[Openstack-operators] Stack with external vlan and intranet vlan

Antonio Messina antonio.s.messina at gmail.com
Sat Jul 25 10:16:37 UTC 2015 

Hi Ignazio,

I did something similar, but it's not yet production so I don't know
if there are any caveats or better solutions, maybe some neutron
expert can tell us more.

In principle you can create a neutron network on a specific vlan,
assuming the compute nodes will have direct access to that vlan.

neutron net-create intranet \
 --provider:network_type vlan \
 --provider:segmentation_id 308 \
 --provider:physical_network vlannet

neutron subnet-create intranet \
 --name vlan308 \
 192.168.160.0/22 \
 --no-gateway \
 --disable-dhcp

Now this network is not shared, so it will only be available in the
current tenant, or if the user has the "admin" role.

It also have no dhcp. In our case this is important because we already
have a dhcp server running on our intranet, but I don't know if this
is an actual problem, and if the dhcp-agent will just ignore
DHCPREQUEST for unknown mac addresses. This also means that your VM
will not get an IP automatically, but for me this is not a problem
because it's a secondary interface and I will setup the IP address
statically on those VMs.

In order to start a VM with an interface on that network, you have to
create a "port". You can also chose the IP adress:

neutron port-create
  --fixed-ip subnet_id=ef600ffb-0cad-47ca-8ab2-e488b96a5e58,ip_address=192.168.163.1
  --name vm1-vlan308 intranet

(replace the id of the subnet with the correct one)

then, you can start a VM using:

nova boot [...] --nic port-id=6fa3a4a4-f840-4173-b00d-0cc5c9628d30

(replace the ID of the port with the correct one)

Please note that by default neutron set up iptables rules for the VM
port based on the IP assigned by neutron, so if you try to assign a
different IP to the VM it will not work.

.a.

On Sat, Jul 25, 2015 at 7:28 AM, Ignazio Cassano
<ignaziocassano at gmail.com> wrote:
> Hy guys, I would like to setup a private cloud for my company with openstack
> kilo.
> I read openstack kilo documentation for centos 7  where the suggested
> scenario  provides a configuration with an external vlan (internet), a
> managent vlan, a tunnel vlan and a stotage vlan.
> I would like to add a nic on the intranet vlian for install some virtual
> machines directly  on my company network .
> Could anyhone help me with an example based on the following data?
> Storage vlan 500
> external vlan 300
> tunnel vlan 600
> mgmt vlan 307
> intranet vlan 308
>
> Regards
> Ignazio
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>



-- 
antonio.s.messina at gmail.com
antonio.messina at uzh.ch                     +41 (0)44 635 42 22
S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
University of Zurich
Winterthurerstrasse 190
CH-8057 Zurich Switzerland

More information about the OpenStack-operators mailing list