group-based-policy

Group Based Policy

Go to file

Thomas Bachman 7d722bae8e Add no nat cidrs network extension The no-NAT CIDRs extension is applied to the network resource in neutron. When applied, it affects the list of subnets that should be reachable without NAT that are delivered in the RPC calls to agents. The agents can then use this information to ensure that specific destination CIDRs will never use NAT. The extension can be applied to both tenant and external/public networks. The extension should be used judiciously, as placing it on a network will cause those CIDRs to be added to all RPC calls requesting subnets within that VRF (e.g. the extension could be added to a shared network or to a network that uses a subnetpool relating to a shared address scope, which would be seen by all other networks that report to that same address scope or shared network). Change-Id: Idb39b75ff6d611a1dd413f26055622310cdf0df7		2023-02-27 17:06:13 +00:00
devstack	Add support for yoga	2022-05-26 16:01:17 +00:00
doc/source	Add support for upstream Rocky release	2020-06-11 14:38:53 -04:00
etc	[AIM] Add extension for ERSPAN	2021-01-28 14:40:58 +00:00
gbpservice	Add no nat cidrs network extension	2023-02-27 17:06:13 +00:00
tools	Cleanup Queens (part 2)	2020-06-09 13:14:11 -04:00
.coveragerc	Change ignore-errors to ignore_errors	2015-09-21 14:59:28 +00:00
.gitignore	Status attributes for GBP resources	2016-06-22 01:29:46 -07:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:50:58 +00:00
.stestr.conf	Re-enable unit tests and fix CI jobs	2019-04-16 14:02:09 -04:00
.zuul.yaml	Add python39 gate support	2023-01-31 11:47:15 +00:00
babel.cfg	Project boilerplate and base modules	2014-09-26 15:16:17 -07:00
CONTRIBUTING.rst	Update the outdated links	2018-03-20 06:09:16 +00:00
HACKING.rst	Update links to the latest addresses	2017-08-18 21:38:05 +08:00
LICENSE	Project boilerplate and base modules	2014-09-26 15:16:17 -07:00
MANIFEST.in	Project boilerplate and base modules	2014-09-26 15:16:17 -07:00
README.rst	Add some acronyms for brevity in README	2017-10-13 17:24:42 +08:00
requirements.txt	Add support for ussuri	2020-09-23 21:35:47 +00:00
setup.cfg	Add support for ussuri	2020-09-23 21:35:47 +00:00
setup.py	Cleanup Queens	2020-04-30 17:02:36 -04:00
test-requirements.txt	Remove python39 from voting	2022-09-29 02:25:43 +00:00
TESTING.rst	Adding dir structure for developer reference docs	2016-02-19 14:46:27 -08:00
tox.ini	Fixes for tox4	2023-01-17 19:37:04 +05:30

README.rst

Group Based Policy (GBP) provides declarative abstractions for achieving scalable intent-based infrastructure automation.

GBP complements the OpenStack networking model with the notion of policies that can be applied between groups of network endpoints. As users look beyond basic connectivity, richer network services with diverse implementations and network properties are naturally expressed as policies. Examples include service chaining, QoS, path properties, access control, etc.

GBP allows application administrators to express their networking requirements using a Group and a Policy Rules-Set abstraction. The specifics of policy rendering are left to the underlying pluggable policy driver.

GBP model also supports a redirect operation that makes it easy to abstract and consume complex network service chains and graphs.

Checkout the GBP wiki page for more detailed information: <https://wiki.openstack.org/wiki/GroupBasedPolicy>

The latest code is available at: <http://git.openstack.org/cgit/openstack/group-based-policy>.

GBP project management (blueprints, bugs) is done via Launchpad: <https://launchpad.net/group-based-policy>

For help using or hacking on GBP, you can send mail to <mailto:openstack-dev@lists.openstack.org>.

Acronyms used in code for brevity:

PT: Policy Target
PTG: Policy Target Group
PR: Policy Rule
PRS: Policy Rule Set
L2P: L2 Policy
L3P: L3 Policy
NSP: Network Service Policy
EP: External Policy
ES: External Segment
SC: Service Chain
SP: Service Profile