What’s New In
OpenStack
Havana
Webcast
October 2013
OpenStack
Networking
Neutron
16
Neutron
Firewall as a Service

•  Perimeter firewall -- one per tenant (for now)
•  Reference implementation via Open vSwit...
Neutron
Firewall as a Service (cont’d)

•  Available via Horizon and CLI
neutron firewall-rule-create 
--protocol <tcp|udp...
Neutron
Migrate L3-router service from mix-in to plug-in

•  Previously baked into the core
•  Server side moved out into ...
Neutron
New Modular L2 (ML2) plug-in

•  Currently monolithic plug-ins for each L2 agent
(OVS, LinuxBridge, etc.)

•  Sing...
Neutron
Interface driver support for Indigo Virtual Switch (IVS)

•  IVS is a pure OpenFlow virtual switch
•  Virtual inte...
Upcoming SlideShare
Loading in …5
×

Whats new in Havana--Neutron

3,722 views

Published on

Part of the "What's New in Havana" Webinar, these slides show what's new in Neutron.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,722
On SlideShare
0
From Embeds
0
Number of Embeds
2,188
Actions
Shares
0
Downloads
54
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Whats new in Havana--Neutron

  1. 1. What’s New In OpenStack Havana Webcast October 2013
  2. 2. OpenStack Networking Neutron 16
  3. 3. Neutron Firewall as a Service •  Perimeter firewall -- one per tenant (for now) •  Reference implementation via Open vSwitch and IPtables •  vArmor plugin 17
  4. 4. Neutron Firewall as a Service (cont’d) •  Available via Horizon and CLI neutron firewall-rule-create --protocol <tcp|udp|icmp|any> --destination-port <port-range> --action <allow|deny> neutron firewall-policy-create --firewall-rules "<firewall-rule ids or names separated by space>" myfirewallpolicy neutron firewall-create <firewall-policy-uuid> 18
  5. 5. Neutron Migrate L3-router service from mix-in to plug-in •  Previously baked into the core •  Server side moved out into a plug-in •  Now possible to replace with alternate implementation 19
  6. 6. Neutron New Modular L2 (ML2) plug-in •  Currently monolithic plug-ins for each L2 agent (OVS, LinuxBridge, etc.) •  Single plug-in for all agents •  Works with existing agents •  Easier to add new L2 agents 20
  7. 7. Neutron Interface driver support for Indigo Virtual Switch (IVS) •  IVS is a pure OpenFlow virtual switch •  Virtual interface (VIF) can be used to connect to both virtual and physical hardware switches (i.e., BigSwitch) •  Node must have IVS installed •  Can be used instead of Open vSwitch •  Kernelspace part is done by OVS 21

×