OpenStack Havana Updates Cloud Networking
Open Source cloud platform set to include new firewall, security and load balancing networking services
The open source OpenStack cloud platform is getting a major new infusion of networking features. The OpenStack Havana release, set to officially debut on Thursday, October 17th, will enable a new generation of security and load balancing-as-a-service capabilities.
OpenStack has always included networking capabilities, though initially those capabilities were somewhat limited and only available inside of the Nova Compute project. The OpenStack Quantum project got started in 2011 and was recently renamed Neutron.
The Quantum/Neutron project was originally started by Dan Wendlandt, who currently serves as Director of Product Management for OpenStack at VMware. Wendlandt noted that for the Havana release, VMware is one of the lead contributors to Neutron.
"We're committing code both from a community perspective and from a VMware driver perspective," Wendlandt said. "We've added support for all the new goodness that comes from VMware NSX."
VMware announced its NSX network virtualization platform in August, providing a new approach for Software Defined Networks (SDN).
One of the items that the NSX support enables is distributed Layer 3 transport.
"You can have, from a logical perspective, a router in a topology, but that doesn't mean you have to forward the packets to a separate device that does the routing," Wendlandt explained. "So individual virtual switches can do the right manipulations on data packets and send them directly to the correct destination."
In the prior release of OpenStack, codenamed "Grizzly," an initial implementation of Load Balancing-as-a-Service (LBaaS) debuted. With Havana, that implementation has been improved and opened up to provide multiple networking capabilities, including load balancing and firewall-as-a-service, in an OpenStack cloud.
Wendlandt commented that in Havana, multiple vendor integrations have been made to provide robust load balancing capabilities. He added that the networking-as-a-service features were, in part, based off technology from VMware's vShield.
"OpenStack is a framework. It has a set of common APIs, and then there are drivers for plugging in different technologies," Wendlandt said. "Those drivers might talk to open source technology, or they might talk to closed source technologies. It's up to customers to choose what the right solution is for them."
In the case of load balancing and firewall-as-a-service, VMware contributed to the overall framework for implementing those capabilities.
Among the key new additions in the OpenStack Havana release is the inclusion of the Heat orchestration project. Heat can connect to Neutron to help orchestrate load balancing and other network functionality as required.
"Everything in OpenStack is exposed via APIs," Wendlandt explained. "So the same way you can call Neutron to create a network, you can now call on Neutron for load balancing."
Wendlandt noted that OpenStack Heat is similar to Amazon's CloudFormations in that it can define a template for what should happen based on policy.
Modular Layer 2
One of the other interesting additions in OpenStack Havana is a plugin known as ML2, or the Modular Layer 2 plugin.
"The idea here is what if I want to use VLANs, but I want to use technology from multiple vendors," Wendlandt said. "It lets gear from different vendors interoperate in a nice way."
Moving forward, Wendlandt sees a few area of improvement for networking in OpenStack for future releases. He sees a need to continue to improve ease of use as well management and operations.
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist