[Openstack-operators] VM with a public IP

Matt Joyce matt at nycresistor.com
Mon Aug 13 22:53:56 UTC 2012

Paul, it's a cloud.  It's a fairly reasonable design assumption to
believe anyone launching such a service has at least some moderate
level of control over their own resources.  But hell, maybe I'm just
not seeing some awesome new way to use openstack.


Here's a thought for a simple external work around.  You basically
create your own router for your cloud.

So example:

  You get a grab bag of IPs on a bunch of virtual interfaces you fire
up on your router interface facing the university network...     eth2:2   eth2:3   eth2:4 eth2:5   eth2:6

you take these and setup some nat rules to map them      <-->    <-->    <-->  <-->    <-->

then setup a gateway interface ala  eth1

Then you configure openstack to route its public interface on that network.  And that's your floating ip range.

Openstack doesn't care.  And you are still direct natting full ips.
So it's a bit of a kludge but from the description this sounds like a
kludge is unavoidable atm.


On Mon, Aug 13, 2012 at 2:55 PM, Paul Walton <paul.d.walton at gmail.com> wrote:
> Unfortunately, I do not manage the network, and do not have access to the
> DHCP server.  This means that I do not have a subnet of IPs that I can
> simply hand out freely to my VMs.  If I want a VM to have a public IP then
> it must make a request to the campus DHCP server.  There are special cases
> where I can assign static IPs to servers, but this is infeasible for the
> majority of the VMs I will create since they will be used by students to
> complete assignments in class, and will only exist during the course of a
> semester.
> So, as I understand things so far, OpenStack assumes that I have my own
> subnet of public IPs that I can freely use for my VMs?  I can't imagine this
> being a reasonable design assumption to make on their part.  Perhaps I'm
> overlooking something?
> On Mon, Aug 13, 2012 at 4:40 PM, Matt Joyce <matt.joyce at cloudscaling.com>
> wrote:
>> I was thinking that as well.  But the only reason I could think of that
>> he'd be forced to grab public IPs from dhcp was that he had no access to the
>> DHCP server and network infrastructure.  I just kind of assumed that would
>> mean that nova would not be able to allocate the IP for intance in any
>> manner congruent with nova's needs.
>> -Matt
> --
> Paul Walton
> University of Arkansas
> College of Engineering
> CSCE Technical Support Team
> J.B. Hunt Building, Room 440
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

More information about the OpenStack-operators mailing list