neutron

Quantum shared networks

Asked by Asif

Hi All,

    How are shared networks realized in Quantum? Is it possible for VMs from tenant's other(private) networks to be able to talk to VMs on shared networks? If yes, how does it work considering VLANs are being used for network virtualization.

thanks
Asif

Question information

Language:
English Edit question
Status:
Answered
For:
neutron Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Lingxian Kong (kong) said : 		#1

In my opinion shared network just means that you can see and use that network(e.g. create port on it)

"Is it possible for VMs from tenant's other(private) networks to be able to talk to VMs on shared networks? "
I think if VM has no floatingIP, the answer is no.

Revision history for this message
Ravi Chunduru (ravivsn) said : 		#2

Interesting, I feel if you have both tenant private network and shared network interfaces attached to the router. It should be possible.
I would like to know from others if this is possible!

Revision history for this message
yong sheng gong (gongysh) said : 		#3

only admin can add other tenants' subnet into a router.

so for VMs from other tenant's private networks to talk to VMs on other tnenats' subnets, only admin user can do it.

Revision history for this message
Lingxian Kong (kong) said : 		#4

@yong sheng:

"only admin can add other tenants' subnet into a router."
--If admin did this, could VMs from different subnets talk with each other without any configuration? If the answer is yes, how does it work in the physical host? what are the relative commands?

Revision history for this message
yong sheng gong (gongysh) said : 		#5

in admin context:
quantum router-create router1
quantum router-interface-add router1 tenanta_subnet
quantum router-interface-add router1 tenantb_subnet
xxx
after that, the Vms on tenanta_subnet and tenantb_subnet should be able to access each other.

Revision history for this message
Lingxian Kong (kong) said : 		#6

I have another question, in add_router_interface() function, I see:
"
policy.enforce(context,
               "extension:router:add_router_interface",
               self._make_router_dict(router))
"

in the default policy.json:
"admin_or_owner": [["role:admin"], ["tenant_id:%(tenant_id)s"]],
"extension:router:add_router_interface": [["rule:admin_or_owner"]],

so I think tenant(not admin) of the router can use "quantum router-interface-add"(because tenant_id in context is the same as owner of the router), am I wrong?
Maybe I should figure it out on my machine.

Revision history for this message
Asif (asif-roll1) said : 		#7

I think we will atleast have to configure default route for each network in the VMs. e.g if we have two subnets 10.0.0.0/8 and 30.0.0.0/8 on different networks then we will have to specify 30.0.0.1 as GW for 30.0.0.0/8 in VMs running on 10.0.0.0/8 subnets and vice versa. Or it is automatically taken care of via some configuration?

thanks
Asif

Can you help with this problem?

Provide an answer of your own, or ask Asif for more information if necessary.

To post a message you must log in.