OpenStack Neutron Service Chaining and Insertion
Upcoming SlideShare
Loading in...5
×
 

OpenStack Neutron Service Chaining and Insertion

on

  • 1,664 views

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

Statistics

Views

Total Views
1,664
Views on SlideShare
1,663
Embed Views
1

Actions

Likes
1
Downloads
77
Comments
0

1 Embed 1

https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    OpenStack Neutron Service Chaining and Insertion OpenStack Neutron Service Chaining and Insertion Presentation Transcript

    • OpenStack Neutron Service Insertion and Chaining Icehouse Summit Nov 2013 Sumit Naiksatam, Kanzhe Jiang
    • Resource Model
    • Service Insertion Context and different insertion modes
    • Service Insertion Context
    • L3 insertion
    • L3 Insertion
    • L3 Insertion
    • L3 Insertion
    • L2 Insertion
    • Bump in the Wire
    • Tap
    • Service Chain Resource
    • Create and insert individual service
    • Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | -----------------------------------------------------
    • Create service instance (firewall in this case) $ neutron firewall-create <firewall_policy_id> OR $ neutron firewall-create <firewall_policy_id> --provider VendorA OR $ neutron firewall-create <firewall_policy_id> --provider VendorA --insertion-context router_id=<router_id>
    • Create a Service Chain
    • Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | ----------------------------------------------------$ neutron service-chain-provider-list ----------------------------------------------| Chain Name | Services | |---------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] | -----------------------------------------------
    • Create each service in the eventual chain $ neutron firewall-create <firewall_policy_id> --provider IPTables –-in-chain True … … … $ neutron vpn-service-create --provider OpenSwan –-in-chain True … … …
    • Create chain $ neutron service-chain-create --provider Firewall-VPN-Ref-Chain --services <firewall_instance_id, vpn_instance_id> --name my_fw_vpn_chain --source-insertion-context --router_id=<router_id> … … …