Hetzner - DokuWiki

Additional Floating Pool/en

Private Cloud, configuration of additional floating IPs

If you need to have more usable floating IP addresses for your private cloud, you can use this article to configure your private cloud such that it can use an additional subnet as a floating IP pool in your OpenStack environment.

First, you need to prepare some things with the OpenVSwitch bridges:

Since usually there is only one physical network available, which is connected to 'br0', we need to add a patch-connection from br0 to an additional bridge that we will use for our new subnet.

In our example, we simply call that additional bridge "br2".

Creation of the interface:

root@controller # ovs-vsctl add-br br2

When creating the patch connection, we call the endpoints "patch2-0"/"patch0-2" to document their intentions.

Then we define the other end of the patch as its 'peer'.

root@controller # ovs-vsctl add-port br2 patch2-0

root@controller # ovs-vsctl set interface patch2-0 type=patch

root@controller # ovs-vsctl set interface patch2-0 options:peer="patch0-2"

Then you need to also configure br0 in such a way that there is a patch interface peering with the other side.

root@controller # ovs-vsctl add-port br0 patch0-2

root@controller # ovs-vsctl set interface patch0-2 type=patch

root@controller # ovs-vsctl set interface patch0-2 options:peer="patch2-0"

Configuring OpenStack Neutron

Now that our bridge interfaces have been prepared, we can start to adapt the configuration of the OpenStack networking service:

In the file /etc/neutron/l3_agent.ini:

You need to set the directives for 'gateway_id' and 'network_bridge' to an empty string.

It is crucially important to use an empty string here! Simply deleting the directives or leaving them empty will cause the services to use unsuatable defaults!

gateway_external_network_id = ''

external_network_bridge = ''

In /etc/neutron/plugins/openvswitch-agent.ini:

We define to neutron that there now is an additional physical network, which in this example, we will simply call 'external2' and we state on which bridge neutron should look for it:

bridge_mappings =external:br0,external2:br2

Afterwards we configure the additional subnet parallel to https://wiki.hetzner.de/index.php/Zusaetzliche_IP-Adressen but use br2 as our interface name instead.

Finally we can create the network as an entity inside our OpenStack installation.

In this example we simply connect to our controller node and used the convenience scripts deployed there:

root@controller # source $HOME/adminrc.sh

root@controller # neutron net-create external2 -- --router:external=True --provider:network_type=flat --provider:physical_network=external2

root@controller # neutron subnet-create --disable-dhcp external2 <CIDR>

Replace the placeholders <CIDR> with the actual CIDR notation of your new subnet e.g. 178.63.197.224/29.

Now you should be able to create additional, virtual routers from your dashboad and connect them to the 'external2' network and assign floating IPs to instances behind that router.

If you use several routers routing to the same internal network, please make sure to adjust the routes that your affected instances use. Alternatively, you can configure specific static routes!



© 2018. Hetzner Online GmbH. Alle Rechte vorbehalten.