[Openstack] Openstack Mitaka - Neutron configuration
Matt Kassawara
mkassawara at gmail.com
Fri Jun 3 17:04:54 UTC 2016
You can use the management interface in the Linux bridge agent interface
mappings, but using a single interface for management and instances with
Linux bridge requires some additional configuration at the host level to
prevent the Networking service from breaking management connectivity. Also,
DHCP will leak into the entire 10.66.66/24 network unless you apply ACLs on
upstream network devices.
On Thu, Jun 2, 2016 at 10:42 AM, Laurent Dumont <ldumont at coldnorthadmin.com>
wrote:
> Hi!
>
> I have a small question regarding the Neutron configuration in Mitaka. I
> have been following the Ubuntu 14.04 guide with the provider and
> self-service model. Everything works fine and I can get an public ip
> address or a private one depending on where I spawn the instance. That
> said, is it possible to bridge the VM directly on the same network as the
> Openstack nodes? Basically, if I'm using 10.66.66.0/24 on the management
> network with both Openstack nodes using static IPs from that pool, is there
> a way to create an new network that would allow traffic from the instances
> to exit directly on the management interfaces? I'm aware that it's not a
> recommended setup as you would want to segment instances traffic from
> traffic related to controller nodes.
>
> I would use NAT on the 10.66.66.0/24 network somewhere else. Is there a
> way for the DHCP instance to only work within the internal Openstack
> network? Assuming that it's possible to bridge the management with the
> instances, I would not want DHCP to leak beyond the Openstack instances.
>
> Ouf, that's a lot of stuff!
>
> Thanks for any info.
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160603/c66b151b/attachment.html>
More information about the Openstack
mailing list