<div dir="ltr">Hi,<div><br></div><div>Using the network strategy from the 'Installation Guide for Ubuntu' here:</div><div><br></div><div><a href="http://docs.openstack.org/icehouse/install-guide/install/apt/content/basics-networking-neutron.html">http://docs.openstack.org/icehouse/install-guide/install/apt/content/basics-networking-neutron.html</a></div>
<div><br></div><div>How might one adapt this for a production setup, perhaps in the context of security?</div><div> </div><div>What are the needed configuration changes for such an adaptation?</div><div><br></div><div>A couple of thoughts that lead me to throwing this question out to the mailing list:</div>
<div><br></div><div>*With the controller node having only one NIC, all management communication is passing through the same NIC as user API or dashboard traffic. Wouldn't it be better to move user facing services, such as the dashboard to another 'external' interface, thus keeping the management network and interface isolated from external traffic?</div>
<div><br></div><div>*Possibly related, how would the API service endpoint URLs be affected by this change, or how should they be configured? (publicurl, internalurl, adminurl) As an aside, where might I find a good explanation of the respective roles of these URLs?</div>
<div><br></div><div>Regards,<br clear="all"><div><br></div><div dir="ltr"><div>Daniel</div><div><br></div></div>
</div></div>