15cfe96f3b
* Move the files into doc/training-guides subdirectory * Add README, LICENSE, tox test config
73 lines
3.6 KiB
XML
73 lines
3.6 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<chapter xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
version="5.0"
|
|
xml:id="module002-ch004-floating-ips">
|
|
<title>Floating IP Addresses And Security Rules</title>
|
|
<para>OpenStack Networking has the concept of Fixed IPs and
|
|
Floating IPs. Fixed IPs are assigned to an instance on
|
|
creation and stay the same until the instance is explicitly
|
|
terminated. Floating ips are ip addresses that can be
|
|
dynamically associated with an instance. This address can be
|
|
disassociated and associated with another instance at any
|
|
time.</para>
|
|
<para>Various tasks carried out by Floating IP's as of
|
|
now.</para>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>create IP ranges under a certain group, only
|
|
available for admin role.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>allocate an floating IP to a certain tenant,
|
|
only available for admin role.</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>deallocate an floating IP from a certain
|
|
tenant</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>associate an floating IP to a given
|
|
instance</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>disassociate an floating IP from a certain
|
|
instance</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
<para>Just as shown by the above figure, we will have
|
|
nova-network-api to support nova client floating
|
|
commands. nova-network-api will invoke neutron cli lib
|
|
to interactive with neutron server via API. The data
|
|
about floating IPs will be stored in to neutron DB.
|
|
Neutron Agent, which is running on compute host will
|
|
enforce the floating IP.</para>
|
|
<para><guilabel>Multiple Floating
|
|
IP Pools</guilabel></para>
|
|
<para>The L3 API in OpenStack Networking supports multiple
|
|
floating IP pools. In OpenStack Networking, a floating
|
|
IP pool is represented as an external network and a
|
|
floating IP is allocated from a subnet associated with
|
|
the external network. Since each L3 agent can be
|
|
associated with at most one external network, we need
|
|
to invoke multiple L3 agent to define multiple
|
|
floating IP pools. 'gateway_external_network_id'in L3
|
|
agent configuration file indicates the external
|
|
network that the L3 agent handles. You can run
|
|
multiple L3 agent instances on one host.</para>
|
|
<para>In addition, when you run multiple L3 agents, make
|
|
sure that handle_internal_only_routers is set to
|
|
Trueonly for one L3 agent in an OpenStack Networking
|
|
deployment and set to Falsefor all other L3 agents.
|
|
Since the default value of this parameter is True, you
|
|
need to configure it carefully.</para>
|
|
<para>Before starting L3 agents, you need to create
|
|
routers and external networks, then update the
|
|
configuration files with UUID of external networks and
|
|
start L3 agents.</para>
|
|
<para>For the first agent, invoke it with the following
|
|
l3_agent.ini where handle_internal_only_routers is
|
|
True.</para>
|
|
</chapter>
|