Book Image

Mastering OpenStack

By : Omar Khedher
Book Image

Mastering OpenStack

By: Omar Khedher

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Mastering OpenStack
Omar Khedher
Jul, 2015 | 400 pages
No titles found
Table of Contents (18 chapters)
Mastering OpenStack
Mastering OpenStack
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Designing OpenStack Cloud Architecture
Designing OpenStack Cloud Architecture
OpenStack – think again
Introducing the OpenStack logical architecture
Gathering the pieces and building a picture
A sample architecture setup
Summary
2
Deploying OpenStack – DevOps and OpenStack Dual Deal
Deploying OpenStack – DevOps and OpenStack Dual Deal
DevOps in a nutshell
Eat the elephant
Summary
3
Learning OpenStack Clustering – Cloud Controllers and Compute Nodes
Learning OpenStack Clustering – Cloud Controllers and Compute Nodes
Understanding the art of clustering
Divide and conquer
Summary
4
Learning OpenStack Storage – Deploying the Hybrid Storage Model
Learning OpenStack Storage – Deploying the Hybrid Storage Model
Understanding the storage types
Cooking Swift
Choosing the storage
Summary
5
Implementing OpenStack Networking and Security
Implementing OpenStack Networking and Security
The story of an API
Security groups
Firewall as a Service
Summary
6
OpenStack HA and Failover
OpenStack HA and Failover
HA under the scope
Measuring HA
Summary
7
OpenStack Multinode Deployment – Bringing in Production
OpenStack Multinode Deployment – Bringing in Production
Confirming the multinode setup
The network topology
The OpenStack deployment
Summary
8
Extending OpenStack – Advanced Networking Features and Deploying Multi-tier Applications
Extending OpenStack – Advanced Networking Features and Deploying Multi-tier Applications
Navigating through Neutron
Summary
9
Monitoring OpenStack – Ceilometer and Zabbix
Monitoring OpenStack – Ceilometer and Zabbix
Telemetry in OpenStack – Ceilometer
Ceilometer and heat
Arming OpenStack monitoring
Summary
10
Keeping Track for Logs – Centralizing Logs with Logstash
Keeping Track for Logs – Centralizing Logs with Logstash
Tackling logging
Two eyes are better than one eye
Summary
11
Tuning OpenStack Performance – Advanced Configuration
Tuning OpenStack Performance – Advanced Configuration
Pushing the limits of the database
Stressing RabbitMQ
Benchmarking OpenStack at scale
Summary
Index
Index

Chapter 5. Implementing OpenStack Networking and Security

 

"To have security, plan ahead."

 
 --A Sicilian Proverb

The first networking concepts in OpenStack introduced you to some easy ways to manage networking by the means of the nova-network daemon. Different network providers such as FlatManager, FlatDHCPManager, and VlanManager are used to construct the network configurations for the internal and external OpenStack networks. These network managers eventually included a bridging tool as a default gateway for instances in a compute node.

On the other hand, for management and security reasons, it might be considered limited for the following reasons:

  • Flat network: This is a single IP pool and layer 2 domain without tenant isolation

  • VLAN network: This requires manual VLAN configuration on the layer 2 device (switch) for port tagging and trunking

You might have noticed the different existing networks that were deployed in a large OpenStack infrastructure and the need to isolate traffic for better...

Previous Section
End of Section 1
Next Section