Learn about the cloud networking service in this excerpt from Packt's "OpenStack: Building a Cloud Environment."
Neutron replaced an older version of the network service called Quantum, which was introduced as a part of the Folsom release of OpenStack. Before Quantum came into the picture, the networking of the Nova components was controlled by Nova networking, a subcomponent of Nova. The name of the networking component was changed from Quantum to Neutron due to a trademark conflict (Quantum was a trademark of a tape-based backup system).
While Neutron is the way to go if you need only simple networking in your cloud, you can still choose to use the Nova network feature and ignore the Neutron service completely. But if you do go the Neutron route, you can easily offer several services, such as load balancing as a service (using HA proxy) and VPN as a service (openswan).
Neutron has a component on the controller node called the neutron server, along with a bunch of agents and plugins that communicate with each other using a messaging queue. Depending on the type of deployment, you can choose the different agents that you want to use.
Some plugins that are available today with Neutron include but are not limited to the following:
- NEC OpenFlow
- Open vSwitch
- Cisco switches (NX-OS)
- Linux bridging
- VMware NSX
- Juniper OpenContrail
- Ryu network OS
- PLUMgrid Director plugin
- Midokura Midonet plugin
- OpenDaylight plugin
You can choose to write more of these, and the support is expanding every day. So, by the time you get on to implementing it, maybe your favorite device vendor will also have a Neutron plugin that you can use.
In order to view the updated list for plugins and drivers, refer to the OpenStack wiki page.
The architecture of Neutron is simple, but it is with the agents and plugins where the real magic happens! Neutron architecture has been presented in the following diagram:
Let's discuss the role of the different components in a little detail.
The function of this component is to be the face of the entire Neutron environment to the outside world. It essentially is made up of three modules:
- REST service: The REST service accepts API requests from the other components and exposes all the internal working details in terms of networks, subnets, ports, and so on. It is a WSGI application written in Python and uses port 9696 for communication.
- RPC service: The RPC service communicates with the messaging bus and its function is to enable a bidirectional agent communication.
- Plugin: A plugin is best described as a collection of Python modules that implement a standard interface, which accepts and receives some standard API calls and then connects with devices downstream. They can be simple plugins or can implement drivers for multiple classes of devices.
The plugins are further divided into core plugins, which implement the core Neutron API, which is Layer 2 networking (switching) and IP address management. If any plugin provides additional network services, we call it the service plugin -- for example, Load Balancing as a Service (LBaaS), Firewall as a Service (FWaaS), and so on.
As an example, Modular Layer 2 (ML2) is a plugin framework that implements drivers and can perform the same function across ML2 networking technologies commonly used in datacenters. We will use ML2 in our installation to work with Open vSwitch (OVS).
The L2 agent runs on the hypervisor (compute nodes), and its function is simply to wire new devices, which means it provides connections to new servers in appropriate network segments and also provides notifications when a device is attached or removed. In our install, we will use the OVS agent.
The L3 agents run on the network node and are responsible for static routing, IP forwarding, and other L3 features, such as DHCP.
Let's take a quick look at what happens when a new VM is booted with Neutron. This shows all the steps that take place during the Layer 2 stage:
- Boot VM start.
- Create a port and notify the DHCP of the new port.
- Create a new device (virtualization library – libvirt).
- Wire port (connect the VM to the new port).
- Complete boot.
NEXT page: Networking concepts in Neutron