A typical deployment has one or more external networks and as many private networks as users want.
An external network represents (part or all of) the network outside of the cloud. It’s either flat or VLAN. You can allow users to create their own network structure and routing, connected to the external network with the help of OVS bridges, Linuxbridges and other mechanisms. “Each customer/account has a private network” is a bit misleading. Customers can set up complex multi-tier network structures, not just one network, and they can use whatever IP address ranges they want. “By default, VM's are provisioned with a public (internet routed IP) NIC and a private NIC” is also not quite right. VMs get an IP on the customer’s network (the usual term is tenant network). The customer can add external IP addresses, named floating IP. In a typical application, not all VMs need them. You are correct, no separate network node is required. I believe the recommendation to set up a separate network node was made at the time when all routed traffic used to flow through this one node. That’s not the case anymore if you deploy the distributed router. In addition to your compute and Ceph nodes, you do need a controller though. The same server can have both the controller and the compute role, but they are normally kept separate for better performance and ease of management. See the Networking guide and the Installation tutorials for more detail. In particular, look for the terms “provider network” and “tenant network”, and the deployment examples in both guides. https://docs.openstack.org/neutron/latest/admin/index.html https://docs.openstack.org/queens/install/ Regarding terminology: Strictly speaking, “public” and “private” are not OpenStack terms. They are the names given to the external and tenant networks provisioned by some deployment tools like Devstack or Packstack. Bernd > On Jun 23, 2018, at 0:36, Nick A <nick.b...@gmail.com> wrote: > > Hello everyone! > > I'm planning a small test Openstack deployment, 3 compute nodes and 5 > ceph nodes. The part I'm struggling with is public/private networking. > > Whilst I wait for the hardware to arrive, what I'm trying to work out > is exactly what I need to make this a reality, I've read everything I > can find but still not 100% sure: > > 1. Each customer/account has a private network (10.0.0.0/8 for > example) available > 2. By default, VM's are provisioned with a public (internet routed IP) > NIC and a private NIC (connected to their private network). > 3. No dedicated network node > > Each compute node will have: > 1G management connection > 1G public internet connection, L3 for this will be done elsewhere. > 40G private networking connection > > Am I right in assuming the public network is essentially a flat > network, then I can use OVS for the private networks? Can that be done > at the same time? Is that possible without a dedicated network node? > If someone could point me in the right direction it'd be greatly > appreciated. > > Regards, > Nick > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
