Ask Your Question
1

Configuration stpes, to connect vm to external world without floating Ip for private cloud use

asked 2014-11-05 01:34:20 -0500

Emir gravatar image

How to configure neutron, ovs, step, to connect to external world without FIp, just using routers ?

edit retag flag offensive close merge delete

3 answers

Sort by » oldest newest most voted
1

answered 2014-11-06 02:19:22 -0500

dbaxps gravatar image

updated 2014-11-06 02:26:32 -0500

Floating IPs are not connected with outbound VM connectivity in Neutron L3 architecture.

1. Create private && external networks
2. Create router and interface to private network and gateway to external
3. Create VM  which would get fixed ip from corresponding dnsmasq.
4. ip netns exec qdhcp-private_net-id ssh -i oskey.pem <default-user>@fixed-ip
 After login you can work with Internet if access to metadata has been setup properly
 and cloud-init has been run OK

If you would like you can assign floating IP to VM. Than VM will become accessible from external world
edit flag offensive delete link more
0

answered 2014-11-05 12:03:06 -0500

Adrián Norte gravatar image

you want to access the vm from the external world or reach the external world from the vm?

edit flag offensive delete link more

Comments

I think author (as me too) want to eliminate NAT and use hi's own external routers/vlan/subnets/dhcp/..., but it complicated in OpenStack's design.

Alex Z gravatar imageAlex Z ( 2014-11-06 01:51:23 -0500 )edit
0

answered 2014-11-06 02:06:41 -0500

Alex Z gravatar image

As I see OpenStack is designed to use Float IP, you can use vlan (tenant_network_type=vlan), connect that vlans to your external infrastructure to have direct access to Private IP. But you will lose cloudinit support. And second bad news - allocation of Private IP is unpredictable - you will have troubles if you want (as me) to have access from external world (if you relaunch your instance then you probably receive some other unpredictable IP).

I decided to use Float IP - I don't like this design (I don't like NAT), but I cannot say want something work wrong. It interesting how it will work in IPv6 there are not exists NAT....

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2014-11-05 01:34:20 -0500

Seen: 1,051 times

Last updated: Nov 06 '14