Maybe you can have something like : https://bugs.launchpad.net/neutron/+bug/1175211
On Thu, Jun 30, 2016 at 8:54 PM, Gustavo Randich <gustavo.rand...@gmail.com> wrote: > Mike, as far as I know those routers allow only outgoing traffic, i.e. VM > can see external networks, but those external networks cannot connect to VM > if it doesn't have a FIP, am I right? > > Thanks! > Gustavo > > On Wed, Jun 29, 2016 at 7:24 PM, Mike Spreitzer <mspre...@us.ibm.com> wrote: >> >> Gustavo Randich <gustavo.rand...@gmail.com> wrote on 06/29/2016 03:17:54 >> PM: >> >> > Hi operators... >> > >> > Transitioning from nova-network to Neutron (Mitaka), one of the key >> > issues we are facing is how to reach VMs in VXLAN tenant networks >> > without using precious floating IPs. >> > >> > Things that are outside Neutron in our case are: >> > >> > - in-house made application orchestrator: needs SSH access to >> > instances to perform various tasks (start / shutdown apps, configure >> > filesystems, etc.) >> > >> > - various centralized and external monitoring/metrics pollers: need >> > SNMP / SSH access to gather status and trends >> > >> > - internal customers: need SSH access to instance from non-openstack >> > VPN service >> > >> > - ideally, non-VXLAN aware traffic balancer appliances >> > >> > We have considered these approaches: >> > >> > - putting some of the external components inside a Network Node: >> > inviable because components need access to multiple Neutron deployments >> > >> > - Neutron's VPNaaS: cannot figure how to configure a client-to-site >> > VPN topology >> > >> > - integrate hardware switches capable of VXLAN VTEP: for us in this >> > stage, it is complex and expensive >> > >> > - other? >> >> You know Neutron includes routers that can route between tenant networks >> and external networks, right? You could use those, if your tenant networks >> use disjoint IP subnets. >> >> Regards, >> Mike >> >> > > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > -- --Anand Nande _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
