Open Stack

On Fri, Sep 26, 2014 at 10:22 AM, Stephen Wong
<stephen.kf.wong at gmail.com> wrote:
> CC'ed ODL GBP --- although this doesn't concern them at this point, it may
> be of interest to the team
>
> On Fri, Sep 26, 2014 at 12:10 AM, Sachi Gupta <sachi.gupta at tcs.com> wrote:
>>
>> Hi All,
>>
>> Request you all to provide inputs of the below queries:
>>
>> As per my understanding GBP constructs are mapped to neutron calls for
>> example - creating an endpoint, the neutron mapping driver will map it to
>> the existing port creation method. Similarly to achieve the complete
>> functionality of GBP openstack, I have checked for the neutron calls and it
>> includes network, subnet, port, router, security group.
>
>     Correct.
>
>>
>> Creating a contract - policy rules..Will this include a call to firewall
>> rules or only security group calls will be done?
>
>     At this point, only security group calls.
>

We have also used FWaaS rules in our experiments earlier, but it won't
be a part of the initial version of the mapping. In general, the GBP
model is independent of the rendering.

>
>>
>> I need to integrate Openstack with Opendaylight(ODL). To achieve the
>> interface between two will it be done by ML2 plugin and neutron mapping
>> driver of Openstack or something additional is required?
>
>
>     That should be enough.
>>
>> The neutron northbound APIs of ODL include network, subnet, port, router,
>> security groups, firewall calls. Any other call that needs to be included a
>> part from these in ODL.
>
>
>     Even FWaaS APIs are supported in ODL now? If so, I guess ODL is even
> ready to do (basic) 'redirect' action once it is implemented on the mapping
> driver then.
>
>     And no, you should not need any other APIs.
>
>>
>> Do the neutron calls that will be mapped by the neutron mapping driver of
>> openstack are something different from the previous neutron calls that were
>> being made without using GBP??? For example: The network create call that
>> was used previously with ODL without using GBP in openstack. Will it be
>> different from the network call to ODL that will be made by GBP mapping
>> driver of openstack.
>
>     No. The intent of mapping driver is to allow network policies to be
> rendered by current Neutron plugins. So the ODL calls should NOT be any
> different from before, the magic happens in the mapping driver layer.
>
>
>>
>> How the GBP project in openstack will be affecting the Opendaylight
>> neutron calls??
>
>
>     It doesn't. That said, I fully expect the ODL Neutron handling layer to
> support GBP APIs in the (near) future. When that happens, instead of using
> the mapping driver, you will have an additional choice of using the ODL GBP
> driver.
>
> Hope it helps,
> - Stephen
>
>
>>
>>
>>
>>
>> Thanks in Advance
>> Sachi Gupta
>>
>>
>>
>> From:        Sumit Naiksatam <sumitnaiksatam at gmail.com>
>> To:        "OpenStack Development Mailing List (not for usage questions)"
>> <openstack-dev at lists.openstack.org>
>> Date:        09/23/2014 04:33 AM
>> Subject:        Re: [openstack-dev] Group-Based Policy Understanding and
>> Queries
>> ________________________________
>>
>>
>>
>> Thanks for your interest in GBP, responses inline.
>>
>> On Sun, Sep 21, 2014 at 11:35 PM, Sachi Gupta <sachi.gupta at tcs.com> wrote:
>> > Hi All,
>> >
>> > Request you all to provide inputs on below understanding:
>> >
>> > Openstack: Group-based policy is a blueprint for Juno-3 release of
>> > Openstack. It will extend OpenStack Networking with policy and
>> > connectivity
>> > abstractions that enable significantly more simplified and
>> > application-oriented interfaces than with the current Neutron API model.
>> > When will be the code ready for Group-based policy as an open source?
>>
>> The code has been in review in gerrit for a while now, you can find
>> all the links to all the patches here:
>> https://wiki.openstack.org/wiki/Meetings/Neutron_Group_Policy/Patches
>> We are also consolidating this code in Stackforge so that its usable
>> starting  from the Juno release.
>>
>> > Openstack group policy API will be an extension to the Neutron APIs.
>> > There
>> > will be a policy manager to manage the policy and policy rules. Will GBP
>> > a
>> > part of neutron?? If yes, then will GBP be a part of Horizon under
>> > neutron?
>>
>> The wiki page above has links to client, Horizon and Heat patches.
>>
>> > Policy driver which will act as an interface(ODL Policy Driver). For eg.
>> > we
>> > used neutron ML2 plugin as an interface between Openstack neutron and
>> > ODL
>> > neutron northbound. When will the policy driver for ODL available?
>> > Openstack policy driver for ODL will act as an interface to ODL. Which
>> > API
>> > in ODL, Policy calls from Openstack ODL Policy driver will be hitting??
>> >
>>
>> I know that this was planned, so you would probably need to check with
>> the author of the following patch for the status on this:
>> https://review.openstack.org/#/c/105606/
>> We can also bring this up for discussion during the weekly IRC:
>> https://wiki.openstack.org/wiki/Meetings/Neutron_Group_Policy
>>
>> >
>> >
>> > Thanks & Regards
>> > Sachi Gupta
>> >
>> > =====-----=====-----=====
>> > Notice: The information contained in this e-mail
>> > message and/or attachments to it may contain
>> > confidential or privileged information. If you are
>> > not the intended recipient, any dissemination, use,
>> > review, distribution, printing or copying of the
>> > information contained in this e-mail message
>> > and/or attachments to it are strictly prohibited. If
>> > you have received this communication in error,
>> > please notify us by reply e-mail or telephone and
>> > immediately and permanently delete the message
>> > and any attachments. Thank you
>> >
>> >
>> > _______________________________________________
>> > OpenStack-dev mailing list
>> > OpenStack-dev at lists.openstack.org
>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>> _______________________________________________
>> controller-dev mailing list
>> controller-dev at lists.opendaylight.org
>> https://lists.opendaylight.org/mailman/listinfo/controller-dev
>>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>