VlanManager

July 06, 2011

The most powerful one of those three network modes in Nova

Let's have a look at VlanManager

Benefits:

Support VPN

End user could access their own project instances with VPN feature. Through a cloud-pipe instance which is a simple image include OPENVPN. It make user manage instance easier without lots of public ip.

Isolation Vlan netwotk

Per project/Per Vlan , a bunch of instance within a project will not communicate with other project instance.

1. enable Vlan support in kernel

root@nova:~# dmesg | grep -i 802
[    8.346579] 802.1Q VLAN Support v1.8 Ben Greear

If the vlan folder exist , means your kernel support Vlan

root@nova:~# ls -l /proc/net/vlan
total 0
-rw------- 1 root root 0 2011-07-05 21:57 config

root@nova:~# modprobe -v 8021q
root@nova:~# lsmod | grep 8021q
8021q                  24326  0
garp                   14471  1 8021q

2. Install Vlan both nova-compute and nova-network host

apt-get install vlan

3.Add a Vlan in Switch with same VID

4./etc/nova.conf

--network_manager=nova.network.manager.VlanManager
--fixed_range=10.0.0.0/24
--flat_network_dhcp_start=10.0.0.10
--vlan_interface=eth1
--public_interface=eth0
--flat_injected=False

5. Create network for each project

Project	Network	Vlan	Bridge
pro1	10.0.1.0/24	vlan100	br100
pro2	10.0.2.0/24	vlan200	br200
pro3	10.0.3.0/24	vlan300	br300

#nova-manage project create  
#nova-manage network create  <> <>

6.Hack DB to setup networks

Config file

Hugo@GitHub

Comments

Giuseppe CivitellaJuly 6, 2011 at 3:16 PM
Hi,

what about bridges creation? Is it managed by nova or they need to be already present on nova-compute and nova-network nodes?
I see I can have vlan numbers not in strict ascending order, is there a way to choose the vlan number while creating a project or I have to create a project using nova-manage and then do an "alter table" to point his network on the right vlan?
Can the vpn_public_address be a floating ip or has to be a nova-network's node ip?

Thanks a lot for your help. I find the informations you share on you blog very helpful.

Regards
Giuseppe
ReplyDelete
Hugo K.July 6, 2011 at 6:29 PM
Ciao Giuseppe Civitella,
bridge interface will be handled by nova-network and nova-compute.

About the vlan number , just hack networks table in nova db. Check the photo in the post. As I know in current Cactus release , there's no way to specify Vlan number while creating project . We have to change it in DB. I did not check the trunk version yet.
vpn_public_address is nova-network's ip by default, I check the description of --vpn_public_address , it seems possible to specify VPN ip instead of nova-network ip .

Hope it help...

Cheers
Hugo Kuo
ReplyDelete
Giuseppe CivitellaJuly 7, 2011 at 3:39 PM
It definitely helps.

Thanks a lot.

Giuseppe
ReplyDelete
AnonymousJuly 29, 2011 at 4:15 AM
Hello,

First and foremost: Keep up the good work Hugo! You're blog is really helping me understand OpenStack!

As for the VLAN creation, doesn't the fourth parameter passed in 'nova-manage network create' place the network on a particular VLAN?

I usually just run 'nova-manage network create x.x.x.x/28 1 30 10' to create a network on VLAN 10.

Please ignore me if the question has already been answered or if this incorrect. I just figure it'll help someone who may later view this post.

Cheers,
Jason
ReplyDelete
Hugo K.July 29, 2011 at 10:17 AM
Hello Jason
Thanks for your encouragement....
In honest , I don't know about the fourth parameter for a particular VLAN ID....
There's a result of my test:
http://pastebin.com/Y8Tsynkq
It seems no effect with the last parameter.

I think there's no such support of VlanID in nova-manage cmd group currtently......
Maybe it could be a nice choice in the future.

Cheers
Hugo Kuo
ReplyDelete
AnonymousAugust 2, 2011 at 4:55 AM
Hi Hugo,

Hmmm, that's a bit odd. I could've sworn I was able to create a network on a particular VLAN. I'll have to test it out again and get back to you. (Unfortunately, I had to tear down my last deployment so it may take a moment).

All the best,
Jason
ReplyDelete
Hugo K.August 2, 2011 at 10:57 AM
Take your time .
There's som possiblities over this odd situation.

1. I missed a particular flag for specify Vlan ID.
2. We r in different reversion
ReplyDelete
ankitprasad.sharmaDecember 22, 2011 at 4:47 AM
Hi Hugo..
I am new to openstack.. i have installed all the nova-packages on my system using vlanmanager. I wanted to know whether is it possible to add a compute node for implementing a dual node cloud. If yes then please help me with its procedure.

Thank you
Ankitprasad
ReplyDelete