[Openstack] How to support for multiple external networks?

Hauke Bruno Wollentin hauke-bruno.wollentin at innovo-cloud.de
Fri Nov 20 13:50:51 UTC 2015 

As far as I understand the docs, it should be possible to create external (or 
general) networks with the "--tenant-id" parameter set. But I don't know 
wether for example networkA of tenantA will be display to other tenants too.

cheers,
hauke

---
original message
timestamp: Friday, November 20, 2015 12:24:40 AM
from: José Riguera López <jriguera at gmail.com>
to: Ray Sun <xiaoquqi at gmail.com>
cc: Openstack <openstack at lists.openstack.org>
subject: Re: [Openstack] How to support for multiple external networks?
message id: <CALL8wccy9Y5Ag-
Cyxe_=zg79iX1hjhojZoVz83prpGxNvdir+Q at mail.gmail.com>

> You can create a router in each project and attach it to the specific
> external network (via gw) ... but:
> 
> * With the default policy, the tenant can create another router for the
> other network. Quick solution: change the policy to not allow creating
> routers
> * I think it will be confusing for the users, they will see 2 ip allocation
> pools, if they choose the wrong allocation pool, wont work. You could
> pre-allocate a set of floating IPs per project and then change the policy
> to not allow allocating more ips to the tenants  ... (I haven't tried this!)
> * The users will see both external networks in the network topology  (not a
> big deal, I think) ...
> 
> More ideas?
> 
> Regards
> 
> 2015-11-19 23:32 GMT+01:00 Ray Sun <xiaoquqi at gmail.com>:
> > Hauke,
> > This is interesting, Is there any way to specify tenantA can only use
> > ext-subnet1 and tenantB only use ext-subnet2?
> > 
> > Thanks.
> > 
> > Best Regards
> > -- Ray
> > 
> > On Thu, Nov 19, 2015 at 7:27 PM, Hauke Bruno Wollentin <
> > 
> > hauke-bruno.wollentin at innovo-cloud.de> wrote:
> >> Hi Ray,
> >> 
> >> in general it is possible to use two (or more) subnets in one external
> >> network, but all instances then will get IPs from both subnets (if the
> >> floating IPs on subnetA are allocated, the next ones will be allocated
> >> from
> >> subnetB).
> >> 
> >> So you need to create two (non-shared, tenant specific) external
> >> networks. For
> >> the VLAN dedication you could use 1 L3 Agent per 1 external network.
> >> 
> >> cheers,
> >> hauke
> >> 
> >> ---
> >> original message
> >> timestamp: Thursday, November 19, 2015 06:18:06 PM
> >> from: Ray Sun <xiaoquqi at gmail.com>
> >> to: openstack at lists.openstack.org
> >> cc:
> >> subject: [Openstack] How to support for multiple external networks?
> >> message id: <CAMWzbMdFpGwq315FWQNu7k_gACG1ymiAg3PkG9Krpnd5M9-
> >> CEg at mail.gmail.com>
> >> 
> >> > I want to setup multiple external networks, but I don't know how to
> >> > make
> >> > this works.
> >> > 
> >> > Here's my user requirements:
> >> > There are two departments want to use my cloud, but as history problem,
> >> > they wants their VMs to use original IP range. DepA wants to use
> >> 
> >> floating
> >> 
> >> > ip in 192.168.66.0/24, DepB wants to use floating ip in 192.168.77.0/24
> >> 
> >> .
> >> 
> >> > I can create multiple subnets in my external network. But I am not
> >> > quite
> >> > sure if this can work in OpenStack. In my network environment,
> >> > 192.168.66.0/24 and 192.168.77.0/24 are two VLANs.
> >> > 
> >> > 
> >> > Anybody know how to implement this kind of scenarios? If this is not
> >> > possible, how can I design my architecture to meet the requirements.
> >> > 
> >> > Thanks.
> >> > 
> >> > Best Regards
> >> > -- Ray
> >> 
> >> --
> >> Hauke Bruno Wollentin
> >> (Infrastructure Engineer Cloud)
> >> _______________________________________________
> >> Mailing list:
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> Post to     : openstack at lists.openstack.org
> >> Unsubscribe :
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > 
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to     : openstack at lists.openstack.org
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
-- 
Hauke Bruno Wollentin
(Infrastructure Engineer Cloud)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151120/f8606a36/attachment.sig>

More information about the Openstack mailing list