openstack neutron service chaining and insertion

Report

Tags:

Post on 29-Jun-2015

2.040 Views

Category:

Technology

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

TRANSCRIPT

OpenStack Neutron Service Insertion and Chaining

Icehouse Summit Nov 2013

Sumit Naiksatam, Kanzhe Jiang

Resource Model

Service Insertion Context and different insertion modes

Service Insertion Context

L3 insertion

L3 Insertion

L3 Insertion

L3 Insertion

L2 Insertion

Bump in the Wire

Tap

Service Chain Resource

Create and insert individual service

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list

-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

Create service instance (firewall in this case)

$ neutron firewall-create <firewall_policy_id>

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA \ --insertion-context router_id=<router_id>

Create a Service Chain

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

$ neutron service-chain-provider-list

-----------------------------------------------| Chain Name | Services ||----------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] |-----------------------------------------------

Create each service in the eventual chain

$ neutron firewall-create <firewall_policy_id> \ --provider IPTables \ –-in-chain True \ … … …

$ neutron vpn-service-create \ --provider OpenSwan \ –-in-chain True \ … … …

Create chain

$ neutron service-chain-create \ --provider Firewall-VPN-Ref-Chain \ --services <firewall_instance_id, vpn_instance_id> \ --name my_fw_vpn_chain \ --source-insertion-context --router_id=<router_id> … … …

top related

mario car openstack service function chaining interface
Documents
cybera one® · (nfv) cloud. providing centralized...
Documents
backward chaining forward chaining dan …
Documents
overcoming openstack obstacles in vcpe - wind...
Documents
backward chaining
Documents
backward chaining hamster
Documents
delivering standard openstack security nfv service ......
Documents
onos update...application stores & primitives cord virtual...
Documents
dynamic service chaining -...
Documents
climb – chaining operators - report
Technology
state of the opendaylight union - · pdf file• ovsdb...
Documents
a-la-carte application deployment and service insertion for...
Technology
service chaining for nfv and delivery of other...
Documents
forward chaining in halo
Technology
openstack orchestrated service chaining · openstack...
Documents
backward n forward chaining
Documents
chaining operator in climb - blog.vjeux.com · climb...
Documents
service function chaining in openstack neutron
Technology
hash table [chaining]
Documents
getting started as an upstream contributor sept. 2018...
Documents