In the fall of 2015, the OpenStack Foundation released the 12th version of OpenStack, code-named Liberty, to the public. Since its introduction as an open source project in 2010 by NASA and Rackspace, OpenStack has undergone significant improvements in its features and functionality and has matured into production-ready cloud software that powers workloads of all sizes throughout the world.
In 2012, the Folsom release of OpenStack introduced a standalone networking component, known then as Quantum. Now known as Neutron, the networking component of OpenStack provides cloud operators and users with an API to create and manage networks in the cloud. Neutron's extensible framework allows for third-party plugins and additional network services, such as load balancers, firewalls, and virtual private networks, to be deployed and managed.
As an architect and operator of hundreds of OpenStack-based private clouds since 2012, I have seen much of what OpenStack has to offer in terms of networking capabilities, and I have condensed what I feel are its most valuable and production-ready features to date into this book. Throughout this book, we will take a look at a few common network and service architectures and lay a foundation for deploying and managing OpenStack Networking, which will help you develop and sharpen your skills as an OpenStack cloud operator.
Chapter 1, Preparing the Network for OpenStack, provides an introduction to OpenStack Networking, including supported networking technologies and examples of how to architect the physical network to support an OpenStack cloud.
Chapter 2, Installing OpenStack, provides instructions to install the core components of the Kilo release of OpenStack on the Ubuntu 14.04 LTS operating system.
Chapter 3, Installing Neutron, explains how to install the Neutron networking components of OpenStack. We will also cover the internal architecture of Neutron, including the use of agents and plugins to orchestrate network connectivity.
Chapter 4, Building a Virtual Switching Infrastructure, helps you to install and configure the ML2 plugin to support both the LinuxBridge and Open vSwitch drivers and agents. We will also cover the architectural differences between the LinuxBridge and Open vSwitch drivers and agents and how they connect instances to the network.
Chapter 5, Creating Networks with Neutron, walks you through creating networks and subnets in the cloud, booting and attaching instances to networks, and exploring the process of obtaining DHCP leases and metadata.
Chapter 6, Managing Security Groups, examines the use of iptables to secure instance traffic at the compute node and walks you through creating and managing security groups and associated rules.
Chapter 7, Creating Standalone Routers with Neutron, walks you through creating standalone virtual routers and attaching them to networks, applying floating IPs to instances, and following the flow of traffic through a router to an instance.
Chapter 8, Router Redundancy Using VRRP, explores Virtual Routing Redundancy Protocol and its use in providing highly-available virtual routers.
Chapter 9, Distributed Virtual Routers, walks you through creating and managing virtual routers that are distributed across multiple nodes.
Chapter 10, Load Balancing Traffic to Instances, explores the fundamental components of a load balancer in Neutron, including virtual IPs, pools, pool members, and monitors, and walks you through creating and integrating a virtual load balancer into the network.
Chapter 11, Firewall as a Service, covers the creation and management of virtual firewalls, their associated policies and rules, and the integration of virtual firewalls in the network.
Chapter 12, Virtual Private Network as a Service, examines the fundamental concepts of IPSec-based virtual private networks and walks you through configuring and managing VPN connections that connect tenant networks to remote networks.
Appendix A, Additional Neutron Commands, briefly covers additional Neutron functionality that is outside the scope of this book, including commands related to Cisco 1000V, VMware NSX, and more.
Appendix B, Virtualizing the Environment, describes the process of deploying OpenStack across multiple virtual machines using VirtualBox virtualization software in case physical servers are not available to the reader. Examples are limited to VirtualBox 5 on Mac OS but can be adapted to other operating systems and releases if necessary.