Open Stack

Quick question:

Can I start testing Newton VLAN Aware VMs now (Beta 2)?

Thanks,
Thiago

On 22 July 2016 at 04:45, Kevin Benton <kevin at benton.pub> wrote:

> Since they are essentially regular ports in the neutron data model, the
> regular rules for attaching to networks would apply. So you can should be
> able to create a sub-port on another network if that network is shared with
> you (either globally shared or via RBAC).
>
> On Wed, Jul 13, 2016 at 8:55 AM, Farhad Sunavala <fsbiz at yahoo.com> wrote:
>
>>
>> Below is the latest spec for vlan-aware-vms
>>
>>
>> https://specs.openstack.org/openstack/neutron-specs/specs/newton/vlan-aware-vms.html
>> <https://specs.openstack.org/openstack/neutron-specs/specs/liberty/vlan-aware-vms.html>
>>
>>
>>
>> I have a quick question on the above. (multi-tenancy).
>>
>> Assume the case of nested containers in a VM.
>>
>> Yes, the containers can be in different networks of the same tenant and
>> the above blue-print will handle the case very well.
>> How does it work when the containers are in different networks in
>> different tenants ?
>>
>> The trick is to create neutron ports (for the subports) and then link
>> them to the trunk port using
>>
>> neutron trunk-subport-add TRUNK \
>>    PORT[,SEGMENTATION-TYPE,SEGMENTATION-ID] \
>>    [PORT,...]
>>
>>
>> In the above command all the neutron ports (trunk  ports and subports)
>> must be in the same tenant.
>> As far as I know, a tenant will not see neutron ports from another
>> tenant.    Or will this command allow
>> neutron ports from different tenants to be attached ?
>>
>> Solution1:
>>
>>
>> C1(ten1)   C2(ten2)
>> |                   |
>> --------------------------------
>> OVS bridge inside VM
>> --------------------------------
>> |
>> | Trunk port
>> |
>> ------------------------
>> br-trunk (vlan-aware-vms spec)
>> --------------------------------------------
>>
>> E.g.  VM "X" consists of containers C1 in Tenant 1 with portID = C10000
>> (network dn1)
>> container C2 in Tenant 2 with portID = C20000 (network dn2)
>> The trunk port of VM "X" is in tenant 100 with portID = T10000 (network
>> dt)
>>
>> Will the above command allow a neutron trunk to have neutron sub-ports in
>> different tenants ?
>>
>> neutron trunk-subport-add T10000 \
>>    A  vlan 10000 \
>>    B vlan 20000
>>
>>
>> Solution2:
>> Have a separate trunk port for each tenant connected to the vM
>>
>> C1(Ten1)    C2(Ten2)
>> |                    |
>> |                    |
>> -------------------------------
>> OVS bridge inside VM
>> --------------------------------
>> |                              |
>> |Trunk(Ten1)          | (Trunk(Ten2)
>> |                              |
>> ---------------------------------
>> br-trunk (vlan-aware-vms spec)
>> ---------------------------------------
>>
>> If the approach is solution2, then the issue is that Nova will not
>> allow a neutron port to be attached to a VM (if the neutron port
>> belongs to another tenant).
>>
>>
>> Any pointers will be highly appreciated.
>>
>> thanks,
>> Farhad.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160729/d9d54ca9/attachment.html>