Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning OpenStack Networking
  • Table Of Contents Toc
  • Feedback & Rating feedback
Learning OpenStack Networking

Learning OpenStack Networking

By : James Denton
5 (1)
Buy this Book
close
close
Learning OpenStack Networking

Learning OpenStack Networking

5 (1)
By: James Denton
Buy this Book

Overview of this book

OpenStack Networking is a pluggable, scalable, and API-driven system to manage physical and virtual networking resources in an OpenStack-based cloud. Like other core OpenStack components, OpenStack Networking can be used by administrators and users to increase the value and maximize the use of existing datacenter resources. This third edition of Learning OpenStack Networking walks you through the installation of OpenStack and provides you with a foundation that can be used to build a scalable and production-ready OpenStack cloud. In the initial chapters, you will review the physical network requirements and architectures necessary for an OpenStack environment that provide core cloud functionality. Then, you’ll move through the installation of the new release of OpenStack using packages from the Ubuntu repository. An overview of Neutron networking foundational concepts, including networks, subnets, and ports will segue into advanced topics such as security groups, distributed virtual routers, virtual load balancers, and VLAN tagging within instances. By the end of this book, you will have built a network infrastructure for your cloud using OpenStack Neutron.
Table of Contents (16 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Free Chapter
1
Introduction to OpenStack Networking
Icon
Introduction to OpenStack Networking
Icon
What is OpenStack Networking?
Icon
Preparing the physical infrastructure
Icon
Separating services across nodes
Icon
Summary
2
Installing OpenStack
Icon
Installing OpenStack
Icon
System requirements
Icon
Initial network configuration
Icon
Initial steps
Icon
Installing OpenStack
Icon
Summary
3
Installing Neutron
Icon
Installing Neutron
Icon
Basic networking elements in Neutron
Icon
Extending functionality with plugins
Icon
Network namespaces
Icon
Installing and configuring Neutron services
Icon
Configuring Neutron services
Icon
Interfacing with OpenStack Networking
Icon
Summary
4
Virtual Network Infrastructure Using Linux Bridges
Icon
Virtual Network Infrastructure Using Linux Bridges
Icon
Using the Linux bridge driver
Icon
Visualizing traffic flow through Linux bridges
Icon
Configuring the ML2 networking plugin
Icon
Configuring the Linux bridge driver and agent
Icon
Summary
5
Building a Virtual Switching Infrastructure Using Open vSwitch
Icon
Building a Virtual Switching Infrastructure Using Open vSwitch
Icon
Using the Open vSwitch driver
Icon
Basic OpenvSwitch commands
Icon
Visualizing traffic flow when using Open vSwitch
Icon
Configuring the ML2 networking plugin
Icon
Configuring the Open vSwitch driver and agent
Icon
Summary
6
Building Networks with Neutron
Icon
Building Networks with Neutron
Icon
Network management in OpenStack
Icon
Subnet management in OpenStack
Icon
Managing network ports in OpenStack
Icon
Summary
7
Attaching Instances to Networks
Icon
Attaching Instances to Networks
Icon
Attaching instances to networks
Icon
Exploring how instances get their addresses
Icon
Exploring how instances retrieve their metadata
Icon
Summary
8
Managing Security Groups
chevron up
Icon
Managing Security Groups
Icon
Security groups in OpenStack
Icon
An introduction to iptables
Icon
Working with security groups
Icon
Applying security groups to instances and ports
Icon
Implementing security group rules
Icon
Working with security groups in the dashboard
Icon
Disabling port security
Icon
Allowed address pairs
Icon
Summary
9
Role-Based Access Control
Icon
Role-Based Access Control
Icon
Working with access control policies
Icon
Applying RBAC policies to projects
Icon
Creating policies for external networks
Icon
Summary
10
Creating Standalone Routers with Neutron
Icon
Creating Standalone Routers with Neutron
Icon
Routing traffic in the cloud
Icon
Installing and configuring the Neutron L3 agent
Icon
Router management in the CLI
Icon
Network address translation
Icon
Floating IP management
Icon
Demonstrating traffic flow from an instance to the internet
Icon
Router management in the dashboard
Icon
Summary
11
Router Redundancy Using VRRP
Icon
Router Redundancy Using VRRP
Icon
Using keepalived and VRRP to provide redundancy
Icon
Networking of highly available routers
Icon
Installing and configuring additional L3 agents
Icon
Configuring Neutron
Icon
Working with highly available routers
Icon
Decomposing a highly available router
Icon
Summary
12
Distributed Virtual Routers
Icon
Distributed Virtual Routers
Icon
Distributing routers across the cloud
Icon
Installing and configuring Neutron components
Icon
Routing east-west traffic between instances
Icon
Centralized SNAT
Icon
Floating IPs through distributed virtual routers
Icon
Summary
13
Load Balancing Traffic to Instances
Icon
Load Balancing Traffic to Instances
Icon
Fundamentals of load balancing
Icon
Integrating load balancers into the network
Icon
Installing LBaaS v2
Icon
Load balancer management in the CLI
Icon
Building a load balancer
Icon
Load balancer management in the dashboard
Icon
Summary
14
Advanced Networking Topics
Icon
Advanced Networking Topics
Icon
VLAN-aware VMs
Icon
BGP dynamic routing
Icon
Network availability zones
Icon
Summary
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Summary

Security groups are fundamental for controlling access to instances by allowing users to create inbound and outbound rules that limit traffic to and from instances based on specific addresses, ports, protocols, and even other security groups. Default security groups are created by Neutron for every project that allows all outbound communication and restrict inbound communication to instances in the same default security group. Subsequent security groups are locked down even further, allowing only outbound communication and not allowing any inbound traffic at all unless modified by the user.

Security group rules are implemented on the compute nodes and are triggered when traffic enters or leaves a virtual network interface belonging to an instance. Users are free to implement additional firewalls within the guest operating system, but may find managing rules in both places...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Chapter 8
Next Chapter

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY