[Openstack-operators] Networking architecture question: communication between tenants
Michaël Van de Borne
michael.vandeborne at cetic.be
Mon Nov 3 09:25:07 UTC 2014
Hello,
I'm building a private cloud in which I'd like Application Server
instances from separate tenants to access the same unique cloud-wide
Galera cluster (which would have its own tenant).
I'm wondering what the best network topology would be to achieve this.
The constraint is that tenant A Application Server instances should not
see Tenant B App Servers.
- should I go with a per-tenant router topology? and assign 2 NICs to
App Server instances: first one in their tenant network, second one in
Galera cluster tenant? is that possible?
- should I go with one router for all tenants?
- should the Galera cluster only be accessed from its floating IPs in
order to avoid all communication between tenants?
Am I missing something?
Your architectural thoughts are welcome.
thank you,
cheers,
michaël
--
Michaël Van de Borne
R&D Engineer, SOA team, CETIC
Phone: +32 (0)71 49 07 45 Mobile: +32 (0)472 69 57 16, Skype: mikemowgli
www.cetic.be, rue des Frères Wright, 29/3, B-6041 Charleroi
More information about the OpenStack-operators
mailing list