Open Stack

On Jun 16, 2016, at 1:10 AM, Kevin Benton wrote:

> It's essentially the equivalent of Amazon VPC: https://aws.amazon.com/vpc/

Ah, perfect. That cleared up a lot, I've worked with
VPCs before. Not much, but enough to get the picture.
Thanx!

So where do the routers and "ports" come into this?
And into the real network?


This is what my current network looks like:

+ [external_ip - internet]
  +- Gateway/Firewall (DHCP, DNS, NTP)
     + [192.168.4/24]  -+- Old VMs, Static IPs
     + [192.168.5/24]  -+- Old VMs, Dynamic IPs
     + [192.168.63/24] -+- Guest network
     + [192.168.69/24] -+- Physical machines
                           +- SAN (Block Storage - 30TB+/ZoL, LDAP, Kerberos V, SMB, AFP, AFS, NFS, iSCSI)
                           +- Current VM host
     + [10.0.0/16]     -+- Blade Center
                           + [10.0.1/24] -+- Management/iLO network (Blade Center 1)
                           + [10.0.2/24] -+- Management/iLO network (Blade Center 2)
                           + [10.0.3/24] -+- Blade Center 1 - Blade hosts, eth0
                           + [10.0.4/24] -+- Blade Center 1 - Blade hosts, eth1
                           + [10.0.5/24] -+- Blade Center 2 - Blade hosts, eth0
                           + [10.0.6/24] -+- Blade Center 2 - Blade hosts, eth1
     + [10.9x.0/24]    -+- Virtual Machines

So my (currently only) Control node (where I, among other things, run
Neutron) have the IP "10.0.4.1", which is connected to the physical network
via eth1, and routed to/via "the gateway/firewall" machine.

I was thinking that eth0 on the Control node(s) would be my (internal?)
"Openstack Network" (?) and provide the 10.9x/24 networks to the virtual
machines (I might not need 10 C-class networks, but I'm pretty sure I'll
be needing more than one in a "not to distant future" so better safe than
sorry).


So in OS I create the 10.9x/24 network(s) (?), served by a DHCP server
listening on eth0 only (because there's a DHCP "broadcasting" on eth1
serving the physical network), add a router with IP 10.99.0.1 (?) and
"bind" it to the physical machines eth0 (?).


This is where it again gets really fuzzy. How do I do that? How do I
make that router "connect" to the physical network? As in, route between
eth0 and eth1?

As in, one leg on the physical network (eth1) and the other on my VM
network (eth0). No, that didn't make much sense, but I hope you understand
what I mean..

And I guess I need some kind of firewall on that as well, just for good
measure.


And, yes, I now see a logical error I've made. I've allocated a 10.0/16
network for all the eth0 interfaces.

I was kind'a in a hurry when I started allocating the 10/8 network and
I didn't know what OS wanted of me so I didn't think that through completely.
Although it doesn't matter that much. It's fairly simple for me to change
that. It doesn't matter in this context though. Using the 10.9x/24 networks
for my VMs should be fine anyway.
--
Life sucks and then you die