Yesterday, we introduced Keystone, the most central component in OpenStack. Today, we'll cover Neutron, which many consider the most complex part of OpenStack, and also the component responsible for providing networking services in OpenStack.
Table of Contents
Neutron Architecture
OpenStack Networking (Neutron) enables you to create network interfaces and connect them to other OpenStack components (such as Nova VMs), allowing them to interface with the network. By using different backend plugins, Neutron can support various network infrastructures and technologies, offering flexibility and adaptability for OpenStack deployment and architecture.
It includes the following components:
Neutron-server
Handles API requests and routes them to the appropriate OpenStack Networking plugin for processing.
OpenStack Networking backend plugins and agents
Manages ports, creates networks or subnets, and provides IP addressing. These plugins and agents are built upon different underlying technologies and vendors, such as OVS, Linux Bridge, and OVN—details of their architecture will be covered in later sections.
Common agents include L3 (Layer 3), DHCP (dynamic IP address assignment), and plugin-specific agents.
Message Queue
Like Nova and many other OpenStack services, internal communication within Neutron is handled via a message queue. OpenStack Networking uses this to exchange routing information between the neutron-server and various agents. It also maintains a persistent data store to keep track of network states specific to each plugin.
OpenStack Networking primarily works with OpenStack Compute to provide network connectivity for its instances (Nova VMs).
Services provided by Neturon
Neutron offers a network abstraction layer, enabling the deployment of overlay networks on OpenStack. It mainly provides the following services:
- Switch: Provides L2 connectivity for VMs on the same network
- Router: Provides L3 networking features, SNAT, DNAT, etc.
- Firewall: Provides basic firewall, port blocking, etc.
- Load Balancer: Provides load balancing; however, this feature has already been migrated to Octavia for implementation and was officially marked as deprecated in the Queens release.
The core concepts are similar to traditional physical network setups, though implemented through virtualized infrastructure in OpenStack.
The switch forwards the packet from compute node 1 to compute node 2
This article introduced key Neutron components and their functions. The next article will cover basic concepts and terminology used in Neutron.
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.