Network subnet help with tenant and management

asked 2018-01-17 22:47:28 -0600

tony.pearce gravatar image

In openstack we have a tenant interface on the compute node but why do we need to also present this network to the controller?

As I understand the tenant network(s) give the instances access to the networks external to openstack. Since no instances run on the controller I am uncertain why this is required there.

Additionally, we have a management network which I've read is required for the ml2 plugin to communicate with the real network hardware when using the integration. But why would this network be required on compute nodes?

As I understand this network is used by the controller to make changes to the underlying network for the compute nodes instances. But the compute node itself doesnt make these changes.

So it seems apparent to me that the tenant network is required on the compute node only and the management network is required on the controller only. But all documentation and guides state both networks are required on both nodes and doesn't seem correct.

Please can someone shine light on this?

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2018-01-17 23:43:17 -0600

Strictly speaking, there is no need for several networks. What you read is just a suggestion. You can put all traffic on a single network, or set up a much more complex network configuration. A moderately complex example:

Having said that, the management network carries traffic between OpenStack components, in particular message queue, database and inter-service API traffic. Since compute nodes have some OpenStack components, they need to be connected to the management network.

The term “tenant network” normally denotes a virtual network managed by Neutron to which instances, Neutron routers, Neutron DHCP servers etc. are connected. What you probably mean is often called the VM network. It implements the tenant networks and carries traffic between instances (so-called east-west traffic) and between instances and the outside world (north-south). Depending on your deployment, some of the former and all or some of the latter traffic flows through the host that contains the central Neutron components like the L3 agent, which implements routing.

edit flag offensive delete link more


Thanks again

tony.pearce gravatar imagetony.pearce ( 2018-01-18 02:33:34 -0600 )edit

Here is an example for a fairly complex network setup. I didn't include it earlier because the web site was not responding.

Bernd Bausch gravatar imageBernd Bausch ( 2018-01-18 03:34:27 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2018-01-17 22:47:28 -0600

Seen: 256 times

Last updated: Jan 17 '18