[Openstack] [neutron] - vlan-aware-vms

Armando M. armamig at gmail.com
Tue Aug 2 21:49:20 UTC 2016 

On 29 July 2016 at 12:59, Martinx - ジェームズ <thiagocmartinsc at gmail.com> wrote:

> Quick question:
>
> Can I start testing Newton VLAN Aware VMs now (Beta 2)?
>
> Thanks,
> Thiago
>
>
If you're paying close attention the LinuxBridge version is almost
functional, and the OVS one is coming along. I'd advise to wait a tad
longer. I am trying to keep [1] up to date, so you might want to check that
out before pulling down  the code.

[1] https://blueprints.launchpad.net/neutron/+spec/vlan-aware-vms


> On 22 July 2016 at 04:45, Kevin Benton <kevin at benton.pub> wrote:
>
>> Since they are essentially regular ports in the neutron data model, the
>> regular rules for attaching to networks would apply. So you can should be
>> able to create a sub-port on another network if that network is shared with
>> you (either globally shared or via RBAC).
>>
>> On Wed, Jul 13, 2016 at 8:55 AM, Farhad Sunavala <fsbiz at yahoo.com> wrote:
>>
>>>
>>> Below is the latest spec for vlan-aware-vms
>>>
>>>
>>> https://specs.openstack.org/openstack/neutron-specs/specs/newton/vlan-aware-vms.html
>>> <https://specs.openstack.org/openstack/neutron-specs/specs/liberty/vlan-aware-vms.html>
>>>
>>>
>>>
>>> I have a quick question on the above. (multi-tenancy).
>>>
>>> Assume the case of nested containers in a VM.
>>>
>>> Yes, the containers can be in different networks of the same tenant and
>>> the above blue-print will handle the case very well.
>>> How does it work when the containers are in different networks in
>>> different tenants ?
>>>
>>> The trick is to create neutron ports (for the subports) and then link
>>> them to the trunk port using
>>>
>>> neutron trunk-subport-add TRUNK \
>>>    PORT[,SEGMENTATION-TYPE,SEGMENTATION-ID] \
>>>    [PORT,...]
>>>
>>>
>>> In the above command all the neutron ports (trunk  ports and subports)
>>> must be in the same tenant.
>>> As far as I know, a tenant will not see neutron ports from another
>>> tenant.    Or will this command allow
>>> neutron ports from different tenants to be attached ?
>>>
>>> Solution1:
>>>
>>>
>>> C1(ten1)   C2(ten2)
>>> |                   |
>>> --------------------------------
>>> OVS bridge inside VM
>>> --------------------------------
>>> |
>>> | Trunk port
>>> |
>>> ------------------------
>>> br-trunk (vlan-aware-vms spec)
>>> --------------------------------------------
>>>
>>> E.g.  VM "X" consists of containers C1 in Tenant 1 with portID = C10000
>>> (network dn1)
>>> container C2 in Tenant 2 with portID = C20000 (network dn2)
>>> The trunk port of VM "X" is in tenant 100 with portID = T10000 (network
>>> dt)
>>>
>>> Will the above command allow a neutron trunk to have neutron sub-ports
>>> in different tenants ?
>>>
>>> neutron trunk-subport-add T10000 \
>>>    A  vlan 10000 \
>>>    B vlan 20000
>>>
>>>
>>> Solution2:
>>> Have a separate trunk port for each tenant connected to the vM
>>>
>>> C1(Ten1)    C2(Ten2)
>>> |                    |
>>> |                    |
>>> -------------------------------
>>> OVS bridge inside VM
>>> --------------------------------
>>> |                              |
>>> |Trunk(Ten1)          | (Trunk(Ten2)
>>> |                              |
>>> ---------------------------------
>>> br-trunk (vlan-aware-vms spec)
>>> ---------------------------------------
>>>
>>> If the approach is solution2, then the issue is that Nova will not
>>> allow a neutron port to be attached to a VM (if the neutron port
>>> belongs to another tenant).
>>>
>>>
>>> Any pointers will be highly appreciated.
>>>
>>> thanks,
>>> Farhad.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160802/a2ce2f13/attachment.html>

More information about the Openstack mailing list