Whats new in Havana--Neutron

  • 3,021 views
Uploaded on

Part of the "What's New in Havana" Webinar, these slides show what's new in Neutron.

Part of the "What's New in Havana" Webinar, these slides show what's new in Neutron.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
3,021
On Slideshare
0
From Embeds
0
Number of Embeds
38

Actions

Shares
Downloads
50
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. What’s New In OpenStack Havana Webcast October 2013
  • 2. OpenStack Networking Neutron 16
  • 3. Neutron Firewall as a Service •  Perimeter firewall -- one per tenant (for now) •  Reference implementation via Open vSwitch and IPtables •  vArmor plugin 17
  • 4. Neutron Firewall as a Service (cont’d) •  Available via Horizon and CLI neutron firewall-rule-create --protocol <tcp|udp|icmp|any> --destination-port <port-range> --action <allow|deny> neutron firewall-policy-create --firewall-rules "<firewall-rule ids or names separated by space>" myfirewallpolicy neutron firewall-create <firewall-policy-uuid> 18
  • 5. Neutron Migrate L3-router service from mix-in to plug-in •  Previously baked into the core •  Server side moved out into a plug-in •  Now possible to replace with alternate implementation 19
  • 6. Neutron New Modular L2 (ML2) plug-in •  Currently monolithic plug-ins for each L2 agent (OVS, LinuxBridge, etc.) •  Single plug-in for all agents •  Works with existing agents •  Easier to add new L2 agents 20
  • 7. Neutron Interface driver support for Indigo Virtual Switch (IVS) •  IVS is a pure OpenFlow virtual switch •  Virtual interface (VIF) can be used to connect to both virtual and physical hardware switches (i.e., BigSwitch) •  Node must have IVS installed •  Can be used instead of Open vSwitch •  Kernelspace part is done by OVS 21