[Openstack-operators] nova-network in all compute nodes?????

Sergio Ariel de la Campa Saiz sacampa at gmv.com
Wed May 23 13:15:29 UTC 2012 

Hi Christian:

Thanks a lot!!!
Finally I´m gonna use multi nova-network since it is the one that fits better to my configuration. But I have a dout that hit me after I read your mail... network-nodes always do NAT, or by default they only route packets (no NAT) between private and public networks???

Once again... thanks.
Sergio Ariel
de la Campa Saiz
GMV-SES Infraestructura /
GMV-SES Infrastructure





GMV
Isaac Newton, 11
P.T.M. Tres Cantos
E-28760 Madrid
Tel.
+34 91 807 21 00
Fax
+34 91 807 21 99
 www.gmv.com








________________________________
De: openstack-operators-bounces at lists.openstack.org [openstack-operators-bounces at lists.openstack.org] En nombre de Christian Parpart [trapni at gmail.com]
Enviado el: miércoles, 23 de mayo de 2012 14:00
Para: Sergio Ariel de la Campa Saiz
CC: openstack-operators at lists.openstack.org
Asunto: Re: [Openstack-operators] nova-network in all compute nodes?????



On Wed, May 23, 2012 at 10:12 AM, Sergio Ariel de la Campa Saiz <sacampa at gmv.com<mailto:sacampa at gmv.com>> wrote:
Hi:

I have been reading the conversation between Lorin and Christian about nova-network HA, and I have a question that maybe one of them can answer me... or maybe any member of this group :-) :-)

This is my environment:

2 ubuntu servers, essex and VLAN networking:
- 1 controller with nova-network, glance, keystone, nova-api, nova-scheduler but NOT nova-compute
- 1 node: nova-compute only

In this configuration all my VM are going to be launched in the node since there is no nova-compute running in my controller. When I try to launch a VM appears a problem whith my network. I think that is because there is no nova-network installed in the node. Bridge and VLAN interfaces are created in the controller but they are not created in the node.

My question is: it is necessary to install nova-network in all compute nodes??

Thanks a lot.

Hey Sergio,

it is possible to either have a dedicated nova-network node (multi_host=False) or the other mode,
have nova-network running on every compute node (nova-compute).

While the latter is more HA-friendly, it chose the first, since the latter will also require
to have your public IP network available on every compute node and I (in my setup) just don't.

Whatever you chose, you'll need to take care of some decisions when writing nova.conf and when actually populating networks via nova-manage:

single nova-network node (may still have more, and HA'd via keepalived in active/passive mode, ye know):

    # /etc/nova/nova.conf
    # line below is only needed when you want to HA your single nova-network node (default: False)!:
    send_arp_for_ha=True
    # this one defaults to False anyways, but I added and documented it for clarity:
    multi_node=False
    # the following is need to SNAT your outgoing compute traffic to the nova-network node's public IP
    routing_source_ip=$your_nova_networks_public_ip

    nova-manage network create --multi_host=F --vlan=$VID --label=your-net --fixed_cidr=10.10.49.0/24<http://10.10.49.0/24> --project_id=$TENANT_ID

multi nova-network mode (meaning: one nova-network on same host as nova-compute):
    # /etc/nova/nova.conf
    multi_node=True
    enabled_apis=ec2,osapi_compute,osapi_volume,metadata

    nova-manage network create --multi_host=T --vlan=$VID --label=your-net --fixed_cidr=10.10.49.0/24<http://10.10.49.0/24> --project_id=$TENANT_ID

I hope this helps.

Also check /var/log/nova/nova-*.log

So long,
Christian Parpart.

______________________
This message including any attachments may contain confidential 
information, according to our Information Security Management System,
 and intended solely for a specific individual to whom they are addressed.
 Any unauthorised copy, disclosure or distribution of this message
 is strictly forbidden. If you have received this transmission in error,
 please notify the sender immediately and delete it.

______________________
Este mensaje, y en su caso, cualquier fichero anexo al mismo,
 puede contener informacion clasificada por su emisor como confidencial
 en el marco de su Sistema de Gestion de Seguridad de la 
Informacion siendo para uso exclusivo del destinatario, quedando 
prohibida su divulgacion copia o distribucion a terceros sin la 
autorizacion expresa del remitente. Si Vd. ha recibido este mensaje 
 erroneamente, se ruega lo notifique al remitente y proceda a su borrado. 
Gracias por su colaboracion.

______________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120523/90d5516b/attachment-0002.html>

More information about the Openstack-operators mailing list