Public bug reported: In public cloud deployments using Manila with the CephFS driver and NFS- Ganesha, establishing a network path between VMs and the Ganesha service is necessary for mounting shares. Manila does not natively manage this connectivity, which can lead to operational inefficiencies and security concerns. This proposal enables Neutron to handle the required connectivity, providing a simple, integrated approach within OpenStack.
The solution includes: 1. Creating a port in the user’s private network via API (a distributed localport, similar to the metadata port). 2. Provisioning the port on compute nodes where VMs in the private network reside — a task that would be managed by the new OVN Ganesha Agent. This RFE specifically proposes the OVN Ganesha Agent to accomplish the second task. This approach is inspired by the existing solution in Neutron for establishing connectivity between VMs and the Nova metadata API. The OVN Ganesha Agent would be deployed on all compute nodes and would have the following responsibilities: 1. Detect ports for Ganesha connectivity in users' private networks. 2. Manage these ports dynamically by plugging them into designated namespaces on the compute nodes and configuring iptables rules to establish a secure path from these namespaces to the NFS-Ganesha service. As a result, with Neutron and OVN functionalities, this solution enables VMs to reach the NFS-Ganesha service using the IP of the port in their private network. This approach provides a simpler, more secure, and efficient connection that is also distributed and highly available, offering a fully integrated and comprehensive solution within OpenStack and Neutron. [1] https://docs.openstack.org/manila/latest/configuration/shared-file-systems/drivers/cephfs_driver.html ** Affects: neutron Importance: Undecided Assignee: Amir Nikpour (amniik) Status: New ** Tags: rfe ** Changed in: neutron Assignee: (unassigned) => Amir Nikpour (amniik) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/2087541 Title: [REF] Add OVN Ganesha Agent to setup path for VM connectivity to NFS- Ganesha Status in neutron: New Bug description: In public cloud deployments using Manila with the CephFS driver and NFS-Ganesha, establishing a network path between VMs and the Ganesha service is necessary for mounting shares. Manila does not natively manage this connectivity, which can lead to operational inefficiencies and security concerns. This proposal enables Neutron to handle the required connectivity, providing a simple, integrated approach within OpenStack. The solution includes: 1. Creating a port in the user’s private network via API (a distributed localport, similar to the metadata port). 2. Provisioning the port on compute nodes where VMs in the private network reside — a task that would be managed by the new OVN Ganesha Agent. This RFE specifically proposes the OVN Ganesha Agent to accomplish the second task. This approach is inspired by the existing solution in Neutron for establishing connectivity between VMs and the Nova metadata API. The OVN Ganesha Agent would be deployed on all compute nodes and would have the following responsibilities: 1. Detect ports for Ganesha connectivity in users' private networks. 2. Manage these ports dynamically by plugging them into designated namespaces on the compute nodes and configuring iptables rules to establish a secure path from these namespaces to the NFS-Ganesha service. As a result, with Neutron and OVN functionalities, this solution enables VMs to reach the NFS-Ganesha service using the IP of the port in their private network. This approach provides a simpler, more secure, and efficient connection that is also distributed and highly available, offering a fully integrated and comprehensive solution within OpenStack and Neutron. [1] https://docs.openstack.org/manila/latest/configuration/shared-file-systems/drivers/cephfs_driver.html To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2087541/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
