I think everybody reading this post knows or has heard about such network services as DNS and DHCP. These are core services and they are used everywhere. In a virtual environment such as OpenStack they built into the foundations.
Infoblox is an appliance-based, integrated DNS, DHCP, and IP address management product that solves a growing, critical problem in enterprise networking: keeping core network services infrastructure running nonstop. Infoblox also provides automatic network control solutions to enable cloud readiness all across your network.
You may want to use Infoblox with your OpenStack cloud to help make network address management more productive, stable and secure.
Nova-networkand how it works
At the moment,
nova-network is the daemon that deals with network configuration of host machines. It also provides virtual networks to enable instances to interact with each other and with the public network. Every instance is assigned to a private IP address from each
nova-network service. These IP addresses are called fixed IPs, and OpenStack uses the term floating IP to refer to an IP address that can be dynamically added to a running instance.
Currently Nova supports three kinds of networks, implemented in three types of network managers:
Each instance receives a fixed IP from the pool and all instances are attached to the same bridge by default. The bridge must be configured manually, while the networking configuration is injected into the instance before it is booted. And there is no floating IP feature in this mode.
All instances are attached to a single bridge on the compute node. In addition, a DHCP server is running to configure instances. OpenStack starts a DHCP server to pass out IP addresses to VM instances from the specified subnet, in addition to manually configuring the networking bridge. Instances receive their fixed IPs by doing a dhcpdiscover. Moreover, a floating IP feature is provided.
In this mode, Nova creates a VLAN and bridge for each tenant. The project gets a range of private IPs that are only accessible from inside the VLAN. A DHCP server is started for each VLAN to pass out IP addresses to VM instances from the subnet assigned to the project.
The latter two use dnsmasq as the DHCP server, and the nova-network service is responsible for starting up dnsmasq processes. Dnsmasq serves the virtual machines’ requests and sorts out their issues. That’s why dnsmasq is an isolated system in some ways.
With DNS, for every instance in the OpenStack cloud, there is a “name-address” pair and a group of managers that publish information to the DNS server if it is used (there no special DNS server for working with virtual machines by default). In order to enter these instances from the outside world, we needed a tool.
We decided to fix this and make some changes in nova architecture to use Infoblox or something similar for this purpose. You can find our implementation here.
The first step is to switch from dnsmasq as the provider of DNS and DHCP services, so we created a special hierarchy with just a DHCP driver in root for this purpose. Our solution lies in using different drivers for different DHCP and DNS servers, and Infoblox can be one of them.
To do so, you create drivers to manage Infoblox DHCP and Infoblox DNS, which makes communication between nova-network and Infoblox possible. Thus, if you want to expand your cloud network configuration options and use something other than dnsmasq, Infoblox may be just what you need.2 comments