297b1e3bb5
Missing file content for l3_agent.ini added. Change-Id: I2d094a88c863d1b935b96f1c08ba7d69b916b3a2 Partial-Bug: #1298493
81 lines
4.0 KiB
XML
81 lines
4.0 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<chapter xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
version="5.0"
|
|
xml:id="section_floating-ips">
|
|
<title>Floating IP Addresses And Security Rules</title>
|
|
<para>OpenStack Networking has the concept of Fixed IPs and
|
|
Floating IPs. Fixed IPs are assigned to an instance on
|
|
creation and stay the same until the instance is explicitly
|
|
terminated. Floating IPs are IP addresses that can be
|
|
dynamically associated with an instance. This address can be
|
|
disassociated and associated with another instance at any
|
|
time.</para>
|
|
<para>Various tasks carried out by Floating IPs as of
|
|
now.</para>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>create IP ranges under a certain group, only
|
|
available for admin role.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>allocate a floating IP to a certain tenant,
|
|
only available for admin role.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>deallocate a floating IP from a certain
|
|
tenant</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>associate a floating IP to a given
|
|
instance</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>disassociate a floating IP from a certain
|
|
instance</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
<para>Just as shown by the above figure, we will have
|
|
nova-network-api to support nova client floating
|
|
commands. Nova-network-api will invoke neutron cli lib
|
|
to interact with the neutron server via API. The data
|
|
for the floating IPs will be stored in the neutron DB.
|
|
Neutron Agent, which is running on the compute host will
|
|
enforce the floating IP.</para>
|
|
<para><guilabel>Multiple Floating
|
|
IP Pools</guilabel></para>
|
|
<para>The L3 API in OpenStack Networking supports multiple
|
|
floating IP pools. In OpenStack Networking, a floating
|
|
IP pool is represented as an external network and a
|
|
floating IP is allocated from a subnet associated with
|
|
the external network. Since each L3 agent can be
|
|
associated with at most one external network, we need
|
|
to invoke multiple L3 agent to define multiple
|
|
floating IP pools. 'gateway_external_network_id'in L3
|
|
agent configuration file indicates the external
|
|
network that the L3 agent handles. You can run
|
|
multiple L3 agent instances on one host.</para>
|
|
<para>In addition, when you run multiple L3 agents, make
|
|
sure that handle_internal_only_routers is set to
|
|
True only for one L3 agent in an OpenStack Networking
|
|
deployment and set to False for all other L3 agents.
|
|
Since the default value of this parameter is True, you
|
|
need to configure it carefully.</para>
|
|
<para>Before starting L3 agents, you need to create
|
|
routers and external networks, then update the
|
|
configuration files with UUID of external networks and
|
|
start L3 agents.</para>
|
|
<para>For the first agent, invoke it with the following
|
|
l3_agent.ini where handle_internal_only_routers is
|
|
True.</para>
|
|
<programlisting>
|
|
handle_internal_only_routers = True
|
|
external_network_bridge = br-ex
|
|
</programlisting>
|
|
<programlisting>
|
|
$sudo service neutron-l3-agent restart
|
|
</programlisting>
|
|
<para>For the second (or later) agent, invoke it with the following l3_agent.ini where handle_internal_only_routers is False.</para>
|
|
</chapter>
|