[Openstack] Reaching VXLAN tenant networks from outside (without floating IPs)
Martinx - ジェームズ
thiagocmartinsc at gmail.com
Fri Jul 1 14:29:17 UTC 2016
You can use IPv6...
On 29 June 2016 at 15:17, Gustavo Randich <gustavo.randich at gmail.com> wrote:
> Hi operators...
>
> Transitioning from nova-network to Neutron (Mitaka), one of the key issues
> we are facing is how to reach VMs in VXLAN tenant networks without using
> precious floating IPs.
>
> Things that are outside Neutron in our case are:
>
> - in-house made application orchestrator: needs SSH access to instances to
> perform various tasks (start / shutdown apps, configure filesystems, etc.)
>
> - various centralized and external monitoring/metrics pollers: need SNMP /
> SSH access to gather status and trends
>
> - internal customers: need SSH access to instance from non-openstack VPN
> service
>
> - ideally, non-VXLAN aware traffic balancer appliances
>
>
>
> We have considered these approaches:
>
> - putting some of the external components inside a Network Node: inviable
> because components need access to multiple Neutron deployments
>
>
> - Neutron's VPNaaS: cannot figure how to configure a client-to-site VPN
> topology
>
> - integrate hardware switches capable of VXLAN VTEP: for us in this stage,
> it is complex and expensive
>
>
> - other?
>
>
> Thank you in advance,
> Gustavo
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160701/acb0dd46/attachment.html>
More information about the Openstack
mailing list