Over a million developers have joined DZone.

Why Internap Built Netman: Addressing the Tenant Isolation Gap in OpenStack Ironic

Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration.

· Cloud Zone

Download the Essential Cloud Buyer’s Guide to learn important factors to consider before selecting a provider as well as buying criteria to help you make the best decision for your infrastructure needs, brought to you in partnership with Internap.

At this year’s OpenStack Summit in Tokyo, I gave a talk on how our team at Internap developed and open-sourced a network automation tool that enables hybrid bare-metal and virtual infrastructure environments on OpenStack. You can watch the video here. 

Here I’ll share the factors that led us to build Netman, and explain how Netman enables bare metal orchestration in OpenStack. For an in depth overview, I’d encourage you to watch the video!

Increased Demand for Bare Metal Infrastructure

There are plenty of reasons for companies to request bare metal infrastructure. High-performance computing (HPC) comes to mind, where crunching numbers as fast as possible can sometimes be incompatible with virtualization and its many layers of abstraction. The rise of containers is another reason for this renewed interest in running a machine as close to the metal as possible.

Bare Metal on OpenStack

After the first iteration with the Nova bare metal project, developers quickly realized that an undertaking of this magnitude needed something more than an extension of Nova. Hence, the creation of a full project, aptly named Ironic, to deliver the opposite of what OpenStack was originally meant to do – run physical, not virtual, machines.

You can view Ironic’s documentation at http://docs.openstack.org/developer/ironic/.

The challenge: OpenStack Ironic’s Tenant Isolation Gap

Since OpenStack has been all about virtualization since its inception, there’s never been any real interest in providing bare-metal orchestration to the customer.

The work that has been done (for example TripleO) was directed towards the undercloud, or the initial provisioning of the cloud. But there is a big difference between automating the provisioning of an undercloud and providing customers with these same servers. The customer servers need to reside in isolated tenant networks, which means we’re not just automating server installation, but automatically configuring networking equipment as well.

Although tenant network isolation is not yet part of Ironic, the Internap engineering team created Netman to provide just that – tenant network isolation delivered to the customer in a pure physical environment.

Introducing Netman: Open Source Solution That Enables Tenant Isolation

Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration. You can view the Netman documentation at https://github.com/internap/netman.

The Cloud Zone is brought to you in partnership with Internap. Read Bare-Metal Cloud 101 to learn about bare-metal cloud and how it has emerged as a way to complement virtualized services.

Topics:
tenant management ,bare metal ,networking ,openstack kilo ,openstack

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}