You are previewing Learning OpenStack Networking (Neutron).
O'Reilly logo
Learning OpenStack Networking (Neutron)

Book Description

Architect and build a network infrastructure for your cloud using OpenStack Neutron networking

In Detail

OpenStack provides a rich API that enables users to architect networks, create virtual machines, and scale their application as they see fit. However, it suffered limited network implementations, providing only basic networking through Linux VLANs and iptables. With the arrival of Neutron, you can achieve so much more with OpenStack. Whether you are new to OpenStack Networking (Neutron) or have experience, this book will provide you with the skills needed to successfully design, create, customize, and maintain the core network foundation of an OpenStack cloud using the Neutron networking API.

From start to finish, this tutorial will educate you on the various network features of OpenStack in the Havana release and how they work together. With ample screenshots, examples, and command-line output that provide a consistent experience, this book will give you a foundation from which you can build your very own OpenStack cloud with advanced networking services.

What You Will Learn

  • Architect and install the latest Havana release of OpenStack on CentOS
  • Review the components of OpenStack networking and see how they work together to coordinate network operations
  • Build a virtual switching infrastructure using Open vSwitch or LinuxBridge to provide Layer 2 connectivity to instances and other network resources
  • Create physical and virtual overlay networks and software routers to provide layer 3 connectivity to instances and other network resources
  • Scale your application using OpenStack Networking's LBaaS solution with the haproxy plugin
  • Secure your cloud using security groups and OpenStack Networking's FWaaS solution based on iptables
  • Navigate various OpenStack Networking features using the Horizon dashboard or the command-line interface
  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

    Table of Contents

    1. Learning OpenStack Networking (Neutron)
      1. Table of Contents
      2. Learning OpenStack Networking (Neutron)
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Downloading the color images of this book
          3. Errata
          4. Piracy
          5. Questions
      8. 1. Preparing the Network for OpenStack
        1. What is OpenStack Networking?
          1. Features of OpenStack Networking
            1. Switching
            2. Routing
            3. Load balancing
            4. Firewalling
            5. Virtual private networks
        2. Preparing the physical infrastructure
          1. Types of network traffic
            1. Management network
            2. API network
            3. External network
            4. Guest network
        3. Physical server connections
          1. Single interface
          2. Multiple interfaces
          3. Bonding
          4. Separating services across nodes
            1. A single controller with one or more compute nodes
            2. A single controller plus network node with one or more compute nodes
        4. Summary
      9. 2. Installing OpenStack
        1. System requirements
          1. Operating system requirements
          2. Initial network configuration
            1. Interface configuration
        2. Before you begin
          1. Permissions
          2. Configuring the OpenStack repository
          3. Installing OpenStack utilities
          4. Setting the hostnames
            1. Disabling SELinux
            2. Removing iptables rules
          5. Installing and configuring Network Time Protocol
          6. Upgrading the system
        3. Installation of OpenStack
          1. Installing and configuring the MySQL database server
          2. Installing the MySQL database client
          3. Installing and configuring the messaging server
          4. Installing and configuring the Identity service
            1. Defining users, tenants, and roles in Keystone
            2. Define services and API endpoints in Keystone
            3. Verify the Keystone installation
            4. Setting environment variables
          5. Installing and configuring the image service
            1. Define the Glance service and API endpoints in Keystone
            2. Verify the Glance image service installation
          6. Installing and configuring the Compute service
            1. Installing and configuring controller node components
            2. Installing and configuring compute node components
            3. Verify communication between services
          7. Installing the OpenStack dashboard
            1. Allowing connections to the dashboard
            2. Identifying the Keystone server
            3. Changing the listener address
            4. Testing connectivity to the dashboard
        4. Summary
      10. 3. Installing Neutron
        1. Basic Neutron constructs
          1. Overlapping networks using network namespaces
          2. Extending network functions with plugins
        2. Installing and configuring Neutron services
          1. Creating the Neutron database
          2. Configuring the Neutron user, role, and endpoint in Keystone
          3. Enabling packet forwarding
          4. Configuring Neutron to use Keystone
          5. Configuring Neutron to use a messaging service
          6. Configuring a root helper
          7. Configuring Nova to utilize Neutron networking
        3. Configuring Neutron services
          1. Configuring neutron-server
          2. Starting neutron-server
          3. Configuring the Neutron DHCP agent
          4. Starting the Neutron DHCP agent
          5. Configuring the Neutron metadata agent
          6. Configuring the Neutron L3 agent
          7. Configuring the Neutron LBaaS agent
          8. Using the Neutron command-line interface
        4. Summary
      11. 4. Building a Virtual Switching Infrastructure
        1. Providing layer 2 connectivity to instances
          1. Virtual network interfaces
          2. Bridging
          3. Configuring the bridge interface
        2. Types of networks in Neutron
        3. Choosing a networking plugin
          1. LinuxBridge
            1. Internal network connections when using LinuxBridge
              1. VLAN
              2. Flat
              3. Local
          2. Open vSwitch
            1. Internal network connections when using Open vSwitch
              1. Identifying ports on the virtual switch
              2. Identifying the local VLANs associated with ports
            2. Programming flow rules
              1. Flow rules for VLAN networks
              2. Flow rules for flat networks
              3. Flow rules for local networks
        4. Configuring a layer 2 networking plugin
          1. Configuring the LinuxBridge plugin
            1. Configuring Nova to use LinuxBridge
          2. Configuring the DHCP agent to use LinuxBridge
          3. LinuxBridge plugin configuration options
            1. Tenant network type
            2. Physical interface mappings
            3. Network VLAN ranges
            4. Firewall driver
            5. Restarting services
          4. Configuring the Open vSwitch plugin
            1. Configuring Neutron to use Open vSwitch
            2. Configuring Nova to use Open vSwitch
            3. Configuring the DHCP agent to use Open vSwitch
            4. Open vSwitch plugin configuration options
              1. Bridge mappings
                1. Configuring the bridges
              2. Tenant network type
              3. Network VLAN ranges
              4. Enable tunneling
              5. Tunnel type
              6. Tunnel ID ranges
              7. Integration bridge
              8. Tunnel bridge
              9. Local IP
                1. Configuring a virtual VLAN interface for overlay traffic
              10. Firewall driver
              11. Database
              12. Restarting services to enable the Open vSwitch plugin
        5. Summary
      12. 5. Creating Networks with Neutron
        1. Network management
          1. Managing networks in the CLI
            1. Creating a flat network in the CLI
            2. Creating a VLAN in the CLI
            3. Creating a local network in the CLI
            4. Listing networks in the CLI
            5. Showing network properties in the CLI
            6. Updating networks in the CLI
            7. Deleting networks in the CLI
          2. Creating networks in the dashboard
            1. Using the Admin tab as an administrator
            2. Using the Project tab as a user
          3. Subnets in Neutron
            1. Creating subnets in the CLI
            2. Creating a subnet in the CLI
            3. Listing subnets in the CLI
            4. Showing subnet properties in the CLI
            5. Updating a subnet in the CLI
          4. Creating subnets in the dashboard
            1. Using the Admin tab as an administrator
            2. Using the Project tab as a user
          5. Neutron ports
        2. Attaching instances to networks
          1. Attaching instances to networks using Nova boot
          2. Attaching and detaching network interfaces
          3. Adding secondary addresses to interfaces
        3. Exploring how instances get their addresses
        4. Exploring how instances retrieve their metadata
          1. Router namespace
          2. The DHCP namespace
            1. Adding a manual route to 169.254.169.254
            2. Using DHCP to inject the route
        5. Summary
      13. 6. Creating Routers with Neutron
        1. Configuring the Neutron L3 agent
          1. Defining an interface driver
          2. Setting the external network
          3. Setting the external bridge
          4. Enabling the metadata proxy
          5. Starting the Neutron L3 agent
        2. Router management in the CLI
          1. Creating routers in the CLI
          2. Working with router interfaces in the CLI
          3. Attaching internal interfaces to routers
          4. Attaching a gateway interface to a router
          5. Listing interfaces attached to routers
          6. Deleting internal interfaces
          7. Clearing the gateway interface
          8. Listing routers in the CLI
          9. Displaying router attributes in the CLI
          10. Updating router attributes in the CLI
            1. Deleting routers in the CLI
        3. Network Address Translation
          1. Floating IP addresses
        4. Floating IP Management
          1. Creating floating IPs in the CLI
          2. Associating floating IPs to ports in the CLI
          3. Listing floating IPs in the CLI
          4. Displaying floating IP attributes in the CLI
          5. Disassociating floating IPs in the CLI
          6. Deleting floating IPs in the CLI
        5. Demonstrating traffic flow from instance to Internet
          1. Setting the foundation
          2. Creating an external provider network
          3. Creating a Neutron router
          4. Attaching the router to the external network
          5. Testing gateway connectivity
          6. Creating an internal network
          7. Attaching the router to the internal network
          8. Creating instances
          9. Verifying instance connectivity
          10. Observing default NAT behavior
          11. Assigning floating IPs
          12. Reassigning floating IPs
        6. Router management in the dashboard
          1. Creating a router in the dashboard
          2. Attaching a gateway interface in the dashboard
          3. Attaching internal interfaces in the dashboard
          4. Viewing the network topology in the dashboard
          5. Associating floating IPs to instances in the dashboard
          6. Disassociating floating IPs in the dashboard
        7. Summary
      14. 7. Load Balancing Traffic in Neutron
        1. Fundamentals of load balancing
          1. Load balancing algorithms
          2. Monitoring
          3. Session persistence
        2. Integrating load balancers into the network
          1. Network namespaces
        3. Installing LBaaS
          1. Configuring the Neutron LBaaS agent service
            1. Define an interface driver
            2. Define a device driver
            3. Change the user group
          2. Define a service plugin
          3. Starting the Neutron LBaaS agent service
          4. Enabling LBaaS in Horizon
        4. Load balancer management in the CLI
          1. Managing pools in the CLI
            1. Creating a pool
            2. Deleting a pool
            3. Listing pools
            4. Showing pool details
            5. Showing pool statistics
            6. Updating a pool
            7. Listing pools associated with an agent
          2. Managing pool members in the CLI
            1. Creating pool members
            2. Deleting pool members
            3. Listing pool members
            4. Showing pool member details
            5. Updating a pool member
          3. Managing health monitors in the CLI
            1. Creating a health monitor
            2. Deleting a health monitor
            3. Associating a health monitor with a pool
            4. Disassociating a health monitor from a pool
            5. Listing health monitors
            6. Showing health monitor details
            7. Updating a health monitor
          4. Managing virtual IPs in the CLI
            1. Creating a virtual IP
            2. Deleting a virtual IP
            3. Listing virtual IPs
            4. Showing virtual IP details
            5. Updating a virtual IP
        5. Building a load balancer
          1. Creating a pool
          2. Creating pool members
          3. Creating a health monitor
          4. Creating a virtual IP
          5. The LBaaS network namespace
          6. Confirming load balancer functionality
            1. Observing health monitors
            2. Connecting to the virtual IP externally
        6. Load balancer management in the dashboard
          1. Creating a pool in the dashboard
          2. Creating pool members in the dashboard
          3. Creating health monitors in the dashboard
          4. Creating a virtual IP in the dashboard
            1. Connecting to the virtual IP externally
        7. Summary
      15. 8. Protecting Instances on the Network
        1. Security groups in OpenStack
        2. Firewall-as-a-service
        3. Introducing iptables
        4. Working with security groups
          1. Managing security groups in the CLI
            1. Creating security groups in the CLI
            2. Deleting security groups in the CLI
            3. Listing security groups in the CLI
            4. Showing the details of a security group in the CLI
            5. Updating security groups in the CLI
            6. Creating security group rules in the CLI
            7. Deleting security group rules in the CLI
            8. Listing security group rules in the CLI
            9. Showing the details of a security group rule in the CLI
            10. Applying security groups to instances in the CLI
          2. Implementing security group rules
            1. Stepping through the chains
          3. Working with security groups in the dashboard
        5. Working with FWaaS
          1. Preparing Neutron for FWaaS
            1. Configuring the FWaaS driver
            2. Defining a service plugin
            3. Enabling FWaaS in the dashboard
          2. Working with firewalls in the CLI
            1. Creating a firewall rule in the CLI
            2. Deleting a firewall rule in the CLI
            3. Listing firewall rules in the CLI
            4. Showing the details of a firewall rule in the CLI
            5. Updating a firewall rule in the CLI
            6. Creating a firewall policy in the CLI
            7. Deleting a firewall policy in the CLI
            8. Listing firewall policies in the CLI
            9. Showing the details of a firewall policy in the CLI
            10. Updating a firewall policy in the CLI
            11. Inserting rules into firewall policies in the CLI
            12. Removing rules from firewall policies in the CLI
            13. Creating a firewall in the CLI
            14. Deleting a firewall in the CLI
            15. Listing firewalls in the CLI
            16. Showing the details of a firewall in the CLI
            17. Updating a firewall in the CLI
          3. Working with firewalls in the dashboard
        6. Firewall rules – behind the scenes
          1. Stepping through the chains within the firewall
        7. Summary
      16. A. Additional Neutron Commands
        1. Neutron extensions
          1. Listing Neutron API extensions
          2. Showing the details of an API extension
        2. Virtual private networks
        3. Per-tenant quotas
          1. Listing the default quotas
          2. Updating tenant quotas
          3. Listing tenant quotas
          4. Deleting tenant quotas
        4. Cisco Nexus 1000V command reference
        5. VMware/Nicera command reference
      17. B. ML2 Configuration
        1. Installing the ML2 plugin
          1. Creating a database for ML2
            1. Configuring Neutron to use ML2
          2. Configuring service plugins
        2. Configuring the ML2 plugin
          1. Restarting Neutron services
      18. Index