OpenStack services in Boron
Pan-Net Beryllium is based on the OpenStack Stein version with OVN/OVS as SDN controller.
OpenStack provides a cloud computing platform with a variety of services. Each service offers an application programming interface (API) that facilitates this integration. Table 1 lists OpenStack services and their availability in the Pan-Net Boron deployment.
Provides an authentication and authorization service for other OpenStack services.
Manages the lifecycle of compute instances in an OpenStack environment. Responsibilities include spawning, scheduling and decommissioning of virtual machines on demand.
Enables network connectivity as a service for other OpenStack services, such as OpenStack Compute.
Stores and retrieves virtual machine disk images.
Stores and retrieves arbitrary unstructured data objects via a RESTful, HTTP based API. Supported S3 and Swift interfaces.
Cinder - CEPH or Datera back-end
Provides persistent block storage to running instances.
Provides a web-based self-service portal to interact with underlying OpenStack services, such as launching an instance, assigning IP addresses and configuring access controls.
Ceilometer, Gnocchi, Aodh
Monitors and meters the OpenStack cloud for billing, benchmarking, scalability, and statistical purposes.
Orchestrates multiple composite cloud applications.
Service for mapping of public and private IP addresses. SNATaaS is used indirectly by OpenStack services.
LBaaS (Load-Balancing-as-a-Service) is implemented on Octavia Amphora instances and is available as self-service.
As an alternative, Pan-Net Boron offers load balancing based BGPaaS supporting ECMP. More details can be found in the chapter Load balancing.
Provides secure storage, provisioning and management of secrets such as passwords, encryption keys and X.509 Certificates.
Table 1: OpenStack services in Pan-Net Boron deployment.
Additional functionality to OpenStack services is listed in Table 2.
Inter-tenant communication can be implemented via public/shared or private VRF technology.
Access to OpenStack API from within tenant/project
Access to OpenStack API from within tenant/project communication is implemented using https over the proxy.
Access to SOA BP
Access is enabled using IPsec tunnel via proxy.
SMTP (Simple Mail Transfer Protocol) Server
It must be installed by the project.
For applications in Tenant OAM VPN:
Table 2: Additional functionality in Pan-Net Boron deployment.