SlideShare a Scribd company logo

Calico and how interprets neutron api

Download as PPT, PDF
D.Rajesh Kumar
D.Rajesh Kumar

Calico and how interprets neutron api

Technology
1 of 10
Calico and how Interprets Neutron API Rajesh Kumar
2 What is Neutron API / Networking API The Networking API / Neutron API is a ReSTful HTTP service that uses all aspects of the HTTP protocol including methods, URIs, media types, response codes, and so on. Providers can use existing features of the protocol including caching, persistent connections, and content compression. For example, providers who employ a caching layer can respond with a 203 code instead of a 200 code when a request is served from the cache. Additionally, providers can offer support for conditional GET requests by using ETags, or they may send a redirect in response to a GET request. Create clients so that these differences are accounted for.
3 Networks Networks are the basic networking concept in Neutron. A Neutron network is considered to be roughly equivalent to a physical network in terms of function: it defines a single layer 2 connectivity graph. In vanilla Neutron, these can map to the underlay network in various ways, either by being encapsulated over it or by being directly mapped to it. Generally speaking, Neutron networks can be created by all tenants. The administrator tenant will generally create some public Neutron networks that map to the underlay physical network directly for providing floating IPs: other tenants will create their own private Neutron networks as necessary.
4 Networks In Calico, because all traffic is L3 and routed, the role of Neutron network as L2 connectivity domain is not helpful. Therefore, in Calico, Neutron networks are simply containers for subnets. Best practices for operators configuring Neutron networks in Calico deployments can be found in this document. It is not useful for non-administrator tenants to create their own Neutron networks. Although Calico will allow non-administrator tenants to create Neutron networks, generally speaking administrators should use Neutron quotas to prevent non- administrator tenants from doing this. Network creation events on the API are no-op events in Calico: a positive (2XX) response will be sent but no programming will actually occur.
5 Extended Attributes: Provider Networks Neutron Provider networks are not used in Calico deployments. Setting provider network extended attributes will have no effect. See this document to understand why Neutron provider networks are not needed. Subnets Neutron subnets are child objects of Neutron networks. In vanilla Neutron, a subnet is a collection of IP addresses and other network configuration (e.g. DNS servers) that is associated with a single Neutron network. A single Neutron network may have multiple Neutron subnets associated with it. Each Neutron subnet represents either an IPv4 or IPv6 block of addresses. Best practices for configuring Neutron subnets in Calico deployments can be found here. In Calico, these roles for the Neutron subnet are preserved in their entirety. All properties associated with these Neutron subnets are preserved and remain meaningful except for: host_routes These have no effect, as the compute nodes will route traffic immediately after it egresses the VM.
6 Ports In vanilla Neutron, a port represents a connection from a VM to a single layer 2 Neutron network. Obviously, the meaning of this object changes in a Calico deployment: instead, a port is a connection from a VM to the shared layer 3 network that Calico builds in Neutron. All properties on a port work as normal, except for the following: network_id The network ID still controls which Neutron network the port is attached to, and therefore still controls which Neutron subnets it will be placed in. However, as per the note above, the Neutron network that a port is placed in does not affect which machines in the deployment it can contact.
7 Security Groups Security groups in vanilla OpenStack provide packet filtering processing to individual ports. They can be used to limit the traffic a port may issue. In Calico, security groups have all the same function. Additionally, they serve to provide the connectivity-limiting function that in vanilla OpenStack is provided by Neutron networks. All the attributes of security groups remain unchanged in Calico.
8 Security Groups Layer 3 Routing: Routers and Floating Ips Layer 3 routing objects are divided into two categories: routers and floating IPs. Neither of these objects are supported by Calico: they simply aren’t required. For more information, see this document. Any attempt to create these objects will fail, as Calico does not set up any Neutron L3 Agents. LBaaS (Load Balancer as a Service) Load Balancer as a Service does not function in a Calico network. Any attempt to create one will fail. Note: It is possible that in a future version of Calico LBaaS may be functional. Watch this space.
THANK YOU
THANK YOU

Recommended

Calico and simple policy
Calico and simple policyCalico and simple policy
Calico and simple policyAnirban Sen Chowdhary
 
Calico and open shift
Calico and open shiftCalico and open shift
Calico and open shiftAnirban Sen Chowdhary
 
Project Proposal: Internet of Things uxing XMPP
Project Proposal: Internet of Things uxing XMPPProject Proposal: Internet of Things uxing XMPP
Project Proposal: Internet of Things uxing XMPPsystmkor
 
Calico and juju
Calico and jujuCalico and juju
Calico and jujuAnirban Sen Chowdhary
 
28 11 sep17 14aug 8386 9970-1-ed(edit)
28 11 sep17 14aug 8386 9970-1-ed(edit)28 11 sep17 14aug 8386 9970-1-ed(edit)
28 11 sep17 14aug 8386 9970-1-ed(edit)IAESIJEECS
 
Calico and stars policy
Calico and stars policyCalico and stars policy
Calico and stars policyAnirban Sen Chowdhary
 
I psec cisco
I psec ciscoI psec cisco
I psec ciscoDeepak296
 
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...IDES Editor
 

Recommended

Calico and simple policy
Calico and simple policyCalico and simple policy
Calico and simple policyAnirban Sen Chowdhary
 
Calico and open shift
Calico and open shiftCalico and open shift
Calico and open shiftAnirban Sen Chowdhary
 
Project Proposal: Internet of Things uxing XMPP
Project Proposal: Internet of Things uxing XMPPProject Proposal: Internet of Things uxing XMPP
Project Proposal: Internet of Things uxing XMPPsystmkor
 
Calico and juju
Calico and jujuCalico and juju
Calico and jujuAnirban Sen Chowdhary
 
28 11 sep17 14aug 8386 9970-1-ed(edit)
28 11 sep17 14aug 8386 9970-1-ed(edit)28 11 sep17 14aug 8386 9970-1-ed(edit)
28 11 sep17 14aug 8386 9970-1-ed(edit)IAESIJEECS
 
Calico and stars policy
Calico and stars policyCalico and stars policy
Calico and stars policyAnirban Sen Chowdhary
 
I psec cisco
I psec ciscoI psec cisco
I psec ciscoDeepak296
 
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...
Attack Robustness and Security Enhancement with Improved Wired Equivalent Pro...IDES Editor
 
World Connect Training
World Connect TrainingWorld Connect Training
World Connect TrainingShrikant Bhavsar
 
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...AM Publications,India
 
OpenStack Security Project
OpenStack Security ProjectOpenStack Security Project
OpenStack Security ProjectTravis McPeak
 
Shmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security BriefShmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security Briefopenfly
 
Set review 1
Set review 1Set review 1
Set review 1Ankita Mandekar
 
Developing an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the ScratchDeveloping an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the ScratchFIWARE
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measureShivam Singh
 
WPA2
WPA2WPA2
WPA2Mshari Alabdulkarim
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpnsharetech
 
_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4Laura Taylor
 
Vpn(4)
Vpn(4)Vpn(4)
Vpn(4)Suraj Kumar
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013brian_chong
 
Detection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inFinalyear Projects
 
OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsGiuseppe Paterno'
 
Holistic Security for OpenStack Clouds
Holistic Security for OpenStack CloudsHolistic Security for OpenStack Clouds
Holistic Security for OpenStack CloudsMajor Hayden
 
Virtualization
VirtualizationVirtualization
VirtualizationShivam Singh
 
Distributed private key generator in ibc
Distributed private key generator in ibcDistributed private key generator in ibc
Distributed private key generator in ibcLokesh Gopu
 
Security Issues in OpenStack
Security Issues in OpenStackSecurity Issues in OpenStack
Security Issues in OpenStackoldbam
 
Lattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdfLattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdfBijanBurnard
 
SDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologySDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologyIRJET Journal
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsThomas Morin
 

More Related Content

What's hot

Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...AM Publications,India
 
OpenStack Security Project
OpenStack Security ProjectOpenStack Security Project
OpenStack Security ProjectTravis McPeak
 
Shmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security BriefShmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security Briefopenfly
 
Developing an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the ScratchDeveloping an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the ScratchFIWARE
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measureShivam Singh
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4Laura Taylor
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013brian_chong
 
Detection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inFinalyear Projects
 
OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsGiuseppe Paterno'
 
Holistic Security for OpenStack Clouds
Holistic Security for OpenStack CloudsHolistic Security for OpenStack Clouds
Holistic Security for OpenStack CloudsMajor Hayden
 
Distributed private key generator in ibc
Distributed private key generator in ibcDistributed private key generator in ibc
Distributed private key generator in ibcLokesh Gopu
 
Security Issues in OpenStack
Security Issues in OpenStackSecurity Issues in OpenStack
Security Issues in OpenStackoldbam
 

What's hot (19)

World Connect Training
World Connect TrainingWorld Connect Training
World Connect Training
 
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...
 
OpenStack Security Project
OpenStack Security ProjectOpenStack Security Project
OpenStack Security Project
 
Shmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security BriefShmoocon 2013 - OpenStack Security Brief
Shmoocon 2013 - OpenStack Security Brief
 
Set review 1
Set review 1Set review 1
Set review 1
 
Developing an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the ScratchDeveloping an IoT System FIWARE Based from the Scratch
Developing an IoT System FIWARE Based from the Scratch
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
 
WPA2
WPA2WPA2
WPA2
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpn
 
_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4_Solve Cloud Packet Mysteries_4
_Solve Cloud Packet Mysteries_4
 
Vpn(4)
Vpn(4)Vpn(4)
Vpn(4)
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013
 
Detection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks in
 
OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond Firewalls
 
Holistic Security for OpenStack Clouds
Holistic Security for OpenStack CloudsHolistic Security for OpenStack Clouds
Holistic Security for OpenStack Clouds
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Distributed private key generator in ibc
Distributed private key generator in ibcDistributed private key generator in ibc
Distributed private key generator in ibc
 
Security Issues in OpenStack
Security Issues in OpenStackSecurity Issues in OpenStack
Security Issues in OpenStack
 

Similar to Calico and how interprets neutron api

Lattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdfLattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdfBijanBurnard
 
SDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologySDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologyIRJET Journal
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsThomas Morin
 
indroduction of rain technology
indroduction of rain technologyindroduction of rain technology
indroduction of rain technologynarayan dudhe
 
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET Journal
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013Edgar Magana
 
Openstack_administration
Openstack_administrationOpenstack_administration
Openstack_administrationAshish Sharma
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
Network Monitoring in the age of the Cloud
Network Monitoring in the age of the CloudNetwork Monitoring in the age of the Cloud
Network Monitoring in the age of the CloudAugusto Ciuffoletti
 
Openstack Workshop (Networking/Storage)
Openstack Workshop (Networking/Storage)Openstack Workshop (Networking/Storage)
Openstack Workshop (Networking/Storage)Affan Syed
 
Design and Simulation of Secure Network for University Campus
Design and Simulation of Secure Network for University CampusDesign and Simulation of Secure Network for University Campus
Design and Simulation of Secure Network for University Campusijtsrd
 
Performance analysis of container-based networking Solutions for high-perform...
Performance analysis of container-based networking Solutions for high-perform...Performance analysis of container-based networking Solutions for high-perform...
Performance analysis of container-based networking Solutions for high-perform...IJECEIAES
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack NetworkingPLUMgrid
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerLew Tucker
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayAliasgar Ginwala
 
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsCharacterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsLee Calcote
 

Similar to Calico and how interprets neutron api (20)

Lattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdfLattice Network Yellow Paper.pdf
Lattice Network Yellow Paper.pdf
 
SDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologySDN: A New Approach to Networking Technology
SDN: A New Approach to Networking Technology
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
 
indroduction of rain technology
indroduction of rain technologyindroduction of rain technology
indroduction of rain technology
 
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via FirewallIRJET- SDN Simulation in Mininet to Provide Security Via Firewall
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
 
OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013OpenStack Neutron Havana Overview - Oct 2013
OpenStack Neutron Havana Overview - Oct 2013
 
Openstack_administration
Openstack_administrationOpenstack_administration
Openstack_administration
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron Insights
 
A distributed virtual architecture for data centers
A distributed virtual architecture for data centersA distributed virtual architecture for data centers
A distributed virtual architecture for data centers
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
Network Monitoring in the age of the Cloud
Network Monitoring in the age of the CloudNetwork Monitoring in the age of the Cloud
Network Monitoring in the age of the Cloud
 
Openstack Workshop (Networking/Storage)
Openstack Workshop (Networking/Storage)Openstack Workshop (Networking/Storage)
Openstack Workshop (Networking/Storage)
 
Design and Simulation of Secure Network for University Campus
Design and Simulation of Secure Network for University CampusDesign and Simulation of Secure Network for University Campus
Design and Simulation of Secure Network for University Campus
 
Performance analysis of container-based networking Solutions for high-perform...
Performance analysis of container-based networking Solutions for high-perform...Performance analysis of container-based networking Solutions for high-perform...
Performance analysis of container-based networking Solutions for high-perform...
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
 
OpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew TuckerOpenStack and the Transformation of the Data Center - Lew Tucker
OpenStack and the Transformation of the Data Center - Lew Tucker
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a Boost
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebay
 
Interview questions
Interview questionsInterview questions
Interview questions
 
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsCharacterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
 

More from D.Rajesh Kumar

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0D.Rajesh Kumar
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)D.Rajesh Kumar
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020D.Rajesh Kumar
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10D.Rajesh Kumar
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedD.Rajesh Kumar
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019D.Rajesh Kumar
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019D.Rajesh Kumar
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangaloreD.Rajesh Kumar
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshD.Rajesh Kumar
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfacesD.Rajesh Kumar
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chefD.Rajesh Kumar
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stackD.Rajesh Kumar
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULED.Rajesh Kumar
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionD.Rajesh Kumar
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlightsD.Rajesh Kumar
 

More from D.Rajesh Kumar (20)

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdated
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangalore
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_Rajesh
 
Calico and container
Calico and containerCalico and container
Calico and container
 
Calico docker+ipam
Calico docker+ipamCalico docker+ipam
Calico docker+ipam
 
Calico architecture
Calico architectureCalico architecture
Calico architecture
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfaces
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chef
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stack
 
Calico with docker
Calico with dockerCalico with docker
Calico with docker
 
Object Store in Mule
Object Store in MuleObject Store in Mule
Object Store in Mule
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULE
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration Solution
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlights
 

Recently uploaded

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Calico and how interprets neutron api

  • 1. Calico and how Interprets Neutron API Rajesh Kumar
  • 2. 2 What is Neutron API / Networking API The Networking API / Neutron API is a ReSTful HTTP service that uses all aspects of the HTTP protocol including methods, URIs, media types, response codes, and so on. Providers can use existing features of the protocol including caching, persistent connections, and content compression. For example, providers who employ a caching layer can respond with a 203 code instead of a 200 code when a request is served from the cache. Additionally, providers can offer support for conditional GET requests by using ETags, or they may send a redirect in response to a GET request. Create clients so that these differences are accounted for.
  • 3. 3 Networks Networks are the basic networking concept in Neutron. A Neutron network is considered to be roughly equivalent to a physical network in terms of function: it defines a single layer 2 connectivity graph. In vanilla Neutron, these can map to the underlay network in various ways, either by being encapsulated over it or by being directly mapped to it. Generally speaking, Neutron networks can be created by all tenants. The administrator tenant will generally create some public Neutron networks that map to the underlay physical network directly for providing floating IPs: other tenants will create their own private Neutron networks as necessary.
  • 4. 4 Networks In Calico, because all traffic is L3 and routed, the role of Neutron network as L2 connectivity domain is not helpful. Therefore, in Calico, Neutron networks are simply containers for subnets. Best practices for operators configuring Neutron networks in Calico deployments can be found in this document. It is not useful for non-administrator tenants to create their own Neutron networks. Although Calico will allow non-administrator tenants to create Neutron networks, generally speaking administrators should use Neutron quotas to prevent non- administrator tenants from doing this. Network creation events on the API are no-op events in Calico: a positive (2XX) response will be sent but no programming will actually occur.
  • 5. 5 Extended Attributes: Provider Networks Neutron Provider networks are not used in Calico deployments. Setting provider network extended attributes will have no effect. See this document to understand why Neutron provider networks are not needed. Subnets Neutron subnets are child objects of Neutron networks. In vanilla Neutron, a subnet is a collection of IP addresses and other network configuration (e.g. DNS servers) that is associated with a single Neutron network. A single Neutron network may have multiple Neutron subnets associated with it. Each Neutron subnet represents either an IPv4 or IPv6 block of addresses. Best practices for configuring Neutron subnets in Calico deployments can be found here. In Calico, these roles for the Neutron subnet are preserved in their entirety. All properties associated with these Neutron subnets are preserved and remain meaningful except for: host_routes These have no effect, as the compute nodes will route traffic immediately after it egresses the VM.
  • 6. 6 Ports In vanilla Neutron, a port represents a connection from a VM to a single layer 2 Neutron network. Obviously, the meaning of this object changes in a Calico deployment: instead, a port is a connection from a VM to the shared layer 3 network that Calico builds in Neutron. All properties on a port work as normal, except for the following: network_id The network ID still controls which Neutron network the port is attached to, and therefore still controls which Neutron subnets it will be placed in. However, as per the note above, the Neutron network that a port is placed in does not affect which machines in the deployment it can contact.
  • 7. 7 Security Groups Security groups in vanilla OpenStack provide packet filtering processing to individual ports. They can be used to limit the traffic a port may issue. In Calico, security groups have all the same function. Additionally, they serve to provide the connectivity-limiting function that in vanilla OpenStack is provided by Neutron networks. All the attributes of security groups remain unchanged in Calico.
  • 8. 8 Security Groups Layer 3 Routing: Routers and Floating Ips Layer 3 routing objects are divided into two categories: routers and floating IPs. Neither of these objects are supported by Calico: they simply aren’t required. For more information, see this document. Any attempt to create these objects will fail, as Calico does not set up any Neutron L3 Agents. LBaaS (Load Balancer as a Service) Load Balancer as a Service does not function in a Calico network. Any attempt to create one will fail. Note: It is possible that in a future version of Calico LBaaS may be functional. Watch this space.