You are very kind, thank you. I have only anothe doubt. When in a normal scenario you create the external net, you also create an openvswtch bridge (br-ex) on the network node and add the nic interface you have configuret for internet access. In our scenario we must have another interface in the intranet network : must we create a bridge and add the intranet interface? Must we modify any neutron configuration file to expose the new bridge ? Regards Ignazio Il giorno 25/lug/2015 12:16, "Antonio Messina" <antonio.s.mess...@gmail.com> ha scritto:
> Hi Ignazio, > > I did something similar, but it's not yet production so I don't know > if there are any caveats or better solutions, maybe some neutron > expert can tell us more. > > In principle you can create a neutron network on a specific vlan, > assuming the compute nodes will have direct access to that vlan. > > neutron net-create intranet \ > --provider:network_type vlan \ > --provider:segmentation_id 308 \ > --provider:physical_network vlannet > > neutron subnet-create intranet \ > --name vlan308 \ > 192.168.160.0/22 \ > --no-gateway \ > --disable-dhcp > > Now this network is not shared, so it will only be available in the > current tenant, or if the user has the "admin" role. > > It also have no dhcp. In our case this is important because we already > have a dhcp server running on our intranet, but I don't know if this > is an actual problem, and if the dhcp-agent will just ignore > DHCPREQUEST for unknown mac addresses. This also means that your VM > will not get an IP automatically, but for me this is not a problem > because it's a secondary interface and I will setup the IP address > statically on those VMs. > > In order to start a VM with an interface on that network, you have to > create a "port". You can also chose the IP adress: > > neutron port-create > --fixed-ip > subnet_id=ef600ffb-0cad-47ca-8ab2-e488b96a5e58,ip_address=192.168.163.1 > --name vm1-vlan308 intranet > > (replace the id of the subnet with the correct one) > > then, you can start a VM using: > > nova boot [...] --nic port-id=6fa3a4a4-f840-4173-b00d-0cc5c9628d30 > > (replace the ID of the port with the correct one) > > Please note that by default neutron set up iptables rules for the VM > port based on the IP assigned by neutron, so if you try to assign a > different IP to the VM it will not work. > > .a. > > On Sat, Jul 25, 2015 at 7:28 AM, Ignazio Cassano > <ignaziocass...@gmail.com> wrote: > > Hy guys, I would like to setup a private cloud for my company with > openstack > > kilo. > > I read openstack kilo documentation for centos 7 where the suggested > > scenario provides a configuration with an external vlan (internet), a > > managent vlan, a tunnel vlan and a stotage vlan. > > I would like to add a nic on the intranet vlian for install some virtual > > machines directly on my company network . > > Could anyhone help me with an example based on the following data? > > Storage vlan 500 > > external vlan 300 > > tunnel vlan 600 > > mgmt vlan 307 > > intranet vlan 308 > > > > Regards > > Ignazio > > > > > > _______________________________________________ > > OpenStack-operators mailing list > > OpenStack-operators@lists.openstack.org > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > > > > > -- > antonio.s.mess...@gmail.com > antonio.mess...@uzh.ch +41 (0)44 635 42 22 > S3IT: Service and Support for Science IT http://www.s3it.uzh.ch/ > University of Zurich > Winterthurerstrasse 190 > CH-8057 Zurich Switzerland >
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
