Re: [openstack-dev] [Openstack] [Neutron] [Docs] Definition of a provider Network

2016-01-19 Thread John Belamaric 
Yes, I think of it as:

A provider network in OpenStack is simply a record specifying the necessary 
details of the underlying infrastructure so that OpenStack can utilize it. The 
actual networking services (layer 2 and 3 forwarding, for example) are provided 
by the infrastructure and configured independently.

John

> On Jan 19, 2016, at 4:32 AM, Neil Jerram  wrote:
> 
> On 19/01/16 07:36, Andreas Scheuring wrote:
>> Hi everybody, 
>> 
>> I stumbled over a definition that explains the difference between a
>> Provider network and a self service network. [1] 
> 
> I've also spent time trying to understand this, so am happy to offer
> that understanding here (for checking?)...
> 
> I believe the _definition_ of a 'provider' network is that it is a
> network provisioned by the cloud operator - as opposed to 'tenant'
> networks that are provisioned by non-admin tenants aka users aka projects.
> 
> (I've not seen the term 'Self service' before, but presumably it means
> what I'm calling 'tenant'.
> 
> Corollaries - but not strictly part of the definition - are that:
> 
> - Provider networks typically 'map more closely' in some sense onto the
> cloud's underlying physical network than tenant networks do.  The
> 'provider' API extension - which is usually limited by policy to
> operators only, and hence can only be used with provider networks -
> allows the operator to specify that mapping, for example which VLAN to
> map on to.  Tenant networks are typically implemented with additional
> layers of encapsulation, in comparison with provider networks, in order
> to allow many tenant networks to coexist on the same compute hosts and
> yet be isolatable from each other.
> 
> - Provider networks typically use the real IP address space, whereas
> tenant networks typically use private IP address space so that multiple
> tenant networks can use the same IP addresses.
> 
> The network that is on the external side of a Neutron Router has its
> router:external property True, and also has to be a provider network. 
> Floating IPs come from a subnet that is associated with that provider
> network.
> 
> It's possible to attach VMs directly to a provider network, as well as
> to tenant networks.
> 
>> 
>> To summarize it says:
>> - Provider Network: primarily uses layer2 services
> 
> I don't know what this means.  All networks have a layer 2 somewhere.
> 
>> and vlan segmentation
> 
> Yes, but they don't have to.  A provider network can be 'flat', which
> means that its VM interfaces are bridged onto one of the physical
> interfaces of the compute host (and it is assumed that all hosts'
> physical interfaces are themselves bridged together).  So then any VLAN
> that a VM used would be trunked through the physical network.
> 
>> and cannot be used for advanced services (fwaas,..)
> 
> (I didn't know that, but OK.)
> 
>> - Self-service Network: is Neutron configured to use a overlay network
> 
> Grammar?
> 
>> and supports advanced services (fwaas,..)
>> 
>> 
>> But my understanding is more like this:
>> - Provider Network: The Openstack user needs information about the
>> underlying network infrastructure to create a virtual network that
>> exactly matches this infrastructure. 
> 
> Agreed, if s/user/operator/ and s/virtual//.  OpenStack _users_ cannot
> create provider networks, and I wouldn't call a provider network 'virtual'.
> 
> 
>> 
>> - Self service network: The Openstack user can create virtual networks
>> without knowledge about the underlaying infrastructure on the data
>> network. This can also include vlan networks, if the l2 plugin/agent was
>> configured accordingly.
> 
> Agreed.
>> 
>> 
>> Did the meaning of a provider network change in the meantime, or is my
>> understanding just wrong?
>> 
>> Thanks!
>> 
>> 
>> 
>> 
>> [1]
>> http://docs.openstack.org/liberty/install-guide-rdo/overview.html#id4
>> 
>> 
> 
> 
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Openstack] [Neutron] [Docs] Definition of a provider Network

2016-01-19 Thread Neil Jerram 
On 19/01/16 07:36, Andreas Scheuring wrote:
> Hi everybody, 
>
> I stumbled over a definition that explains the difference between a
> Provider network and a self service network. [1] 

I've also spent time trying to understand this, so am happy to offer
that understanding here (for checking?)...

I believe the _definition_ of a 'provider' network is that it is a
network provisioned by the cloud operator - as opposed to 'tenant'
networks that are provisioned by non-admin tenants aka users aka projects.

(I've not seen the term 'Self service' before, but presumably it means
what I'm calling 'tenant'.

Corollaries - but not strictly part of the definition - are that:

- Provider networks typically 'map more closely' in some sense onto the
cloud's underlying physical network than tenant networks do.  The
'provider' API extension - which is usually limited by policy to
operators only, and hence can only be used with provider networks -
allows the operator to specify that mapping, for example which VLAN to
map on to.  Tenant networks are typically implemented with additional
layers of encapsulation, in comparison with provider networks, in order
to allow many tenant networks to coexist on the same compute hosts and
yet be isolatable from each other.

- Provider networks typically use the real IP address space, whereas
tenant networks typically use private IP address space so that multiple
tenant networks can use the same IP addresses.

The network that is on the external side of a Neutron Router has its
router:external property True, and also has to be a provider network. 
Floating IPs come from a subnet that is associated with that provider
network.

It's possible to attach VMs directly to a provider network, as well as
to tenant networks.

>
> To summarize it says:
> - Provider Network: primarily uses layer2 services

I don't know what this means.  All networks have a layer 2 somewhere.

>  and vlan segmentation

Yes, but they don't have to.  A provider network can be 'flat', which
means that its VM interfaces are bridged onto one of the physical
interfaces of the compute host (and it is assumed that all hosts'
physical interfaces are themselves bridged together).  So then any VLAN
that a VM used would be trunked through the physical network.

> and cannot be used for advanced services (fwaas,..)

(I didn't know that, but OK.)

> - Self-service Network: is Neutron configured to use a overlay network

Grammar?

> and supports advanced services (fwaas,..)
>
>
> But my understanding is more like this:
> - Provider Network: The Openstack user needs information about the
> underlying network infrastructure to create a virtual network that
> exactly matches this infrastructure. 

Agreed, if s/user/operator/ and s/virtual//.  OpenStack _users_ cannot
create provider networks, and I wouldn't call a provider network 'virtual'.


>
> - Self service network: The Openstack user can create virtual networks
> without knowledge about the underlaying infrastructure on the data
> network. This can also include vlan networks, if the l2 plugin/agent was
> configured accordingly.

Agreed.
>
>
> Did the meaning of a provider network change in the meantime, or is my
> understanding just wrong?
>
> Thanks!
>
>
>
>
> [1]
> http://docs.openstack.org/liberty/install-guide-rdo/overview.html#id4
>
>


__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev