[Openstack-operators] Small openstack

Antonio Messina antonio.s.messina at gmail.com
Thu Jan 8 11:01:40 UTC 2015


On Thu, Jan 8, 2015 at 11:53 AM, gustavo panizzo (gfa) <gfa at zumbi.com.ar> wrote:
> On 01/08/2015 06:36 PM, Antonio Messina wrote:
>> On Fri, Dec 26, 2014 at 12:31 AM, George Shuklin
>> <george.shuklin at gmail.com> wrote:
>>>
>>> Report on progress so far:
>>>
>>> I was able to fix policies (nova/neutron) to allow tennants to plug to
>>> 'own'
>>> external networks, found and report few bugs about error messaging in
>>> ML2,
>>> got working dhcp-agent (on external network! haha). Right now it works
>>> with
>>
>>
>> Can you please be a bit more specific on the issues and bug reports? I
>> did some testing on this kind of setup, and as far as I understand
>> Neutron in Juno does not allow you to change the policy for one
>> specific network, so the best I could do is to allow *any* tenant to
>> plug a port on *any* external network, while in my setup I would like
>> to only allow tenants to plug an interface on one specific external
>> network (I will create different "external" networks of this kind)
>
>
> i may be wrong as i haven't tested that on juno, but in icehouse and havana
> i've setup external/provider networks one for each tenant

Ah, ok, this is the point. What I would like to have instead is

1) one big external network with routable, private IPs, to be used by *any*
   tenant (where any tenant can plug ports)

2) one external network with public IPs, to be used as floating IPs
   (where tenants cannot plug ports)

3) small external networks dedicated to a tenant

You are only implementing 3), and it should work on Juno.

> you may need to apply a patch for BUG #1352102 (i'm not sure if it made it
> into juno)

I will take a look at the bug.

.a.

-- 
antonio.s.messina at gmail.com
antonio.messina at uzh.ch                     +41 (0)44 635 42 22
S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
University of Zurich
Winterthurerstrasse 190
CH-8057 Zurich Switzerland



More information about the OpenStack-operators mailing list