Neutron is the networking project within the OpenStack cloud platform. The purpose of OpenStack Neutron is to provide physical and virtual network resources to the instances (or virtual machines). Before you continue to read this article I would recommend that you read about OpenStack networking concepts. To appreciate the architecture and the functionality of Neutron, it is important to understand the components that are part of Neutron.
OpenStack Neutron Software Components
The main software entity for Neutron is the neutron-server daemon. This is basically a python program which is started when you execute:
This Neutron server daemon starts two critical components:
- Neutron REST service
- Neutron Plugin - core and service plugin
The Neutron RPC service is also started so that the neutron servers can communicate with the agents. And the RPC service actually loads the Neutron Plugin.
Plugins in Neutron allow extension and/or customization of the pre-existing functionality in Neutron. Networking vendors can write plugins that ensures smooth inter-operability between OpenStack Neutron and vendor-specific software and hardware. With this approach a rich set of physical and virtual networking resources can be made available to the virtual machines instances.
The agents are another set of critical components within Neutron. The main Neutron server (and the plugins) communicate with Neutron agents. The Neutron agents implement very specific networking functionality. Examples include DHCP Agent, L3 Agent etc. Some agents may be specific to the plugin such as Linux Bridge Neutron Agent etc.
I will be blogging about Plugins and Agents in detail soon.
OpenStack Neutron Hardware Components
The following hardware components support one or more of the above mentioned software components.
The main OpenStack Neutron server runs in the controller node. This means that Neutron API requests from Horizon (Dashboard) or the Neutron CLI, land on this server. As seen above, the plugins that do the main networking configurations also run on this server.
Physical network connectivity for Controller Node: Since the Neutron server needs to receive API requests and also needs to communicate with agents via RPC, it requires a minimum of one Ethernet interface (Management Network) for this purpose.
The compute node is where the instances or virtual machines are started. The main goal of OpenStack Neutron, within the compute node, is to provide networking resources for ‘each’ instance. Since the core element of Neutron is to provide Layer-2 (L2) connectivity an instance, the L2 agent (depending on the plugin) runs on the compute node.
_Physical network connectivity for Compute Node: _The compute node may run agents and will respond to RPC messages from Neutron Server (Management Network). In addition it also needs to provide a dedicate interface for network traffic from the virtual machines (Data Network). Hence the Compute node requires two Ethernet interfaces.
The networking node is a special node dedicated to provide several key networking capabilities. Since the instances or VMs run on the compute node, the main purpose of networking node is to provide networking services that span across virtual machines - for example DHCP and Routing etc.
Physical network connectivity for Controller Node: Just like the Compute node, the network node needs two Ethernet Interfaces for Management and Data network. In addition, Networking Node can also provide to-and-fro Internet access for the virtual machines. It is recommended that a separate third Ethernet interface be used for this purpose.
The following diagram from the OpenStack Admin Guide clarifies the services and the network connectivity supported by these three physical components.
In real data centers, physical servers (nodes) are connected to switches and further these switches are connected to Routers. The capabilities of Neutron can be enhanced by using vendor specific plugins that can help leverage specialized networking equipment. In addition, the network topology of the data center, that hosts your OpenStack cloud will also play a role in the kind of capabilities OpenStack tenants can leverage. Even though physical networks are not tightly integrated with OpenStack Neutron, they nevertheless are instrumental in the cloud services available to tenants.