OpenStack Neutron Set to Improve Cloud Networking in Queen's Release

Networking continues to improve in the open-source cloud project, with multi-port binding and security logging set to debut.

By Sean Michael Kerner | Posted Nov 10, 2017
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

WEBINAR: On-demand webcast

How Automation and Preventative Resolution are Transforming Workplace Productivity REGISTER >

There was a time when the Neutron networking project in OpenStack was not the default networking choice. Those times are now past, with Neutron currently being used by the vast majority of OpenStack deployments.

At the OpenStack Summit in Sydney, Australia, the past and the future project technical leads (PTLs) for Neutron talked about what landed in Neutron during the recent Pike release and what's on roadmap for the upcoming Queens release cycle.

"The mission of OpenStack networking is to implement services and associated libraries to provide on-demand, scalable and technology-agnostic network abstraction," Miguel Lavalle, PTL for Neutron for Queens, told the audience.

Lavalle noted that when OpenStack started, all networking services were embedded into the Nova compute project, as Nova-networks. What happened quickly though is that OpenStack developers and operators realized that that users needed more control over the network and more control over service insertion.

Neutron, at its core, is a pluggable API server, enabling users to  plug in different back-end technologies. It is the the combination of APIs and a plugin that enables neutron.

Armando Migiliaccio, past PTL for Neutron, noted that in the Pike release there were 200 contributors to the core of Neutron. Over the life of the project, which began in the OpenStack Diablo release, there have been over 1,300 total contributors to Neutron. He added that according to the latest OpenStack user survey data, 95 percent of OpenStack deployments are now using Neutron.

"Neutron is an API abstraction but it's also a community," Migiliaccio said.

One of the things that has evolved in the Neutron community is the concept of the Neutron stadium, which includes related projects that are overseen by the Neutron core team. Migiliaccio added that there are a number of backends considered to be part of the Neutron, including midonet, OpenDaylight, OVN and BAGPIPE. There are also API initiatives that provide high-level services, including dynamic routing, BGPVPN, firewall as a service abd service function chaining.

Pike

In OpenStack Pike, Neutron benefited from a series of operational improvements, detailed by Migiliaccio.

Among the improvements are support for zero downtime upgrades/rolling upgrades from Ocata. There was also a reduction in the memory footprint for the metadata agent, improved stability of the OVS openflow-based firewall and new fine-grained controls for quota.

Additionally Migiliaccio said that there were multiple layer 3 improvements including:

  • DHCP agent support for subnets on other segments of a routed network
  • DNS name assignment on a per port basis.
  • QoS improvements
  • Support of a direction parameter for bandwidth limit rule
  • New API to retrieve details of supported QoS rule types by the loaded drivers
  • A QoS policy marked as default for all the networks created under a project


Queens

Looking forward to the Queen's release, there are multiple stability and community-led improvements, including Python 3 compatibility and testing coverage improvements.

There is also a new idea that is coming together for Queen's release called neutron-lib. Migiliaccio said that neutron-lib is all about defining stable interfaces that will allow components to work well together.

Another area that is being enhanced is multiple port binding, which will help to further improve Nova and Neutron integration. Migiliaccio said that when live migrating node there can sometime be issues. The promise of the multiple port bindings support is that it can provide better control and make live migration operations more resilient and potentially enable better rollback capabilities.

Other key features that are expected to land in Neutron for the Queens release include quality of service on floating IPS and security groups logging.

"With security groups logging, as an administrator you can do auditing on what types of actions have occurred in your network topology to see if something malicious might have happened," Migiliaccio said.

Sean Michael Kerner is a senior editor at EnterpriseNetworkingPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter