Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Why Internap Built Netman: Addressing the Tenant Isolation Gap in OpenStack Ironic

DZone's Guide to

Why Internap Built Netman: Addressing the Tenant Isolation Gap in OpenStack Ironic

Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration.

· Cloud Zone
Free Resource

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

At this year’s OpenStack Summit in Tokyo, I gave a talk on how our team at Internap developed and open-sourced a network automation tool that enables hybrid bare-metal and virtual infrastructure environments on OpenStack. You can watch the video here. 

Here I’ll share the factors that led us to build Netman, and explain how Netman enables bare metal orchestration in OpenStack. For an in depth overview, I’d encourage you to watch the video!

Increased Demand for Bare Metal Infrastructure

There are plenty of reasons for companies to request bare metal infrastructure. High-performance computing (HPC) comes to mind, where crunching numbers as fast as possible can sometimes be incompatible with virtualization and its many layers of abstraction. The rise of containers is another reason for this renewed interest in running a machine as close to the metal as possible.

Bare Metal on OpenStack

After the first iteration with the Nova bare metal project, developers quickly realized that an undertaking of this magnitude needed something more than an extension of Nova. Hence, the creation of a full project, aptly named Ironic, to deliver the opposite of what OpenStack was originally meant to do – run physical, not virtual, machines.

You can view Ironic’s documentation at http://docs.openstack.org/developer/ironic/.

The challenge: OpenStack Ironic’s Tenant Isolation Gap

Since OpenStack has been all about virtualization since its inception, there’s never been any real interest in providing bare-metal orchestration to the customer.

The work that has been done (for example TripleO) was directed towards the undercloud, or the initial provisioning of the cloud. But there is a big difference between automating the provisioning of an undercloud and providing customers with these same servers. The customer servers need to reside in isolated tenant networks, which means we’re not just automating server installation, but automatically configuring networking equipment as well.

Although tenant network isolation is not yet part of Ironic, the Internap engineering team created Netman to provide just that – tenant network isolation delivered to the customer in a pure physical environment.

Introducing Netman: Open Source Solution That Enables Tenant Isolation

Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration. You can view the Netman documentation at https://github.com/internap/netman.

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

Topics:
tenant management ,bare metal ,networking ,openstack kilo ,openstack

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}