The goal of this document is to provide an umbrella blueprint defining how to add support for VPC in Openstack.

A VPC is defined as an entity providing resources access boundaries with the goal of building a logically isolated infrastructure assigned to a tenant.

There are multiple options to implement this entity, either as a formal node in the openstack container hierarchy (domain, projects), or as a tag used to define access policies.

Relationship with other blueprint

  • Hierarchical Multitenancy [1] defines a hierarchical model for resource ownership and containment. This blueprint can be used to implement the VPC concept by considering each VPC as a node in the hierarchy.
  • AWS VPC API support [2] aims at providing an EC2 VPC equivalent API on openstack. This blueprint uses a special project to group the VPC resources, however, it doesn't address the needed changes in scoping of different resource to implement a true isolated VPC.
  • Hierarchical Administrative Boundaries [5] defines a model similar to [1] and is focusing on defining administrative delegation.

Use cases

1 - The administrator of a domain can create a VPC composed of network resources. A generic VPC can look like:

Within the VPC, the administrator can :
1.1 - create a shared network. A shared network in the VPC is equivalent to a Neutron public network (it's a public network with a restricted scope).
1.2 - create a transit or external network that can be connected to a remote datacenter through, for MPLS or a VPN or to the internet.
1.3 - define specific flavors, images or other openstack resources restricted to be used within this VPC (e.g. DNS Zone, LB Resources, ...).
1.4 - define quota for resources available to a given VPC.
2 - The domain administrator can delegate the management of the VPC to a user or group of the domain
3 - A user of a domain, can create a project within a given VPC. Within this project, the user can
3.1. create a private network using the VPC external or shared network as the next hop. VMs can get a floating IP from the shared or external network
3.2 create a VM within a project attached to a shared network exposed by the VPC.

Resource Model

The above model is showing a relationship between VPC and Project assuming a containment relationship. However, as shown below, depending on the implementation, it could be a more loose relationship.

http://blog.csdn.net/quqi99/article/details/41829605

https://wiki.openstack.org/wiki/Blueprint-VPC

neutron VPC的更多相关文章

  1. 2017.4.5 OpenStack简介

    OpenStack 管理的资源不是单机的而是一个分布的系统,把分布的计算.存储.网络.设备.资源组织起来,形成一个完整的云计算系统:OpenStack 也提供一个 UI,这里包括一个图形化的 UI:H ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. Neutron 理解 (1): Neutron 所实现的虚拟化网络 [How Netruon Virtualizes Network]

    学习 Neutron 系列文章: (1)Neutron 所实现的虚拟化网络 (2)Neutron OpenvSwitch + VLAN 虚拟网络 (3)Neutron OpenvSwitch + GR ...

  4. What's VPC (by quqi99)

    作者:张华  发表于:2014-12-09版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 ( http://blog.csdn.net/quqi99 ) VPC ...

  5. 一:Neutron实现网络虚拟化

    一 云计算时代数据中心物理网络的问题 数据中心虚拟化成为了趋势,最典型的场景莫过于:对数据中心的服务器进行虚拟化,来提高资源利用率,同时降低单位能耗. 但是,随着数据中心虚拟化程度的不断提高.虚拟化服 ...

  6. Neutron网络学习

    学习 Neutron 系列文章: 转http://www.cnblogs.com/sammyliu/p/4622563.html (1)Neutron 所实现的网络虚拟化 (2)Neutron Ope ...

  7. Neutron 理解 (1): Neutron 所实现的网络虚拟化 [How Neutron Virtualizes Network]

    学习 Neutron 系列文章: (1)Neutron 所实现的网络虚拟化 (2)Neutron OpenvSwitch + VLAN 虚拟网络 (3)Neutron OpenvSwitch + GR ...

  8. 创建vpc网络

    vpc相关功能点: 模块 功能点 描述 备注 VPC 创建vpc网络 创建vpc网络,指定vpc网络名称   修改vpc网络 修改vpc网络名称   删除vpc网络 删除vpc网络   vpc相关命令 ...

  9. Openstack Neutron : 安全

    目录 - iptable:起源 - tables - chains - rules - 方向 - Security group 安全组: - Firewall 防火墙: - 更高的安全 - 无处安放的 ...

随机推荐

  1. [译]NeHe教程 - 创建一个OpenGL窗体

    原文: Setting Up An OpenGL Window 欢迎阅读我的OpenGL教程.我是一个热爱OpenGL的普通码农!我第一次听到OpenGL是在3Dfx刚发布他们给Voodoo I显卡的 ...

  2. [译]GLUT教程 - 整合代码3

    Lighthouse3d.com >> GLUT Tutorial >> Pop-up Menus >> The Code So Far III 这里我们准备包含一 ...

  3. 安装wamp后 异常Exception Exception in module wampmanager.exe at 000F15A0

    系统环境:Windows 2008 R2 64bit 安装环境:wampserver2.4-x64 按照正常windows安装程序,完成WAMP Server程序安装,安装完成启动WAMP Serve ...

  4. 刷脸支付真的来啦!华为nova3带你玩转酷时代~

    无论是不愿脱离手套的怕冷手. 或是沾满泥土芬芳的勤劳手. 还是挂着水滴的清洁手…… 每当这些时刻,打开支付宝认证支付, 指纹解锁的能力总是光彩尽失. 不过,就在华为nova 3的发布会上, 一项传说已 ...

  5. 查看tcp各个连接状态的数量

    4. 查看tcp各个连接状态的数量 下面对的 netstat -tan|awk '$1~/tcp/{aa[$NF]++}END{for (h in aa)print h,aa[h]}' SYN_SEN ...

  6. 产生n个数全排列的算法

    给定n个数{1...n},如何给出这n个数的全排列呢? 给定一个整数k,我们给它一个向左或向右的方向,k(->)或者k(<-),我们说k是可以移动的,如果它的方向指向一个相邻的比它小的数, ...

  7. web安全之SQL注入---第五章 如何预防SQL注入 ?

    5-1严格检查输入变量的类型和格式总结:其实就是做一些判断正则表达式:验证密码:/^[a-zA-Z]{6,}$/5-1严格检查输入变量的类型和格式总结:其实就是做一些判断正则表达式:验证密码:/^[a ...

  8. java 中 集合类相关问题

    1,Java中Collection和Collections的差别 java.util.Collection 是一个集合接口.它提供了对集合对象进行基本操作的通用接口方法. Collection接口在J ...

  9. WebApp 开发中常用的代码片段

    其实这里面的多数都是 iOS 上面的代码.其他平台的就没有去验证了. HTML, 从HTML文档的开始到结束排列: <meta name=”viewport” content=”width=de ...

  10. SimpleDateFormat注意点

    今天测试了一下SimpleDateFormat把一个字符串转为Date类型 SimpleDateFormat dateFormat= new SimpleDateFormat("yyyy-M ...