Jump to: navigation, search

Quantum-l3-firewalls-and-dhcps

Revision as of 20:32, 30 March 2012 by Juliano (talk)

Blanka layer 3 plugin

<<TableOfContents()>>

Abstract

Blanka is a quantum plugin to handle layer 3.

Blanka plugin extends quantum and provides mainly firewalls and dhcps.

Design

|alt L3 Firewalls and DHCPs Design

Summary

Agents are running on dhcps and firewalls to execute the proper work dictated by quantum via amqp: dhcp plugin works with any *nix os that uses isc-dhcp-server. firewall plugin is currently working with linux, but the data model should be usable with any firewall appliance

DHCP

DHCP servers run on the hypervisor server where the VM is running, providing better fail-over architecture. It follows the logic: get data from the amqp server, write the template file ( witch uses cheetah templates ) and send a request to quantum committing the action. The agent knows how to keep the dhcp server running in case of wrong data format sent to it.

|alt L3 Dhcps Workflow^l

Firewall

Firewall agent run o top of linux firewall server, each ip has its own firewall policy for input and output traffic and you can also enforce a range or network policy to each one which will prevail over the bottom level policy. This agent works retrieving data from amqp, running the iptables rule and sending a request to commit the action.

|alt L3 Firewalls Workflow

(Contact: Willian Molinari (PotHix), Thiago Morello, Juliano Martinez) <
>