[Openstack] Quantum duplicate subnet creation
Balamurugan V G
balamuruganvg at gmail.com
Fri Jan 18 05:09:38 UTC 2013
I have a related question. Though setting allow_overlapping_ips to True
works, the comment above this setting states that this should be left as
False if nova security and/or metadata service is used.
# Enable or disable bulk create/update/delete operations
# allow_bulk = True
# Enable or disable overlapping IPs for subnets
# Attention: the following parameter MUST be set to False if Quantum is
# being used in conjunction with nova security groups and/or metadata
service.
# allow_overlapping_ips = False
allow_overlapping_ips = True
Can some one thought more light on this?
Regards,
Balu
On Thu, Jan 17, 2013 at 3:05 PM, Balamurugan V G <balamuruganvg at gmail.com>wrote:
> Thanks a lot Aaron and Robert. That worked like a charm!
>
> I set the 'allow_overlapping_ips = True' in quantum.conf and rebooted the
> stack(wish there was an easy cli to restart individual projects/services or
> may be I dont know if one exists).
>
> And while still in a Flat network setup I could create the duplicate
> networks.
>
> root at openstack:~# nova list
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> | ID | Name | Status |
> Networks |
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> | f4762c79-e322-4ec5-8f62-ab2cbe156363 | A1 | ACTIVE | labnet=10.5.12.24;
> private1=192.168.168.4 |
> | 4bac873f-e081-460b-8bf8-95f8719081c7 | A2 | ACTIVE | labnet=10.5.12.22;
> private1=192.168.168.3 |
> | d7e47567-81eb-48a3-a2ca-63e1b5df8a08 | B1 | ACTIVE | labnet=10.5.12.23;
> private2=192.168.168.3 |
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> root at openstack:~#
>
> Instances A1 and* *A2 can communicate over the private network while B1
> cannot talk to A2 as desired and it doesnt complain about conflicting IP
> either.
>
> I am using the
> quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2 plugin.
>
> Regards,
> Balu
>
>
>
>
> On Thu, Jan 17, 2013 at 2:17 PM, Aaron Rosen <arosen at nicira.com> wrote:
>
>> Hi,
>>
>> Yup this is definitely possible. The reason why this isn't set by default
>> is that some distros don't ship kernels that build with CONFIG_NET_NS=y or
>> their iproute2 package is to outdated to support linux namespaces. Also,
>> until recently nova's metadata service didn't support overlapping ips. If
>> you are running ubuntu 12.04 you should be able to set:
>>
>> Q_ALLOW_OVERLAPPING_IP=True
>>
>> in your localrc to enable this.
>>
>> or edit your quantum.conf here and restart quantum to enable overlapping
>> ips.
>>
>> # Enable or disable overlapping IPs for subnets
>> # Attention: the following parameter MUST be set to False if Quantum is
>> # being used in conjunction with nova security groups and/or metadata
>> service.
>> # allow_overlapping_ips = False
>>
>>
>> Aaron
>>
>> p.s: I don't think this will work in a flat network setup though since
>> there is no way to isolate that. What plugin are you using?
>> > I have the following networks in a flat network setup.
>>
>>
>> On Thu, Jan 17, 2013 at 2:52 AM, Balamurugan V G <balamuruganvg at gmail.com
>> > wrote:
>>
>>> Hi,
>>>
>>> Is there a way to create a duplicate network/subnet for tenant in
>>> quantum. Basically for a tenant, I want to have some instances(GroupA)
>>> share a subnet and another set of instances(GroupB) share the
>>> same(duplicate) subnet but GroupA and GroupB should be isolated. I have
>>> labnet which is the flat network to which one instance from each group is
>>> assigned for external connectivity. Then I want to have two private
>>> networks private1 and private2 both sharing the same subnet but I was to
>>> assign some instances to private1 and some in private2.
>>>
>>> I have the following networks in a flat network setup.
>>>
>>> root at openstack:~# quantum subnet-list
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> | id | name | cidr |
>>> allocation_pools |
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> | abb62a74-ad15-452c-857f-ee0a1b388ede | | 192.168.168.0/24 |
>>> {"start": "192.168.168.2", "end": "192.168.168.254"} |
>>> | eedc0c12-c3ed-42ce-a860-692e766087a2 | | 10.5.12.0/24 |
>>> {"start": "10.5.12.21", "end": "10.5.12.25"} |
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> root at openstack:~#
>>>
>>>
>>> Now, the following gets denied.
>>>
>>> root at openstack:~# quantum subnet-create --tenant-id
>>> 7cda178971e84c5194c8531bf4f229d7 private2 192.168.168.0/24
>>> Invalid input for operation: Requested subnet with cidr:
>>> 192.168.168.0/24 for network: 64ec75d6-0c6f-44e1-a268-b573324c4160
>>> overlaps with another subnet.
>>> root at openstack:~#
>>>
>>> I understand that a duplicate network with a tenant is not a common
>>> scenario and perhaps by design its not allowed.
>>>
>>> But there could be cases like I mentioned.
>>>
>>> Strangely, I am not allowed to create the duplicate network even across
>>> tenants. Atleast this should be allowed.
>>>
>>> BTW, I am running a single node Devstack.
>>>
>>> Regards,
>>> Balu
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to : openstack at lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130118/53efe10f/attachment.html>
More information about the Openstack
mailing list