Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

More tenants than Floating IP's - How to provide connectivity?

I'm new to OpenStack and, after completing a pilot installation, am designing a cloud infrastructure to support an organization of ~100 people. I envision each person in the org setting up his or her own tenant and instantiating a mixture of Windows and Linux machines on a private, isolated tenant network.

My problem is that I've only been allocated 5 IP addresses on the corporate network. I need to use a couple of those for things like the Horizon interface and one or two other infrastructure servers that need to be exposed to both corpnet and the VM infrastructure. Everything else has to be on an isolated (physical) network that's not directly connected to corpnet. That leaves only 2 or 3 IP addresses to provide client connectivity to the VM's. (The original architecture had Windows on the physical boxes and connectivity was provided through a TS Gateway "hop box" that had one NIC on corpnet and one NIC on the isolated network.)

Ideally, I'd like to allow clients to make HTTP, HTTPS, SSH, and/or RDP connections to the VM's. I'd like the connections to be as simple for the end-users as possible, because many of them lack the skills to set up a client connection that requires any networking skills.

What strategies are there to allow me to do this? I've looked around and, so far, all I've seen documented is a floating-IP-per-VM configuration. I'm sure I'm not the only person who's been in this boat, and I'd appreciate hearing how others have solved this problem.

More tenants than Floating IP's - How to provide connectivity?

I'm new to OpenStack and, after completing a pilot installation, am designing a cloud infrastructure to support an organization of ~100 people. I envision each person in the org setting up his or her own tenant and instantiating a mixture of Windows and Linux machines on a private, isolated tenant network.

My problem is that I've only been allocated 5 IP addresses on the corporate network. I need to use a couple of those for things like the Horizon interface and one or two other infrastructure servers that need to be exposed to both corpnet and the VM infrastructure. Everything else has to be on an isolated (physical) network that's not directly connected to corpnet. That leaves only 2 or 3 IP addresses to provide client connectivity to the VM's. (The original architecture had Windows on the physical boxes and connectivity was provided through a TS Gateway "hop box" that had one NIC on corpnet and one NIC on the isolated network.)

Ideally, I'd like to allow clients to make HTTP, HTTPS, SSH, and/or RDP connections to the VM's. I'd like the connections to be as simple for the end-users as possible, because many of them lack the skills to set up a client connection that requires any networking skills.

EDIT: Upon reflection, I don't really NEED RDP or SSH connectivity; rather, I need a GUI client experience for the Windows machines, and a command-line client experience for the UNIX/Linux machines. While it would be nice to allow the VM's to host services such as web servers, that also isn't necessary.

What strategies are there to allow me to do this? I've looked around and, so far, all I've seen documented is a floating-IP-per-VM configuration. I'm sure I'm not the only person who's been in this boat, and I'd appreciate hearing how others have solved this problem.