[openstack-dev] [Neutron][Heat] The Neutron API and orchestration
CARVER, PAUL
pc2929 at att.com
Tue Apr 8 13:13:02 UTC 2014
Zane Bitter wrote:
>(1) Create a network
>Instinctively, I want a Network to be something like a virtual VRF
>(VVRF?): a separate namespace with it's own route table, within which
>subnet prefixes are not overlapping, but which is completely independent
>of other Networks that may contain overlapping subnets. As far as I can
>tell, this basically seems to be the case. The difference, of course, is
>that instead of having to configure a VRF on every switch/router and
>make sure they're all in sync and connected up in the right ways, I just
>define it in one place globally and Neutron does the rest. I call this
>#winning. Nice work, Neutron.
This is your main misunderstanding and the source of most, but not all
of the rest of your issues. A "network" in Neutron is NOT equivalent
to a VRF. A "network" is really just a single LAN segment (i.e. a single
broadcast domain.) It allows the use of multiple subnets on the same
broadcast domain, which is generally not a great idea, but doesn't
violate any standards and is sometimes useful.
There is no construct in Neutron to represent an entire
network in the sense that most networking people use the word
(i.e., multiple broadcast domains interconnected via routers.)
A router in Neutron also doesn't really represent the same thing
that most networking people mean by the word, at least not yet.
A router in Neutron is basically a NAT box like a home Linksys/
Netgear/etc, not a Cisco ASR or Juniper M or T series. Most notably
it doesn't run routing protocols. It doesn't handle route redistribution,
it doesn't handle queuing and QoS, ACL support is only preliminary, etc.
So your expectation of being able to orchestrate a "real" network in
the sense of a collection of LAN segments and routers and global
routing tables and topology isn't native to Neutron. So the question
is whether that overarching orchestration should be in Heat using
only the primitives that Neutron currently provides or whether
Neutron should be extended to include entire networks in the
sense that you and I would tend to define the word.
More information about the OpenStack-dev
mailing list