Hi operators... Transitioning from nova-network to Neutron (Mitaka), one of the key issues we are facing is how to reach VMs in VXLAN tenant networks without using precious floating IPs.
Things that are outside Neutron in our case are: - in-house made application orchestrator: needs SSH access to instances to perform various tasks (start / shutdown apps, configure filesystems, etc.) - various centralized and external monitoring/metrics pollers: need SNMP / SSH access to gather status and trends - internal customers: need SSH access to instance from non-openstack VPN service - ideally, non-VXLAN aware traffic balancer appliances We have considered these approaches: - putting some of the external components inside a Network Node: inviable because components need access to multiple Neutron deployments - Neutron's VPNaaS: cannot figure how to configure a client-to-site VPN topology - integrate hardware switches capable of VXLAN VTEP: for us in this stage, it is complex and expensive - other? Thank you in advance, Gustavo
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
