Learning OpenStack Networking
eBook - ePub

Learning OpenStack Networking

Build a solid foundation in virtual networking technologies for OpenStack-based clouds, 3rd Edition

  1. 462 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Learning OpenStack Networking

Build a solid foundation in virtual networking technologies for OpenStack-based clouds, 3rd Edition

Book details
Book preview
Table of contents
Citations

About This Book

Discover the basics of virtual networking in OpenStack to implement various cloud network architectures

Key Features

  • Learn the difference between Open vSwitch and Linux bridge switching technologies
  • Connect virtual machine instances to virtual networks, subnets, and ports
  • Implement virtual load balancers, firewalls, and routers in your network

Book Description

OpenStack Networking is a pluggable, scalable, and API-driven system to manage physical and virtual networking resources in an OpenStack-based cloud. Like other core OpenStack components, OpenStack Networking can be used by administrators and users to increase the value and maximize the use of existing datacenter resources. This third edition of Learning OpenStack Networking walks you through the installation of OpenStack and provides you with a foundation that can be used to build a scalable and production-ready OpenStack cloud.

In the initial chapters, you will review the physical network requirements and architectures necessary for an OpenStack environment that provide core cloud functionality. Then, you'll move through the installation of the new release of OpenStack using packages from the Ubuntu repository. An overview of Neutron networking foundational concepts, including networks, subnets, and ports will segue into advanced topics such as security groups, distributed virtual routers, virtual load balancers, and VLAN tagging within instances.

By the end of this book, you will have built a network infrastructure for your cloud using OpenStack Neutron.

What you will learn

  • Get familiar with Neutron constructs, including agents and plugins
  • Build foundational Neutron resources to provide connectivity to instances
  • Work with legacy Neutron routers and troubleshoot traffic through them
  • Explore high-availability routing capabilities utilizing Virtual Router Redundancy Protocol (VRRP)
  • Create and manage load balancers and associated components
  • Manage security groups as a method of securing traffic to and from instances

Who this book is for

If you are an OpenStack-based cloud operator and administrator who is new to Neutron networking and wants to build your very own OpenStack cloud, then this book is for you.Prior networking experience and a physical server and network infrastructure is recommended to follow along with concepts demonstrated in the book.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Learning OpenStack Networking by James Denton in PDF and/or ePUB format, as well as other popular books in Computer Science & Cloud Computing. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2018
ISBN
9781788399364
Edition
3
Topic
Computer Science
Subtopic
Cloud Computing
Index
Computer Science

Creating Standalone Routers with Neutron

Neutron enables users to build routers that provide connectivity between networks created by users and external networks. In a reference implementation, the Neutron L3 agent provides IP routing and network address translation for virtual machine instances within the cloud by utilizing network namespaces to provide isolated routing instances. By creating networks and attaching them to routers, users can expose connected virtual machine instances and their applications to the internet.
Prior to the Juno release of OpenStack, users were limited to building standalone routers that acted as single points of failure in the network stack. Since the advent of distributed virtual routers in Juno and beyond, standalone routers are now referred to as legacy routers. While the preference may be to provide resiliency in the form of highly-available or distributed virtual routers, standalone routers provide the simplest implementation of the three options.
In previous chapters, we discovered the difference between provider and self-service project networks and demonstrated the process of booting an instance and connecting it to the network. In this chapter, we will work through the following:
  • Installing and configuring the L3 agent
  • Creating an external provider network
  • Creating a standalone router in the CLI and Horizon dashboard
  • Attaching a router to both external and tenant networks
  • Booting instances
  • Demonstrating instance and namespace connectivity using Linux bridges
  • Demonstrating SNAT and DNAT functionality provided by floating IPs

Routing traffic in the cloud

In a reference implementation, virtual routers created in Neutron exist as network namespaces that reside on nodes running the Neutron L3 agent service. A virtual router is often connected to a single external provider network and one or more project networks. The router interfaces connected to those networks can be identified as follows:
  • qg: Gateway interface
  • qr: Router interface
Neutron routers are responsible for providing inbound and outbound connectivity to and from project networks through the use of Network Address Translation, or NAT. The following diagram shows how a router namespace may be connected to multiple bridges in a Linux bridge-based implementation:
The preceding diagram demonstrates a Neutron router connected to multiple bridges in a Linux bridge-based implementation. In an Open vSwitch-based implementation, the router's interfaces are connected directly to the integration bridge. Traffic from project networks is routed in through qr interfaces and out the qg interface onto the external network. Routing tables within the namespace dictate how traffic is routed, and iptables rules dictate how traffic is translated, if necessary.
More on creating and configuring standalone Neutron routers, along with examples on how they are connected to the network and provide connectivity to instances, can be found later on in this chapter.

Installing and configuring the Neutron L3 agent

To install the Neutron L3 agent, run the following command on the controller01 node:
# apt install neutron-l3-agent
Neutron stores the L3 agent configuration in the /etc/neutron/l3_agent.ini file. The most common configuration options will be covered in the following subsections.

Defining an interface driver

The Neutron L3 agent must be configured to use an interface driver that corresponds to the chosen mechanism driver. In a reference implementation, that can be either the Linux bridge or Open vSwitch drivers. In this environment, the linux bridge driver will be installed on controller01.
On the controller01 node, update the Neutron L3 agent configuration file at /etc/neutron/l3_agent.ini and specify the following Linux bridge interface driver for this particular environment:
[DEFAULT]
...
interface_driver = linuxbridge
For your reference, the following can be used when the network node hosting routers is configured for Open vSwitch:
[...

Table of contents

  1. Title Page
  2. Copyright and Credits
  3. Packt Upsell
  4. Contributors
  5. Preface
  6. Introduction to OpenStack Networking
  7. Installing OpenStack
  8. Installing Neutron
  9. Virtual Network Infrastructure Using Linux Bridges
  10. Building a Virtual Switching Infrastructure Using Open vSwitch
  11. Building Networks with Neutron
  12. Attaching Instances to Networks
  13. Managing Security Groups
  14. Role-Based Access Control
  15. Creating Standalone Routers with Neutron
  16. Router Redundancy Using VRRP
  17. Distributed Virtual Routers
  18. Load Balancing Traffic to Instances
  19. Advanced Networking Topics
  20. Other Books You May Enjoy