Ask Your Question
0

Directly connect VM to external network

asked 2013-07-15 03:27:31 -0500

Arfghl gravatar image

updated 2014-01-22 15:12:30 -0500

Evgeny gravatar image

Hello

In a "Per-tenant router with private networks architecture" we have an external network with one router per tenant and the tenants can reach the external network with floating ip adress.

It is possible for a tenant to directly connect a VM on the external network without a router and a private network and to get only the floating IP. For the moment when I try to directly connect a VM on the external network the VM can not find thnetwork configuration :/

Thanks :)

edit retag flag offensive close merge delete
add a comment

3 answers

Sort by ยป oldest newest most voted
2

answered 2013-07-16 12:18:31 -0500

darragh-oreilly gravatar image

No that is not possible. External networks are only for uplinking routers that do NAT between private IPs and floating IPs (or the gateway IP).

edit flag offensive delete link more

Comments

Thank you for this clear answer. But I'm little surprised because it is possible to launch an instance with this type of network. Why this action is not prohibited ? So if I want to launch instance I have to create a router and a private network before in my configuration :/

Arfghl gravatar imageArfghl ( 2013-07-16 17:30:27 -0500 )edit

Your right - I just tried it and the instance actually boots. But the whole thing does not make any sense to me, and I don't know why it's allowed. So yes, the normal workflow is to create a private net and subnet and connect the VM and router to it, and set the router's gateway to the external net.

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-07-17 01:00:22 -0500 )edit

Thank you for these information :)

Arfghl gravatar imageArfghl ( 2013-07-17 02:51:39 -0500 )edit

It seems the L3 agent can use a provider network for the external network - this maybe useful for you. See https://bugs.launchpad.net/neutron/+bug/1056437 for details.

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-08-29 10:41:21 -0500 )edit

I faced the same problem, do you mean that I create a new router beside the demo-router which mentioned in the official document ? could you please give the process of that ? I'll be happy for it thank you.

Rochdi gravatar imageRochdi ( 2015-08-14 05:45:38 -0500 )edit
add a comment
0

answered 2017-02-13 10:40:21 -0500

nuriel77 gravatar image

I manage to get VM directly on external network. A few things to describe my environment: 3 controller/network nodes in HA with external interface configured. And a few compute nodes without external interface configured.

Usually I would use floating IPs in which case the traffic from VM on a compute host would route via the v-router on the controller/network node. In this setup, trying to simply create a VM on the external network didn't work.

I had to manually configure the external interface on the compute hosts as ports (openvswitch) on br-ex. Given br-ex an ip on the external network and added default route for the external network.

After network restart could see (via ovs-vsctl show) the "phy-br-ex" interface port on br-ex which is peered with "int-br-ex". After this, VMs created directly on external network would get accessible IP on the external network.

I am not sure if this can be done any other way, for example let traffic be routed via the network nodes instead of having the compute node directly accessing the external network.

edit flag offensive delete link more
add a comment
0

answered 2013-07-15 06:09:59 -0500

skyrainman gravatar image

Hello,

I am not sure if it will work, however, you can try to create an external network that is shared. That will allow the network to be selected at time of VM creation as a network interface. Also, I would imagine that your compute node would need public internet connectivity.

Again, not sure if this will work, however, I am sure that you can create a shared public network which can be selected at time of VM creation.

edit flag offensive delete link more

Comments

Thanks for your reply but my external network is already in shared mode and it does not work :)

Arfghl gravatar imageArfghl ( 2013-07-15 07:15:28 -0500 )edit

The default external network as described in the default procedure in the documentation can be used in instnaces AFAIK. It's on the other side of the network node, so it's not "physically" reachable. What @Arfghl says I think is to create a tenant network with a public subnet shared.

diego-woitasen gravatar imagediego-woitasen ( 2015-01-21 07:24:49 -0500 )edit
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2013-07-15 03:27:31 -0500

Seen: 6,775 times

Last updated: Feb 13 '17

Related questions

Network Issue in Essex Environment

launch intances under tenant admin

Alternative to unnumbered interface?

Instance cannot ping outside

Add a physical interface to instance

network design

LXC instance booted and active but can not be pinged

Could nova-network switch to the other plugins?

unable to delete network either from Horizon, cli or mysql

neutron network cannot be seen by nova