[Openstack-operators] Stack with external vlan and intranet vlan

Ignazio Cassano ignaziocassano at gmail.com
Sat Jul 25 10:38:35 UTC 2015


You are very kind, thank you.
I have only anothe doubt.
When in a normal scenario you create the external net, you also create an
openvswtch bridge (br-ex) on the network node and add the nic   interface
you have configuret for internet access.
In our scenario we must have another interface in the intranet network :
must we create a bridge and add the intranet interface?
Must we modify any neutron configuration file to expose the new bridge ?
Regards
Ignazio
Il giorno 25/lug/2015 12:16, "Antonio Messina" <antonio.s.messina at gmail.com>
ha scritto:

> Hi Ignazio,
>
> I did something similar, but it's not yet production so I don't know
> if there are any caveats or better solutions, maybe some neutron
> expert can tell us more.
>
> In principle you can create a neutron network on a specific vlan,
> assuming the compute nodes will have direct access to that vlan.
>
> neutron net-create intranet \
>  --provider:network_type vlan \
>  --provider:segmentation_id 308 \
>  --provider:physical_network vlannet
>
> neutron subnet-create intranet \
>  --name vlan308 \
>  192.168.160.0/22 \
>  --no-gateway \
>  --disable-dhcp
>
> Now this network is not shared, so it will only be available in the
> current tenant, or if the user has the "admin" role.
>
> It also have no dhcp. In our case this is important because we already
> have a dhcp server running on our intranet, but I don't know if this
> is an actual problem, and if the dhcp-agent will just ignore
> DHCPREQUEST for unknown mac addresses. This also means that your VM
> will not get an IP automatically, but for me this is not a problem
> because it's a secondary interface and I will setup the IP address
> statically on those VMs.
>
> In order to start a VM with an interface on that network, you have to
> create a "port". You can also chose the IP adress:
>
> neutron port-create
>   --fixed-ip
> subnet_id=ef600ffb-0cad-47ca-8ab2-e488b96a5e58,ip_address=192.168.163.1
>   --name vm1-vlan308 intranet
>
> (replace the id of the subnet with the correct one)
>
> then, you can start a VM using:
>
> nova boot [...] --nic port-id=6fa3a4a4-f840-4173-b00d-0cc5c9628d30
>
> (replace the ID of the port with the correct one)
>
> Please note that by default neutron set up iptables rules for the VM
> port based on the IP assigned by neutron, so if you try to assign a
> different IP to the VM it will not work.
>
> .a.
>
> On Sat, Jul 25, 2015 at 7:28 AM, Ignazio Cassano
> <ignaziocassano at gmail.com> wrote:
> > Hy guys, I would like to setup a private cloud for my company with
> openstack
> > kilo.
> > I read openstack kilo documentation for centos 7  where the suggested
> > scenario  provides a configuration with an external vlan (internet), a
> > managent vlan, a tunnel vlan and a stotage vlan.
> > I would like to add a nic on the intranet vlian for install some virtual
> > machines directly  on my company network .
> > Could anyhone help me with an example based on the following data?
> > Storage vlan 500
> > external vlan 300
> > tunnel vlan 600
> > mgmt vlan 307
> > intranet vlan 308
> >
> > Regards
> > Ignazio
> >
> >
> > _______________________________________________
> > OpenStack-operators mailing list
> > OpenStack-operators at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
> >
>
>
>
> --
> antonio.s.messina at gmail.com
> antonio.messina at uzh.ch                     +41 (0)44 635 42 22
> S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
> University of Zurich
> Winterthurerstrasse 190
> CH-8057 Zurich Switzerland
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150725/c1fd665a/attachment.html>


More information about the OpenStack-operators mailing list