormal"><a href="https://wiki.openstack.org/wiki/Manila/Networking/Gateway_mediated" target="_blank">https://wiki.openstack.org/wiki/Manila/Networking/Gateway_mediated</a><u></u><u></u></p>
<p class="MsoNormal"><a href="https://blueprints.launchpad.net/manila/+spec/gateway-mediated-with-ganesha" target="_blank">https://blueprints.launchpad.net/manila/+spec/gateway-mediated-with-ganesha</a><u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">From documents, it is said, within Ganesha, multi-tenancy would be supported:<u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-family:"Times New Roman","serif"">And later the Ganesha core would be extended to use the infrastructure used by generic driver to provide network separated multi-tenancy. The core would manage Ganesha service running
in the service VMs, and the VMs themselves that reside in share networks.<u></u><u></u></span></b></p>
<p class="MsoNormal"><b><span style="font-family:"Times New Roman","serif""><u></u> <u></u></span></b></p>
<p style="margin-left:0.25in">
<u></u><span style="font-family:Wingdings"><span>ð<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-family:"Times New Roman","serif"">it is said :
<b>extended to use the infrastructure used by generic driver to provide network separated multi-tenancy</b><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">So, when user create a share, a VM (share-server) would be created to run Ganesha-server.<u></u><u></u></span></p>
<p style="margin-left:0.25in">
<u></u><span style="font-family:Wingdings"><span>ð<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-family:"Times New Roman","serif"">I assume this VM should connect the 2 networks : user’s share-network and the network where Glusterfs cluster is running.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">But, in generic driver, it create a manila service network at beginning.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">When user create a share, a “subnet” would be created in manila service network corresponding to each user’s “share-network”:<b>
</b><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">This means every VM(share-server) generic driver has created are living in different subnets, they’re not able to connect to each other.</span></p></div></div></blockquote><div><br></div><div>When you say VM, its confusing, whether you are referring to service VM or tenant VM. Since you are also saying share-server, I presume you mean service VM!<br><br>IIUC each share-server VM (also called service VM) is serving all VMs created by a tenant. In other words, generic driver creates 1 service VM per tenant, and hence serves all the VMs (tenant VMs) created by that tenant<br></div><div>Manila experts on the list can correct me if I am wrong here. Generic driver creates service VM (if not already present for that tenant) as part of creating a new share and connect the tenant network to the service VM network via neutron router (creates ports on the router which helps connect the 2 different subnets), thus the tenant VMs can ping/access the service VM. There is no question and/or need to have 2 service VMs talk to each other, because they are serving different tenants, thus they need to be isolated!<br><br></div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div link="blue" vlink="purple" lang="EN-US"><div><p class="MsoNormal"><span style="font-family:"Times New Roman","serif""><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">If my understanding here is correct, the VMs that running Ganesha are living the different subnets too.<u></u><u></u></span></p>
<p style="margin-left:0.25in">
<u></u><span style="font-family:Wingdings"><span>ð<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-family:"Times New Roman","serif"">Here is my question:<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-family:"Times New Roman","serif"">How VMs(share-servers) running Ganesha be able to connect to the single Glusterfs cluster ?</span></p></div></div></blockquote><div><br></div><div><br></div><div>Typically GlusterFS will be deployed on storage nodes (by storage admin) that are NOT part of openstack. So having the share-server talk/connect with GlusterFS is equivalent to saying "Allow openstack VM to talk with non-openstack nodes", in other words "Connect the neutron network to non-neutron network (also called provider/host network)". <br><br>This is achieved by ensuring your openstack Network node is configured to forward tenant traffic to provider network, which involves neutron skills and some neutron black magic :)<br></div><div>To know what this involves, pls see section "Setup devstack networking to allow Nova VMs access external/provider network" in my blog @ <a href="http://dcshetty.blogspot.in/2015/01/using-glusterfs-native-driver-in.html">http://dcshetty.blogspot.in/2015/01/using-glusterfs-native-driver-in.html</a><br><br></div><div>This should be taken care by your openstack network admin who should configure the openstack network node to allow this to happen, this isn't a Manila / GlusterFS driver responsibility, rather its an openstack deployment option thats taken care by the network admins during openstack deployment.<br><br></div><div><b>Disclaimer: I am not neutron expert, so feel free to correct/update me<br><br></b></div><div>HTH, <br><br>thanx,<br>deepak<b><br></b></div><br></div><br></div></div>