openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #09367
Re: multiple floating ip pools
Floating ip pools allow you to specify a different ip range and bind interface for sets of ips, so it will work for segregation purposes.
There isn't policy acl on which pool the ip comes from but it could be added. The policy wrapping in the network layer is very basic right now. The underlying objects aren't passed in so we can't set policies based on (for example) pool name. If/when the policy wrapping is improved to include more information that is a possibility.
Vish
On Mar 30, 2012, at 6:23 AM, Kevin Jackson wrote:
> I'm also interested in providing multiple floating IP pools. Is this something that is achievable or conceived?
>
> My use case is as follows:
>
> Each tenant gets its own private VLAN and address space, so intercommunication between each tenant is able to be segregated.
> On assignment of public floating IPs though this segregation breaks down.
>
> To put this into context, I'd like to be able to have, say, a "Production" tenant and a "Development" tenant. Inter-communication between the two should be prohibited.
> As soon as I assign a floating IP address, this model breaks down.
>
> I noticed that nova-manage floating create has a ' --pool=<pool> Optional pool ' option. How is this used? Does this help solve my problem?
>
> Cheers,
>
> Kev
>
>
> On 6 February 2012 18:46, Xu (Simon) Chen <xchenum@xxxxxxxxx> wrote:
> Hi all,
>
> I am running devstack and got a dev instance of OpenStack running.
>
> I am happy to see the concept of multiple floating IP pools, and the per-floating-ip interface in the trunk, which I consider a very good basis for my blueprint proposal here:
> https://blueprints.launchpad.net/nova/+spec/multi-network-without-multi-nic
>
> I have a quick question. Is there a plan (or maybe it's already there) for access control whether a project is allowed to take floating IPs from a pool?
>
> Thanks!
> -Simon
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
>
>
> --
> Kevin Jackson
> @itarchitectkev
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
Follow ups
References