The goal of this document is to provide an umbrella blueprint defining how to add support for VPC in Openstack.

A VPC is defined as an entity providing resources access boundaries with the goal of building a logically isolated infrastructure assigned to a tenant.

There are multiple options to implement this entity, either as a formal node in the openstack container hierarchy (domain, projects), or as a tag used to define access policies.

Relationship with other blueprint

  • Hierarchical Multitenancy [1] defines a hierarchical model for resource ownership and containment. This blueprint can be used to implement the VPC concept by considering each VPC as a node in the hierarchy.
  • AWS VPC API support [2] aims at providing an EC2 VPC equivalent API on openstack. This blueprint uses a special project to group the VPC resources, however, it doesn't address the needed changes in scoping of different resource to implement a true isolated VPC.
  • Hierarchical Administrative Boundaries [5] defines a model similar to [1] and is focusing on defining administrative delegation.

Use cases

1 - The administrator of a domain can create a VPC composed of network resources. A generic VPC can look like:

Within the VPC, the administrator can :
1.1 - create a shared network. A shared network in the VPC is equivalent to a Neutron public network (it's a public network with a restricted scope).
1.2 - create a transit or external network that can be connected to a remote datacenter through, for MPLS or a VPN or to the internet.
1.3 - define specific flavors, images or other openstack resources restricted to be used within this VPC (e.g. DNS Zone, LB Resources, ...).
1.4 - define quota for resources available to a given VPC.
2 - The domain administrator can delegate the management of the VPC to a user or group of the domain
3 - A user of a domain, can create a project within a given VPC. Within this project, the user can
3.1. create a private network using the VPC external or shared network as the next hop. VMs can get a floating IP from the shared or external network
3.2 create a VM within a project attached to a shared network exposed by the VPC.

Resource Model

The above model is showing a relationship between VPC and Project assuming a containment relationship. However, as shown below, depending on the implementation, it could be a more loose relationship.

http://blog.csdn.net/quqi99/article/details/41829605

https://wiki.openstack.org/wiki/Blueprint-VPC

neutron VPC的更多相关文章

  1. 2017.4.5 OpenStack简介

    OpenStack 管理的资源不是单机的而是一个分布的系统,把分布的计算.存储.网络.设备.资源组织起来,形成一个完整的云计算系统:OpenStack 也提供一个 UI,这里包括一个图形化的 UI:H ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. Neutron 理解 (1): Neutron 所实现的虚拟化网络 [How Netruon Virtualizes Network]

    学习 Neutron 系列文章: (1)Neutron 所实现的虚拟化网络 (2)Neutron OpenvSwitch + VLAN 虚拟网络 (3)Neutron OpenvSwitch + GR ...

  4. What's VPC (by quqi99)

    作者:张华  发表于:2014-12-09版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 ( http://blog.csdn.net/quqi99 ) VPC ...

  5. 一:Neutron实现网络虚拟化

    一 云计算时代数据中心物理网络的问题 数据中心虚拟化成为了趋势,最典型的场景莫过于:对数据中心的服务器进行虚拟化,来提高资源利用率,同时降低单位能耗. 但是,随着数据中心虚拟化程度的不断提高.虚拟化服 ...

  6. Neutron网络学习

    学习 Neutron 系列文章: 转http://www.cnblogs.com/sammyliu/p/4622563.html (1)Neutron 所实现的网络虚拟化 (2)Neutron Ope ...

  7. Neutron 理解 (1): Neutron 所实现的网络虚拟化 [How Neutron Virtualizes Network]

    学习 Neutron 系列文章: (1)Neutron 所实现的网络虚拟化 (2)Neutron OpenvSwitch + VLAN 虚拟网络 (3)Neutron OpenvSwitch + GR ...

  8. 创建vpc网络

    vpc相关功能点: 模块 功能点 描述 备注 VPC 创建vpc网络 创建vpc网络,指定vpc网络名称   修改vpc网络 修改vpc网络名称   删除vpc网络 删除vpc网络   vpc相关命令 ...

  9. Openstack Neutron : 安全

    目录 - iptable:起源 - tables - chains - rules - 方向 - Security group 安全组: - Firewall 防火墙: - 更高的安全 - 无处安放的 ...

随机推荐

  1. Unity UGUI——提供可视功能的UI组件(Text)

    基本属性介绍 watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvTXJfQUhhbw==/font/5a6L5L2T/fontsize/400/fill/I0J ...

  2. Socket编程之Tomcat模拟_采坑汇总

    用java.net.Socket来模拟实现Tomcat,碰到了一些坑,大部分是没有想到的,记录下来自查. 直接上代码, public class TomcatDemo { private static ...

  3. Cassandra安装和初次使用

    Cassandra安装和初次使用 卡珊德拉(Cassandra)又译卡桑德拉.卡珊卓,为希腊.罗马神话中特洛伊(Troy)的公主,阿波罗(Apollo)的祭司.因神蛇以舌为她洗耳或阿波罗的赐予而有预言 ...

  4. UVA-11625-Nice Prefixes (DP+矩阵快速幂)

    题目(vjudge) 题面 题意: 你有K个字母,你需要用K个字母组成L长度的字符串,定义对于该字符串的任意前缀P 必须满足    ,输出方案数%1000000007的值. 思路: 首先可以想到一种简 ...

  5. DB2 中like的通配符以及escape关键字定义转义字符的使用

    DB2 LIKE谓词查询语句中支持 百分号(%).下划线(_)的使用,不支持方括号([])(注:它会把方括号当成实际的值而非通配符),当我们需要在LIKE 查询条件中将百分号(%).下划线(_)作为实 ...

  6. Idea中优化Markdown Support显示效果

    转自:https://www.jianshu.com/p/d093c42a8c29 因为工作中为提高工作效率,我一般习惯于直接在`idea`中使用`markdow support`插件来进行相关文档的 ...

  7. redis php 执行命令时,单引号和双引号的区别。

    #今天遇到一个坑爹的问题,写成单引号就不行,被原样输出了. /** *判断key是否存在 */ function exists_key($key){ return $this->cmd('EXI ...

  8. 转载:python基础之模块

    作者:武沛齐 出处:http://www.cnblogs.com/wupeiqi/ 本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接. 模块,用一 ...

  9. Github上好的Android开源框架

    1.volley 项目地址 https://github.com/smanikandan14/Volley-demo (1)  JSON,图像等的异步下载: (2)  网络请求的排序(scheduli ...

  10. ASIHTTPRequest中文入门教程全集 http://www.zpluz.com/thread-3284-1-1.html

    本文转载至 目录  3 第  1  章  创建和运行请求  5 1.1.  创建一个同步请求  5 1.2.  创建一个异步请求  5 1.3.  使用程序块(blocks )  6 1.4.  使用 ...