...
PSNC-EXT-PUB1-EDU: This is the primary external network that provides connectivity to the public internet. It allows virtual machines to interact with external systems and services directly. This network is typically used for purposes that require public access, such as SSH connectivity, hosting web services, external APIs, or any service needing direct internet exposure.
- PSNC-EXT-IPV6-PUB2-EDU: This is IPv6 external networks that provides connectivity to the public internet using IPv6.
PSNC-INTERNAL-LAN: This network is designed for internal use and is accessible only through a secure VPN connection. It provides a private pool of floating IPs that are accessible via VPN only, allowing for secure internal communications and services that do not require to be exposed by public internet access.
PSNC-STORAGE-MANILA: Dedicated to storage operations, this network is specifically for managing and accessing shared file systems via the Manila service in OpenStack. PSNC-STORAGE-MANILA connects VMs to storage resources, providing high-performance access for data-intensive applications and persistent storage needs.
...
This section provides a guide on how to configure and use public networks in the PSNC OpenStack environment, covering the configuration of routers, reserving and assigning floating IPs, and setting up security rules to ensure secure and efficient connectivity for your virtual machines (VMs).
...
Configuring Routers and Connecting to Public Networks
To enable external connectivity for your internal networks, you need to configure a router and connect it to a public network, such as PSNC-EXT-PUB1-EDU.
Creating a Router: In OpenStack, routers connect your private internal network to an external public network. You can create a router via the OpenStack dashboard or CLI. This router will act as a gateway, allowing traffic to flow between your internal network and the public internet.
Connecting to an External Network: Once the router is created, connect its external interface to the public network (PSNC-EXT-PUB1-EDU). This connection is crucial for enabling floating IPs and allowing outbound traffic from VMs.
Connecting Internal Subnets: After configuring the external interface, you need to add your internal network (subnet) to the router. This step links your internal resources, like VMs, to the public network, making them accessible externally via floating IPs.
...
Reserving and Assigning Floating IPs
Floating IPs are required to expose a VM to the public internet using IPv4. These IPs are mapped to internal private IPs and enable your VMs to communicate externally. IPv6 addresses are exposed to the public without using floating ip.
Reserving a Floating IP: Floating IPs can be reserved from the PSNC-EXT-PUB1-EDU network using the OpenStack dashboard or CLI. Ensure you select the correct external network (PSNC-EXT-PUB1-EDU) when reserving the IP.
Assigning the IP to a VM: Once reserved, the floating IP must be associated with a VM. This process maps the public floating IP to the VM’s private IP, enabling external access. You can assign the IP to a specific network interface (port) on the VM, allowing it to communicate with external systems.
...
Security Rules
Security rules are essential to control the traffic flowing to and from your VMs. In OpenStack, security groups are used to define these rules.
...