Ask Your Question
0

icehouse documentation help

asked 2014-04-30 04:54:40 -0500

capsali gravatar image

Hello,

Just started installing icehouse from documentation provided on http://openstack.org . i'm a little confused at the beginning of the documentation, setting up networking. I opted for the neutron deployment, but instead of using 3 nodes, i will collocate controller node and network node services into one single node. I have 5 nodes available, each with 6 eth. So here comes my problem. I followed instructions from chapter 2 on setting up network on the nodes. It sais on the controller node there is one network, management network, on the compute node there are 2 separate networks, one management and one tunnel network. On the network node there is one management network, one tunnel netowrk and one external network left unnumbered, in promiscuous mode. After making the necessary changes to the nodes the next step is to verify connection between the nodes, that works just fine, and connection to the internet. Here is my problem. What network should be connected to the internet? The only one that is present on all nodes is the management network, so should i enable internet acces to this network?

Thank you.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2014-05-01 01:07:29 -0500

screwgoth gravatar image

Yes. Ideally, the internet should be accessible from the Management network. The Management Network itself should not be accessible from outside the main network, for example, the corporate LAN. The "tunnel" network you mention is between Network nodes and the Compute nodes. In your case, The Controller-cum-Network node and the Compute nodes. This network should not be reachable even by the Management network ... ideally.

Hope haven't confused you more

edit flag offensive delete link more

Comments

Hi...Thanks...i understood the basics...the tunnel network is for VMs to communicate with the external network. So, as i thought, the management network should have access to the internet but with all incoming ports closed so it could not be reached from the exterior. Thanks again for clearing that up for me!

capsali gravatar imagecapsali ( 2014-05-01 05:52:19 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2014-04-30 04:54:40 -0500

Seen: 162 times

Last updated: May 01 '14