Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying OpenStack Networking Essentials
  • Table Of Contents Toc
  • Feedback & Rating feedback
OpenStack Networking Essentials

OpenStack Networking Essentials

By : James Denton, Chamorro
5 (3)
Buy this Book
close
close
OpenStack Networking Essentials

OpenStack Networking Essentials

5 (3)
By: James Denton, Chamorro
Buy this Book

Overview of this book

The OpenStack Networking API offers users the ability to create and manage both basic and complex network architectures that blend the virtual and physical network infrastructure. This book kicks off by describing various components of Openstack Neutron and installing Ubuntu OpenStack based on Canonical's process. Further on, you will use various methods to interface with Neutron to create and manage network resources. You will also get to grips with the relationship between ports, networks, and subnets through diagrams and explanations, and see how the logical components are implemented via plugins and agents. Moving forward, you will learn how virtual switches are implemented and how to build Neutron routers. You will also configure networks, subnets, and routers to provide connectivity to instances using simple examples. At the end, you will configure and manage security groups, and will observe how these rules translate to iptables rules on the host machines. By the end of the book, you will be able to build basic network architectures using Neutron networks and routers in no time.
Table of Contents (11 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. OpenStack Networking Components – an Overview
chevron up
Icon
1. OpenStack Networking Components – an Overview
Icon
Features of OpenStack Networking
Icon
The OpenStack architecture
Icon
A reference architecture
Icon
Summary
2
2. Installing OpenStack Using RDO
Icon
2. Installing OpenStack Using RDO
Icon
System requirements
Icon
The initial network configuration
Icon
Initial steps
Icon
Install RDO using Packstack
Icon
Download RDO
Icon
Additional installation tasks
Icon
Summary
3
3. Neutron API Basics
Icon
3. Neutron API Basics
Icon
Networks
Icon
Subnets
Icon
Ports
Icon
The Neutron workflow
Icon
Summary
4
4. Interfacing with Neutron
Icon
4. Interfacing with Neutron
Icon
Using the Horizon dashboard
Icon
Using the Neutron client
Icon
Summary
5
5. Switching
Icon
5. Switching
Icon
The basics of switching in OpenStack
Icon
A look at our environment
Icon
Summary
6
6. Routing
Icon
6. Routing
Icon
The basics of routing in Neutron
Icon
Types of routers
Icon
Managing routers in the dashboard
Icon
Managing routers with the Neutron client
Icon
Examining the routers
Icon
Summary
7
7. Building Networks and Routers
Icon
7. Building Networks and Routers
Icon
Using provider networks
Icon
Using a Neutron router
Icon
Summary
8
8. Security Group Fundamentals
Icon
8. Security Group Fundamentals
Icon
Security groups in OpenStack
Icon
Managing security groups
Icon
Port security
Icon
Summary
9
A. Configuring VirtualBox
Icon
A. Configuring VirtualBox
Icon
Configuring VirtualBox networking
Icon
Creating a virtual machine
Icon
Configuring a virtual machine
Icon
Installing the CentOS operating system
Icon
Configuring virtual machine networking
Icon
Accessing a virtual machine over SSH
10
Index
Icon
Index

Features of OpenStack Networking

Many cloud environments rely on virtual compute technologies made available by hypervisors such as Kernel-based Virtual Machine (KVM), Xen, and Hyper-V, among many others. Neutron's core purpose is to connect virtual machine instances to a virtual network spanning the cloud and connect the virtual network to the physical network infrastructure. The containerization of applications made possible by Linux Containers (LXC), Docker, and other container technologies means that Neutron should also be responsible for providing network connectivity and features to containers in the future.

Neutron relies on the use of its pluggable and extensible architecture to construct and configure virtual and physical network resources. Many physical devices, such as switches, routers, firewalls, and load balancers, are implemented in software in reference implementations. A reference implementation is one that relies on the use of plugins, drivers, and agents made available for free by the Neutron community. A common reference plugin is the Modular Layer 2 (ML2) plugin, which is used to define a logical networking framework that agents can use to construct the virtual network. Common reference agents include the Open vSwitch (OVS) and Linux bridge agents, which are used to construct their respective virtual switching infrastructures based on networks that users have defined with the Neutron API.

Switching

In a reference implementation, Neutron relies on virtual bridges and switches to connect virtual instances, containers, and other network resources to the network. Neutron includes support for standard Linux bridges and virtual switches created with OVS. OVS is an open source virtual switch that supports dozens of technologies and protocols, including NetFlow, Switch port Analyzer (SPAN), Remote SPAN (RSPAN), Link Aggregation Control Protocol (LACP), and 802.1q VLAN tagging. However, much of its extended functionality and features are not exposed to users through the OpenStack API. Neutron also supports the use of overlay networking technologies such as Generic Routing Encapsulation (GRE) and Virtual Extensible LAN (VXLAN), among others, to connect virtual bridges and switches across nodes to one another over a common network. More information on how Neutron leverages virtual switching technologies can be found in Chapter 5, Switching.

Routing

Neutron provides routing and network address translation capabilities that allow instances and other virtual network devices to access networks other than their own. When a user creates a virtual network, that network is isolated from all other networks. Users can create virtual routers and attach one or more virtual networks to a router. Once attached, devices in the network are capable of communicating with other attached networks and, in some cases, remote networks such as the Internet. Neutron also provides inbound connectivity through the use of floating IPs. A floating IP is a 1-to-1 relationship between the instance on the virtual network and an IP address on a real network. More information on various routing features of Neutron can be found in Chapter 6, Routing.

Advanced networking features

Neutron includes support for networking technologies such as load balancers, firewalls, and virtual private networks, and has software-based reference implementations for each of these technologies, using software such as HAProxy, iptables, StrongSwan, and OpenSwan. The Neutron API can be used to construct logical models that are then implemented by various plugins and agents across the cloud. The networking features discussed in this subsection will not be covered in detail in this book, but they are important features of Neutron networking.

Load balancing

Load Balancing as a Service (LBaaS) provides users with the ability to create and manage load balancers that balance traffic across multiple virtual machine instances. Users can create monitors, set connection limits, apply persistence profiles to traffic traversing a load balancer, and more. The reference plugin uses HAProxy as the software load balancer, but plugins exist that allow Neutron to interface with physical load balancers from vendors such as Citrix, F5, Radware, and others.

Firewalling

Firewall as a Service (FWaaS) provides users the ability to create and manage firewalls that filter traffic to and from virtual machine instances and other network devices. The reference plugin implements virtual firewalls inside existing Neutron routers using iptables, and third-party plugins exist that allow Neutron to interface with physical firewalls.

Virtual private networks

Virtual Private Network as a Service (VPNaaS) provides users with the ability to create site-to-site Internet Protocol Security (IPSec) tunnels between Neutron routers and other VPN gateways. The reference plugin implements IPSec connections inside existing Neutron routers using software such as StrongSwan or OpenSwan, and third-party plugins exist that allow Neutron to interface with physical VPN gateway devices.

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
OpenStack Networking Essentials
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon