Ask Your Question
0

Avoid routing every network trafic to Network Node

asked 2016-05-06 16:28:29 -0500

kyomster gravatar image

Hi,

As I understood how Openstack and network are working together. In a multi node environment, every network traffic from the nova instance is sent to the network node which decides where and how to forward it. Meaning that if my network node goes down my instances don't have access to the Internet and the network node is the bottleneck.

So my question is the following: if I have instances that does a lot of I/O to the public network (Internet) is there any way to avoid the instance network traffic to always go through the network node? I do not need to access instances from the Internet but I'd like the instance to access Internet without going through the network node.

Thank you.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2016-05-06 16:44:20 -0500

dbaxps gravatar image

updated 2016-05-06 17:25:50 -0500

Originally addressed in Juno , stabilized during Kilo cycle - that is DVR (Distributed Virtual Routing).
In Mitaka DVR has new advanced features .
See RDO Liberty DVR Neutron workflow on CentOS 7.2
In Mitaka release you may create neutron router which is HA and Distributed at a time :-
HA support for DVR centralized default SNAT functionality on RDO Mitaka Milestone 3

Keepalived daemons  are running inside SNAT namespaces on each one of 2 Network Nodes, which actually are  working as fail-over cluster. Details in link above


image description
The reason is that Neutron DHCP agent may run only on Network or Controller/Network , but not on Compute. That is why Neutron/Network HA solution may be provided by 2 Network Nodes ( Mitaka) either 3 Nodes HA Controller/Network (pacemaker,corosync,HAProxy, MariaGaleraDB) . The last configuration provides complete protection for landscape running each Compute in DVR mode, but I am not sure that Triple0 provides this configuration in meantime. You would better consult Mirantis (automated puppet based setup) or RH (Triple0 setup ) in regards of getting fulll protection, in case if it comes to major concern. Neutron/Network HA && DVR on each Compute node setup is pretty straight forward on RDO Mitaka and well tested (see second link been provided && uploaded picture)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-05-06 16:28:29 -0500

Seen: 198 times

Last updated: May 06 '16