0865f0dc73
This change adds support for external Neutron networks
and floating IPs. Address translation through external
networks is supported in several different ways (no NAT,
distributed NAT, edge NAT). The orchestration details
of each of these modes is abstracted in the NatStrategy
interface provided by AIM. The mechanism driver mainly
translates Neutron operations into appropriate
invocations of this utility class.
Several attribute extensions have been added for external
connectivity support -
* Network:
1. ExternalNetwork DN: This is the DN of the ACI
external-network (within an L3out) that corresponds
to a Neutron network
2. NAT type: To support various ways of address
translation
3. External CIDRs: Restrictions on traffic, based on
their address, that can use an external network
* Subnet:
1. SNAT host pool: Whether a subnet should be used
for allocating SNAT addresses for distributed NAT
* Router:
1. External contracts: Additional contracts that an
external network should provide/consume when a
router is uplinked to the external network
Most of the mechanism driver change deals with handling
these attributes; the code that is involved deals with
determining the proper VRF and applicable contracts
based on current router topology.
Changes are also made to L3-plugin to handle floating-IP
operation, and reporting the floating-IPs in GBP RPCs.
Change-Id: I80d7be7fde27b4dcf6987fd3984c301ed5e5d437
Signed-off-by: Amit Bose <amitbose@gmail.com>
(cherry picked from commit 95051a5daa)
Group Based Policy (GBP) provides declarative abstractions for achieving scalable intent-based infrastructure automation.
GBP complements the OpenStack networking model with the notion of policies that can be applied between groups of network endpoints. As users look beyond basic connectivity, richer network services with diverse implementations and network properties are naturally expressed as policies. Examples include service chaining, QoS, path properties, access control, etc.
GBP allows application administrators to express their networking requirements using a Group and a Policy Rules-Set abstraction. The specifics of policy rendering are left to the underlying pluggable policy driver.
GBP model also supports a redirect operation that makes it easy to abstract and consume complex network service chains and graphs.
Checkout the GBP wiki page for more detailed information: <http://wiki.openstack.org/GroupBasedPolicy>
The latest code is available at: <http://git.openstack.org/cgit/openstack/group-based-policy>.
GBP project management (blueprints, bugs) is done via Launchpad: <http://launchpad.net/group-based-policy>
For help using or hacking on GBP, you can send mail to <mailto:openstack-dev@lists.openstack.org>.
Acronyms used in code for brevity:
- PT: Policy Target
- PTG: Policy Target Group
- PR: Policy Rule
- PRS: Policy Rule Set
- L2P: L2 Policy
- L3P: L3 Policy
- NSP: Network Service Policy
- EP: External Policy
- ES: External Segment