VlanManager

The most powerful one of those three network modes in Nova

Let's have a look at VlanManager

Benefits:

Support VPN
End user could access their own project instances with VPN feature. Through a cloud-pipe instance which is a simple image include OPENVPN. It make user manage instance easier without lots of public ip.

Isolation Vlan netwotk
Per project/Per Vlan , a bunch of instance within a project will not communicate with other project instance.

1. enable Vlan support in kernel
root@nova:~# dmesg | grep -i 802
[    8.346579] 802.1Q VLAN Support v1.8 Ben Greear

If the vlan folder exist , means your kernel support Vlan
root@nova:~# ls -l /proc/net/vlan
total 0
-rw------- 1 root root 0 2011-07-05 21:57 config


root@nova:~# modprobe -v 8021q
root@nova:~# lsmod | grep 8021q
8021q                  24326  0
garp                   14471  1 8021q





2. Install Vlan both nova-compute and nova-network host
apt-get install vlan


3.Add a Vlan in Switch with same VID


4./etc/nova.conf

--network_manager=nova.network.manager.VlanManager
--fixed_range=10.0.0.0/24
--flat_network_dhcp_start=10.0.0.10
--vlan_interface=eth1
--public_interface=eth0
--flat_injected=False

5. Create network for each project
Project
Network
Vlan
Bridge
pro1
10.0.1.0/24
vlan100
br100
pro2
10.0.2.0/24
vlan200
br200
pro3
10.0.3.0/24
vlan300
br300
  
#nova-manage project create  
#nova-manage network create  <> <>

6.Hack DB to setup networks


Config file
Hugo@GitHub

Comments

  1. Giuseppe CivitellaJuly 6, 2011 at 3:16 PM

    Hi,

    what about bridges creation? Is it managed by nova or they need to be already present on nova-compute and nova-network nodes?
    I see I can have vlan numbers not in strict ascending order, is there a way to choose the vlan number while creating a project or I have to create a project using nova-manage and then do an "alter table" to point his network on the right vlan?
    Can the vpn_public_address be a floating ip or has to be a nova-network's node ip?

    Thanks a lot for your help. I find the informations you share on you blog very helpful.

    Regards
    Giuseppe

    ReplyDelete
  2. Hugo KuoJuly 6, 2011 at 6:29 PM

    Ciao Giuseppe Civitella,
    bridge interface will be handled by nova-network and nova-compute.

    About the vlan number , just hack networks table in nova db. Check the photo in the post. As I know in current Cactus release , there's no way to specify Vlan number while creating project . We have to change it in DB. I did not check the trunk version yet.
    vpn_public_address is nova-network's ip by default, I check the description of --vpn_public_address , it seems possible to specify VPN ip instead of nova-network ip .

    Hope it help...

    Cheers
    Hugo Kuo

    ReplyDelete
  3. Giuseppe CivitellaJuly 7, 2011 at 3:39 PM

    It definitely helps.

    Thanks a lot.

    Giuseppe

    ReplyDelete
  4. AnonymousJuly 29, 2011 at 4:15 AM

    Hello,

    First and foremost: Keep up the good work Hugo! You're blog is really helping me understand OpenStack!

    As for the VLAN creation, doesn't the fourth parameter passed in 'nova-manage network create' place the network on a particular VLAN?

    I usually just run 'nova-manage network create x.x.x.x/28 1 30 10' to create a network on VLAN 10.

    Please ignore me if the question has already been answered or if this incorrect. I just figure it'll help someone who may later view this post.

    Cheers,
    Jason

    ReplyDelete
  5. Hugo KuoJuly 29, 2011 at 10:17 AM

    Hello Jason
    Thanks for your encouragement....
    In honest , I don't know about the fourth parameter for a particular VLAN ID....
    There's a result of my test:
    http://pastebin.com/Y8Tsynkq
    It seems no effect with the last parameter.

    I think there's no such support of VlanID in nova-manage cmd group currtently......
    Maybe it could be a nice choice in the future.

    Cheers
    Hugo Kuo

    ReplyDelete
  6. AnonymousAugust 2, 2011 at 4:55 AM

    Hi Hugo,

    Hmmm, that's a bit odd. I could've sworn I was able to create a network on a particular VLAN. I'll have to test it out again and get back to you. (Unfortunately, I had to tear down my last deployment so it may take a moment).

    All the best,
    Jason

    ReplyDelete
  7. Hugo KuoAugust 2, 2011 at 10:57 AM

    Take your time .
    There's som possiblities over this odd situation.

    1. I missed a particular flag for specify Vlan ID.
    2. We r in different reversion

    ReplyDelete
  8. ankitprasad.sharmaDecember 22, 2011 at 4:47 AM

    Hi Hugo..
    I am new to openstack.. i have installed all the nova-packages on my system using vlanmanager. I wanted to know whether is it possible to add a compute node for implementing a dual node cloud. If yes then please help me with its procedure.

    Thank you
    Ankitprasad

    ReplyDelete

Post a Comment

Popular posts from this blog

The method of Web Service HA+LB in OPENSTACK NOVA for private cloud only

Image
Cloud Server HA+LB  in NOVA Our purpose is to provide uninterrupted   web services  with low cost in OPENSTACK. Due to all instances traffic through Nova-Network host in a basic deployment of NOVA . And it's hard to do HA+LB for Nova-Network. As I know it will be very hard to implement.  After read "Bootstrapping OpenStack Clouds" doc writed by DELL....The fault zone concept it much easier and cheaper.  There're three diagrams .... I. Two zones topology , share nothing between each zones. But combine two instance network in same network segment. Zone1 using 192.168.1.0/25,   Zone2 using 192.168.1.128/25 . We do  not using floating ip.  Let instance route from Core Network  Switch directly.
Read more