[openstack-dev] [Neutron] reservation of fixed ip

Mohammad Banikazemi mb at us.ibm.com
Fri May 23 02:41:20 UTC 2014


Well, for a use case we had in mind we were trying to figure out how to
simply get an IP address on a subnet. We essentially want to use such an
address internally by the controller and make sure it is not used for a
port that gets created on a network with that subnet. In this use case, an
interface to IPAM for removing an address from the pool of available
addresses (and the interface to possibly return the address to the pool)
would be sufficient.

Mohammad



From:	Carl Baldwin <carl at ecbaldwin.net>
To:	"OpenStack Development Mailing List (not for usage questions)"
            <openstack-dev at lists.openstack.org>,
Date:	05/22/2014 06:19 PM
Subject:	Re: [openstack-dev] [Neutron] reservation of fixed ip



If an IP is reserved for a tenant, should the tenant need to
explicitly ask for that specific IP to be allocated when creating a
floating ip or port?  And it would pull from the regular pool if a
specific IP is not requested.  Or, does the allocator just pull from
the tenant's reserved pool whenever it needs an IP on a subnet?  If
the latter, then I think Salvatore's concern still a valid one.

I think if a tenant wants an IP address reserved then he probably has
a specific purpose for that IP address in mind.  That leads me to
think that he should be required to pass the specific address when
creating the associated object in order to make use of it.  We can't
do that yet with all types of allocations but there are reviews in
progress [1][2].

Carl

[1] https://review.openstack.org/#/c/70286/
[2] https://review.openstack.org/#/c/83664/

On Thu, May 22, 2014 at 12:04 PM, Sławek Kapłoński <slawek at kaplonski.pl>
wrote:
> Hello
>
>
> Dnia Wed, 21 May 2014 23:51:48 +0100
> Salvatore Orlando <sorlando at nicira.com> napisał:
>
>> In principle there is nothing that should prevent us from
>> implementing an IP reservation mechanism.
>>
>> As with anything, the first thing to check is literature or "related
>> work"! If any other IaaS system is implementing such a mechanism, is
>> it exposed through the API somehow?
>> Also this feature is likely to be provided by IPAM systems. If yes,
>> what constructs do they use?
>> I do not have the answers to this questions, but I'll try to document
>> myself; if you have them - please post them here.
>>
>> This new feature would probably be baked into neutron's IPAM logic.
>> When allocating an IP, first check from within the IP reservation
>> pool, and then if it's not found check from standard allocation pools
>> (this has non negligible impact on availability ranges management, but
>> these are implementation details).
>> Aspects to consider, requirement-wise, are:
>> 1) Should reservations also be classified by "qualification" of the
>> port? For instance, is it important to specify that an IP should be
>> used for the gateway port rather than for a floating IP port?
>
> IMHO it is not required when IP is reserved. User should have
> possibility to reserve such IP for his tenant and later use it as he
> want (floating ip, instance or whatever)
>
>> 2) Are reservations something that an admin could specify on a
>> tenant-basis (hence an admin API extension), or an implicit mechanism
>> that can be tuned using configuration variables (for instance create
>> an IP reservation a for gateway port for a given tenant when a router
>> gateway is set).
>>
>> I apologise if these questions are dumb. I'm just trying to frame this
>> discussion into something which could then possibly lead to
>> submitting a specification.
>>
>> Salvatore
>>
>>
>> On 21 May 2014 21:37, Collins, Sean <Sean_Collins2 at cable.comcast.com>
>> wrote:
>>
>> > (Edited the subject since a lot of people filter based on the
>> > subject line)
>> >
>> > I would also be interested in reserved IPs - since we do not deploy
>> > the layer 3 agent and use the provider networking extension and a
>> > hardware router.
>> >
>> > On Wed, May 21, 2014 at 03:46:53PM EDT, Sławek Kapłoński wrote:
>> > > Hello,
>> > >
>> > > Ok, I found that now there is probably no such feature to reserve
>> > > fixed ip for tenant. So I was thinking about add such feature to
>> > > neutron. I mean that it should have new table with reserved ips
>> > > in neutron database and neutron will check this table every time
>> > > when new port will be created (or updated) and IP should be
>> > > associated with this port. If user has got reserved IP it should
>> > > be then used for new port, if IP is reserver by other tenant - it
>> > > shouldn't be used. What You are thinking about such possibility?
>> > > Is it possible to add it in some future release of neutron?
>> > >
>> > > --
>> > > Best regards
>> > > Sławek Kapłoński
>> > > slawek at kaplonski.pl
>> > >
>> > >
>> > > Dnia Mon, 19 May 2014 20:07:43 +0200
>> > > Sławek Kapłoński <slawek at kaplonski.pl> napisał:
>> > >
>> > > > Hello,
>> > > >
>> > > > I'm using openstack with neutron and ML2 plugin. Is there any
>> > > > way to reserve fixed IP from shared external network for one
>> > > > tenant? I know that there is possibility to create port with IP
>> > > > and later connect VM to this port. This solution is almost ok
>> > > > for me but problem is when user delete this instance - then
>> > > > port is also deleted and it is not reserved still for the same
>> > > > user and tenant. So maybe there is any solution to reserve it
>> > > > "permanent"? I know also about floating IPs but I don't use L3
>> > > > agents so this is probably not for me :)
>> > > >
>> > >
>> > > _______________________________________________
>> > > OpenStack-dev mailing list
>> > > OpenStack-dev at lists.openstack.org
>> > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >
>> > --
>> > Sean M. Collins
>> > _______________________________________________
>> > OpenStack-dev mailing list
>> > OpenStack-dev at lists.openstack.org
>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >
>
> --
> Best regards
> Sławek Kapłoński
> slawek at kaplonski.pl
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140522/09bcec14/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140522/09bcec14/attachment.gif>


More information about the OpenStack-dev mailing list