Open Stack

Hi operators...

Transitioning from nova-network to Neutron (Mitaka), one of the key issues
we are facing is how to reach VMs in VXLAN tenant networks without using
precious floating IPs.

Things that are outside Neutron in our case are:

- in-house made application orchestrator: needs SSH access to instances to
perform various tasks (start / shutdown apps, configure filesystems, etc.)

- various centralized and external monitoring/metrics pollers: need SNMP /
SSH access to gather status and trends

- internal customers: need SSH access to instance from non-openstack VPN
service

- ideally, non-VXLAN aware traffic balancer appliances



We have considered these approaches:

- putting some of the external components inside a Network Node: inviable
because components need access to multiple Neutron deployments


- Neutron's VPNaaS: cannot figure how to configure a client-to-site VPN
topology

- integrate hardware switches capable of VXLAN VTEP: for us in this stage,
it is complex and expensive


- other?


Thank you in advance,
Gustavo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160629/61c304cf/attachment.html>