Hi, I need another opinion about what I am doing. I'm setting up OpenStack using Neutron (1 controller node, 1 network node, N computes nodes). In my setup every tenant have its own private network using VLANs (OpenVSwitch). I only need one router because I want only to isolate the projects, but they don't need to do any management or a special requirement to have one router per each one. I don't need floating IPs, NAT. Every tenant network is routed in the corporate network.
So basically my config was: neutron net-create corp -- --router:external=True neutron subnet-create corp --gateway=10.210.150.254 --enable_dhcp=False --allocation-pool start=10.210.150.11,end=10.210.150.11 10.210.150.0/23 # Only one IP in the pool, the IP used to reach the tenant subnets. neutron router-create corpnet-router neutron router-gateway-set $ROUTER_ID $EXT_SUBNET_ID And for every tenant: neutron net-create --tenant-id $TENANT_ID --provider:physical_network=physnet1 --provider:network_type=vlan --provider:segmentation_id=$VLAN_ID tenantX-net neutron subnet-create --tenant-id $TENANT_ID tenantX-net 10.210.99.240/28 --gateway 10.210.99.241 neutron router-interface-add $ROUTER_ID $TENANT_SUBNET_ID This creates one router using namespaces, but I'not sure if that's the best option. If my setup is simple, may be I don't need namespaces and all the VLANs and routing could be managed in the controller node directly. I would like to hear another opinions about this setup, if it ok, if there is something better. Regards, Diego -- Diego Woitasen - Linux and Open Source solutions architect - DevOps Engineer, Infrastructure developer http://www.woitasen.com.ar _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
