OpenStack Neutron Network Model
OpenStack Nova-network Standalone becomes a separate component Neutron after the image of the network model of the multi-plane network, hybrid plane private network. 3, Figure 4, Figure 5, figure 6.
Figure 3. Multi-Plane Network
Figure 4. Hybrid Plane private network
Figure 5. Carrier routing via private network
Figure 6. Enable each tenant to create its own dedicated network segment through a private network
Back to top of page
Neutron Network creation Process
The Neutron network is designed to provide the OpenStack cloud with more flexibility in dividing the physical network into a multi-tenant environment that is available to each tenant in a separate network environment. In addition, Neutron provides APIs to achieve this goal. Users in Neutron can create their own network objects, which, if they are to be mapped to a concept in a physical environment, is equivalent to a huge switch that can have an unlimited number of dynamically created and destroyed virtual ports. The process of creating a Neutron network on Horizon is as follows:
- First, the administrator gets a set of IP addresses that can be addressed on the Internet and creates an external network and subnet.
- The tenant creates a network and subnet.
- Tenants create a router and connect tenant subnets and external networks.
- The tenant creates the virtual machine.
Back to top of page
OpenStack Network Type
A standard OpenStack network is set up with 4 different physical data center networks:
- Management Network: Used for internal communication between the various components of OpenStack.
- Data networking: Used for communication between virtual data in a cloud deployment.
- External network: A public network that can be accessed by an external or Internet network.
- API Network: Exposes all OpenStack APIs, including OpenStack network APIs to tenants.
Figure 7.OpenStack Network type
Figure 7.OpenStack Network type
Back to top of page
Three modes flat mode of Neutron service network management
Flat mode and FLATDHCP mode are not very different, are based on the bridge network, but the Flat mode needs to be manually configured by the administrator (including the configuration of bridges and external DHCP devices).
Figure 8. Flat Network topology
FLATDHCP mode
This mode differs from the Flat mode in that there is a DHCP process where each node running the nova-network process (the Network control node/nove-network host) is a separate network. Nova establishes a bridge on the Nova-network host (default name br100, configuration item flat_network_bridge=br100), assigns the network's gateway IP to the bridge, and Nova makes a DHCP process at the bridge, and finally establishes the IPT The Ables rule (snat/dnat) enables a virtual machine to communicate with the outside world while communicating with a metadata server to obtain information within the cloud.
The compute node is responsible for creating the bridge for the corresponding node, at which point the compute node NIC can not require an IP address because the bridge connects the virtual machine to the Nove-network host within a logical network. When the virtual machine starts, it sends DHCPDiscover to obtain the IP address. The data from the virtual machine to the outside world is passed through the Nova-network host, and DHCP listens at the bridge, assigning the IP segment specified by Fixed_range. 9.
Figure 9. FLATDHCP Network topology
The disadvantage of this type of deployment----single-node failure, no two-tier isolation (that is, all virtual machines are in one broadcast domain).
VLAN mode
The Chinese name of the VLAN (virtual local area network) is "virtualized LAN". VLAN is a new data exchange technology that can logically divide LAN devices into network segments to realize virtual workgroup.
The difference between VLAN mode and Flat mode
In Flat mode, the administrator's workflow should look like this:
- Create an IP pool for all tenants:
Nova-manage Network Create--fixed_range_v4=10.0.0.0/16–label=public
- Create a tenant
- Tenants create virtual machines to assign virtual machines to available IP in the IP pool
The virtual machine information in DB might look like, we see 2 VMS in the same network segment.
Figure 10
In VLAN mode the process is as follows:
- Create a new tenant, and note the identity of the tenant
- To create an exclusive FIXED_IP segment for the tenant:
Nova-manage Network Create--fixed_range_v4=10.0.1.0/24--vlan=102 --project_id= "TenantID"
- Tenants create virtual machines, assigning IP to virtual machines from tenants ' private IP segments
As a result, the VLAN pattern is increased for the network compared to the Flat mode: associating the network with the tenant and assigning a VLAN number to the network.
Back to top of page
Neutron Summary
OpenStack Virtual Network Neutron The functions of some traditional network management to tenants, through which tenants can create their own virtual networks and their subnets, create routers, and so on, with the help of virtual network functions, the basic physical network can provide additional network services to the outside. For example, tenants can create a virtual network of their own that is similar to a data center network. Neutron provides a more complete virtual network model and API in a multi-tenant environment. Like deploying a physical network, you need to do some basic planning and design when creating a virtual network using Neutron.
OpenStack Network: A preliminary study of Neutron