The configuration of dedicated networks is distributed across all environments and the inventory and is summarized here.
Not necessarily all of these networks have to be separate physical or
VLAN networks. Only the external network defined by the host specific variable
neutron_external_interface should be a dedicated physical or VLAN network.
The following networks are used:
console network is used to access all nodes via SSH.
It is also used by some infrastructure and helper services like phpMyAdmin or
the web interface for ARA.
This network is defined by
console_interface in the host specific variable
file like so:
The internal network is used for communication between services located on different hosts. It is also used for traffic that has no dedicated network. Ansible playbooks also use this network to access target hosts.
The monitoring network normally shares the internal network. A separate network
for monitoring services related traffic can be configured at
Traffic between guest virtual machines on different compute nodes or between layer 3 networking components such as virtual routers are usually routed through VXLAN or GRE tunnels on the tunnel network.
Live migration of instances is performed over this network.
External API endpoints are accessible on the external API network. This network is reachable by consumers of the cloud services.
The external network connects virtual machines to the outside world.
This network is used for accessing Loadbalancer as a Service public endpoints.
The storage frontend network is the connection between ceph nodes and all other hosts which need access to storage services.
The storage backend network is the internal connection between ceph nodes.