Networks¶
The configuration of dedicated networks is distributed across all environments and the inventory and is summarized here.
Not necessarily all of these networks have to be separate physical or
VLAN networks. Only the external network defined by the host specific variable
neutron_external_interface
should be a dedicated physical or VLAN network.
The following networks are used:
Contents
Network: Console¶
The console
network is used to access all nodes via SSH for operations
purposes. It is also used by some infrastructure and helper services like
phpMyAdmin or the web interface for ARA.
This network is defined by console_interface
in the host specific variable
file. The ip address belonging to this interface is defined by
internal_address
and for central logging by fluentd_host
variables in inventory/host_vars/<hostname>.yml
.
##########################################################
# generic
console_interface: eth0
internal_address: 10.0.1.2
fluentd_host: 10.0.1.2
Network: Management / Internal¶
The management
or internal
network is used for communication between
OpenStack services located on different hosts. It is also used for traffic
without a dedicated network. Ansible playbooks also use this network to access
target hosts. The interface is defined by management_interface
.
Additionally the interface need to be defined for kolla-ansible by
network_interface
variable in inventory/host_vars/<hostname>.yml
.
##########################################################
# generic
management_interface: eth1
##########################################################
# kolla
network_interface: eth1
The DNS name for the internal OpenStack API enpoints is defined by
kolla_internal_fqdn
. The corresponding ip address for
this DNS name is defined by kolla_internal_vip_address
in environments/kolla/configuration.yml
.
##########################################################
# loadbalancer
kolla_internal_fqdn: internal-api.betacloud.xyz
##########################################################
# hosts
host_additional_entries:
internal-api.betacloud.xyz: 10.0.1.10
##########################
# kolla
kolla_internal_vip_address: 10.0.1.10
Network: Tunnel¶
Traffic between guest virtual machines on different compute nodes or between
layer 3 networking components such as virtual routers are usually routed through
VXLAN or GRE tunnels on the tunnel network in inventory/host_vars/<hostname>.yml
.
##########################################################
# kolla
tunnel_interface: eth2
Network: Migration¶
Live migration of instances is performed over this network, configured in inventory/host_vars/<hostname>.yml
.
##########################################################
# kolla
migration_interface: eth2
Network: External API¶
External API endpoints are accessible on the external API network, exposing the OpenStack API endpoints. This network is reachable by consumers of the cloud services.
inventory/host_vars/<hostname>.yml
##########################################################
# kolla
kolla_external_vip_interface: eth3
environments/kolla/configuration.yml
##########################################################
# loadbalancer
kolla_external_fqdn: external-api.betacloud.xyz
environments/configuration.yml
##########################################################
# hosts
host_additional_entries:
external-api.betacloud.xyz: 10.0.3.10
##########################################################
# kolla
kolla_external_vip_address: 10.0.3.10
Network: External¶
The external network connects virtual machines to the outside world.
inventory/host_vars/<hostname>.yml
##########################################################
# kolla
neutron_external_interface: eth4
Network: Loadbalancer¶
This network is used for accessing Loadbalancer as a Service public endpoints.
inventory/host_vars/<hostname>.yml
##########################################################
# kolla
octavia_network_interface: eth5
Network: Storage Frontend¶
The storage frontend network is the connection between ceph nodes and all other hosts which need access to storage services.
It is recommended to use an MTU of 9000 in this network.
inventory/host_vars/<hostname>.yml
##########################################################
# kolla
storage_interface: eth5
##########################################################
# ceph
monitor_interface: eth5
environments/kolla/configuration.yml
##########################################################
# external ceph
ceph_public_network: 10.0.5.0/24
environments/ceph/configuration.yml
##########################################################
# network
public_network: 10.0.5.0/24
Network: Storage Backend¶
The storage backend network is the internal connection between ceph nodes.
It is recommended to use an MTU of 9000 in this network.
environments/ceph/configuration.yml
##########################################################
# network
cluster_network: 10.0.6.0/24
Netplan configuration examples¶
More examples: https://netplan.io/examples
simple example
- device: eno2
auto: true
family: inet
method: static
address: 192.168.1.10
netmask: 255.255.255.0
gateway: 192.168.1.254
mtu: 1500
- device: eno3
auto: true
family: inet
method: manual
mtu: 1500
simple example with second IP on NIC
- device: eno2
auto: true
family: inet
method: static
address: 192.168.1.10
netmask: 255.255.255.0
gateway: 192.168.1.254
mtu: 1500
- device: eno2:1
auto: true
family: inet
method: static
address: 192.168.11.10
netmask: 255.255.255.0
bond example
network_interfaces:
- device: ens1f0
auto: true
family: inet
method: manual
bond:
master: bond0
mtu: 1500
- device: ens1f1
auto: true
family: inet
method: manual
bond:
master: bond0
mtu: 1500
- device: bond0
auto: true
family: inet
method: manual
address: 192.168.1.10
netmask: 255.255.255.0
gateway: 192.168.1.254
bond:
mode: 802.3ad
xmit-hash-policy: layer2+3
miimon: 100
slaves: ens1f0 ens1f1
lacp-rate: 0
mtu: 1500
VLAN example
- device: bond0
auto: true
family: inet
method: manual
bond:
mode: 802.3ad
xmit-hash-policy: layer2+3
miimon: 100
slaves: ens1f0 ens1f1
lacp-rate: 0
mtu: 1500
- device: vlan10
method: static
address: 192.168.1.10
netmask: 255.255.255.0
vlan:
raw-device: bond0
up:
- route add default gw 192.168.1.254
mtu: 1500