Yes, I think of it as: A provider network in OpenStack is simply a record specifying the necessary details of the underlying infrastructure so that OpenStack can utilize it. The actual networking services (layer 2 and 3 forwarding, for example) are provided by the infrastructure and configured independently.
John > On Jan 19, 2016, at 4:32 AM, Neil Jerram <neil.jer...@metaswitch.com> wrote: > > On 19/01/16 07:36, Andreas Scheuring wrote: >> Hi everybody, >> >> I stumbled over a definition that explains the difference between a >> Provider network and a self service network. [1] > > I've also spent time trying to understand this, so am happy to offer > that understanding here (for checking?)... > > I believe the _definition_ of a 'provider' network is that it is a > network provisioned by the cloud operator - as opposed to 'tenant' > networks that are provisioned by non-admin tenants aka users aka projects. > > (I've not seen the term 'Self service' before, but presumably it means > what I'm calling 'tenant'. > > Corollaries - but not strictly part of the definition - are that: > > - Provider networks typically 'map more closely' in some sense onto the > cloud's underlying physical network than tenant networks do. The > 'provider' API extension - which is usually limited by policy to > operators only, and hence can only be used with provider networks - > allows the operator to specify that mapping, for example which VLAN to > map on to. Tenant networks are typically implemented with additional > layers of encapsulation, in comparison with provider networks, in order > to allow many tenant networks to coexist on the same compute hosts and > yet be isolatable from each other. > > - Provider networks typically use the real IP address space, whereas > tenant networks typically use private IP address space so that multiple > tenant networks can use the same IP addresses. > > The network that is on the external side of a Neutron Router has its > router:external property True, and also has to be a provider network. > Floating IPs come from a subnet that is associated with that provider > network. > > It's possible to attach VMs directly to a provider network, as well as > to tenant networks. > >> >> To summarize it says: >> - Provider Network: primarily uses layer2 services > > I don't know what this means. All networks have a layer 2 somewhere. > >> and vlan segmentation > > Yes, but they don't have to. A provider network can be 'flat', which > means that its VM interfaces are bridged onto one of the physical > interfaces of the compute host (and it is assumed that all hosts' > physical interfaces are themselves bridged together). So then any VLAN > that a VM used would be trunked through the physical network. > >> and cannot be used for advanced services (fwaas,..) > > (I didn't know that, but OK.) > >> - Self-service Network: is Neutron configured to use a overlay network > > Grammar? > >> and supports advanced services (fwaas,..) >> >> >> But my understanding is more like this: >> - Provider Network: The Openstack user needs information about the >> underlying network infrastructure to create a virtual network that >> exactly matches this infrastructure. > > Agreed, if s/user/operator/ and s/virtual//. OpenStack _users_ cannot > create provider networks, and I wouldn't call a provider network 'virtual'. > > >> >> - Self service network: The Openstack user can create virtual networks >> without knowledge about the underlaying infrastructure on the data >> network. This can also include vlan networks, if the l2 plugin/agent was >> configured accordingly. > > Agreed. >> >> >> Did the meaning of a provider network change in the meantime, or is my >> understanding just wrong? >> >> Thanks! >> >> >> >> >> [1] >> http://docs.openstack.org/liberty/install-guide-rdo/overview.html#id4 >> >> > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
