Hello,
I’m struggling to understand how to configure my Subnets, Fabric, and Spaces in MAAS. The diagram shows the settings for one of the servers, but all servers have an identical setup. The MAAS server itself is a virtual machine on one of these servers.
Configurations
The goal is to deploy OpenStack in our lab network using MAAS and Juju. I have a set of Dell PowerEdge M620 blade servers, each with identical components and connections. Users should be able to access the OpenStack dashboard from the lab network, but should not have access to OpenStack’s internal network.
- The lab network is on VLAN 110, configured on the switch with IP 10.12.100.4. Other switches are connected to that switch. I don’t manage the uplink switches.
- VLAN 120 is configured on switch 10.12.100.1. Each server has one NIC on this VLAN.
- I created subnet 192.168.120.0/23 in MAAS, which MAAS fully controls. I plan to use this same subnet for OpenStack internal traffic. VLAN 120 is isolated and only exists on that switch; the lab network doesn’t see this subnet. This subnet is named
maas-subin MAAS. - To provide internet access for package downloads, I configured NAT using iptables on a Linux box. The gateway IP is 192.168.120.1.
The servers have other NICs, but let’s ignore those for now.
externalspace was created in MAAS and the lab network was added to it.internalspace was created andmaas-subwas added to it.
The Problem
Some services (e.g., Ceph OSD) are bound to internal, while others (e.g., Keystone) are bound to external. This causes issues because, on deployment, the machines end up with two gateways, leading to routing conflicts.
If I understand correctly, the lab network should not be managed by MAAS at all, since OpenStack’s networking services will handle that, right?
Can you suggest better ways to configure my subnets? Also, how should I handle machines that need to connect to both subnets to overcome the route issue?
Cheers!