SlideShare a Scribd company logo
Group Based 
Policy 
Open Source Policy in OpenDaylight 
and OpenStack Neutron 
Kyle Mestery 
OpenStack Neutron PTL
Abstract 
As computing has continued to evolve to a more utility or cloud-like 
environment, one area which has not evolved as much is networking. Concepts 
relevant 20 years ago such as switches, ports, networks, subnets and routers 
are today still very much the basic building blocks for operators and application 
deployers. Group Based Policy looks to extend this landscape by introducing 
the concepts of groups of endpoints and policy abstractions governing the 
communication between the groups. With Group Based Policy, application 
deployers can think in terms relevant to their applications when deploying 
networking for their applications. This talk will cover an introduction to Group 
Based Policy and explore it’s implementation in OpenStack Neutron and 
OpenDaylight. An overview of how the two work together to achieve harmony 
for application deployers will also be discussed.
Our hero … the application developer 
Application 
Developer
But first, some history
What is a computer network? 
A computer network is a collection of 
computers and other hardware components 
interconnected by communication channels 
that allow sharing of resources and 
information.
A typical computer network ...
Protocol Soup ...
What if this could be simplified?
Now, back to our hero 
Application 
Developer
Our hero wants to deploy this 
Client Tier Web/App Tier DB Tier 
Internet Web/App 
Server DB
Currently she does this ... 
External Network 
Q 
Network/ 
subnet 
Network/ 
subnet 
Network/ 
subnet 
Router 
Q
What if she could do this! 
PG 
Web 
PG 
Application 
PG 
DB 
PG 
External Network 
(Internet) C1 C2 C3 
Protocol: TCP 
Port: 80 
Action: Redirect to 
FW_LB_CHAIN 
Protocol: TCP 
Port: 9080 
Action: ALLOW 
Protocol: TCP 
Port: 3306 
Action: ALLOW
Introducing Group Based Policy 
● APIs to allow the user to express intent 
○ Separates intent from the actual underlying networking 
infrastructure 
● Application policy abstracted from network 
specifics 
● Open Standards, Open Source, Community 
Driver 
○ OpenDaylight 
○ OpenStack Neutron
Group Based Policy Terminology 
● Existing constructs 
○ Switches 
○ Networks 
○ Subnets 
○ Ports 
○ Routers 
○ Load balancers 
○ Firewalls 
● GBP Constructs 
○ Policy Point 
○ Policy Group
Group Based Policy Elements 
● Policy Repository 
● Endpoint Repository 
● Observer 
● Policy Enforcer
The Benefits of Group Based Policy 
● Easier application focused networking 
● Improved automation 
● Consistency 
● Extensible policy model 
● User defined policy is not dependent on 
specific networking technologies
Open Source Implementations 
By utilizing OpenStack Neutron with 
OpenDaylight and GBP APIs, 
application developers and deployers 
get a fully open source networking policy 
system.
But first, back to our hero 
I need some background 
information on 
OpenDaylight and 
OpenStack. 
Application 
Developer
What is OpenDaylight? 
OpenDaylight is an Open Source Software project under the Linux Foundation with the goal of 
furthering the adoption and innovation of Software Defined Networking (SDN) through the 
creation of a common industry supported platform 
Code Acceptance Community 
To create a robust, extensible, 
open source code base that 
covers the major common 
components required to build 
an SDN solution 
To get broad industry 
acceptance amongst vendors 
and users 
• Using OpenDaylight code 
directly or through vendor 
products 
•Vendors using 
OpenDaylight code as part 
of commercial products 
To have a thriving and 
growing technical community 
contributing to the code base, 
using the code in commercial 
products, and adding value 
above, below and around.
What is OpenDaylight Building? 
OpenDaylight is an open community that is building: 
● An evolvable SDN platform capable of handling diverse use cases and 
implementation approaches 
● Common abstractions of capabilities NorthBound for people to program 
● Intermediation of those capabilities to multiple Southbound 
implementations 
● Programmable Network services 
● Network Applications 
● Whatever else we need to make it work 
○ Including engineering systems
What Is OpenStack? 
Self-service provisioning of virtual machines 
through a software API 
Your Application 
For tenant created, virtual isolated networks Massively scalable, distributed object store 
and subnets, and services
OpenStack continues to build services which abstract 
infrastructure and provide highly scalable utilities through 
REST APIs, command tools and user portals 
Compute 
(VM provisioning) 
Networking 
(Virtual, Physical) 
Orchestration 
Identity/Authentication 
Storage 
(Object) 
VM Image Catalog 
User/Admin Portal 
Metering 
(Ceilometer) 
(HEAT) 
Storage 
(Block) 
Networking Services 
(LB, FW, VPN, IDS..)
How Does Group Based Policy Fit Into 
OpenDaylight and OpenStack? 
Application 
Developer
GBP In OpenDaylight 
● Active project targeting the Helium Release 
of OpenDaylight 
● Initial code available: 
○ https://git.opendaylight.org/gerrit/groupbasedpolicy 
● More info on the wiki 
○ https://wiki.opendaylight.org/view/Group_Policy: 
Main
OpenDaylight GBP 
Architecture
Group Based Policy Renders 
● GBP supports a variety of underlying 
technologies 
○ Possible because policy model is based on high 
level user intent 
○ Complexity lies in the renderers 
● Renders being worked include: 
○ OVS Overlay 
○ OpenFlow Render 
○ OpFlex Render
Group Based Policy In OpenStack Neutron 
● GBP sub-team focused on proof of concept 
during Icehouse cycle 
● Code patches out for review during Juno 
○ https://blueprints.launchpad. 
net/neutron/+spec/group-based-policy-abstraction 
○ Patches encompass neutron, CLI, Horizon and Heat
CLI 
Heat Horizon 
Neutron 
Policy Manager 
Legacy 
Policy Driver 
ODL 
Policy Driver 
others 
OpenStack GBP Architecture
The Open Source Policy “Stack” 
Group Policy as defined by OpenStack 
OpenDaylight provide northbound API for Group Policy and 
southbound interface for OpFlex protocol. 
OpFlex protocol defined through IETF 
(OpFlex Control Protocol draft-smith-opflex-00) 
OpFlex Policy Agent with northbound OpFlex protocol 
interface and southbound interface for device (OVS is the 
reference implementation). 
Linux 
libvirt OpenFlow OVSDB 
OVS
Back to our hero 
Application 
Developer
In Summary 
● Group Based Policy goals: 
○ Separate application intent from underlying 
implementation 
○ Provide application oriented APIs for application 
developers and deployers 
○ Uses and extends existing open standards and 
protocols 
○ Simplify complex networking for application 
deployers!
Allows anyone to accomplish this! 
PG 
Web 
PG 
Application 
PG 
DB 
PG 
External Network 
(Internet) C1 C2 C3
More Information 
● For more information on OpFlex and how it 
integrates with GBP, attend Scott Mann’s 
talk: 
○ Open Source Policy: OpenDaylight and OpFlex 
○ Thursday, 2:30-3:20PM 
○ Room SB 3
Thank you! 
Application 
Developer

More Related Content

PPTX
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
PDF
OpenDaylight: an open source SDN for your OpenStack cloud
PPTX
Navigating OpenStack Networking
PPTX
Hands-on Lab: Test Drive Your OpenStack Network
PPTX
Openstack Neutron Insights
PDF
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
PDF
Openstack Neutron, interconnections with BGP/MPLS VPNs
PDF
OpenStack networking - Neutron deep dive with PLUMgrid
OpenStack and OpenDaylight Workshop: ONUG Spring 2014
OpenDaylight: an open source SDN for your OpenStack cloud
Navigating OpenStack Networking
Hands-on Lab: Test Drive Your OpenStack Network
Openstack Neutron Insights
OpenStack and OpenDaylight: An Integrated IaaS for SDN/NFV
Openstack Neutron, interconnections with BGP/MPLS VPNs
OpenStack networking - Neutron deep dive with PLUMgrid

What's hot (20)

PDF
Openstack Neutron & Interconnections with BGP/MPLS VPNs
PPTX
Introduction to Openstack Network
PDF
Openstack Neutron and SDN
PPTX
OpenStack Neutron behind the Scenes
PPTX
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
PDF
Interconnecting Neutron and Network Operators' BGP VPNs
PPTX
Introduction to the Helium release of OpenDaylight
PPTX
Network Intent Composition in OpenDaylight
PPTX
Network Monitoring and Analytics
PPTX
OpenStack Discovery and Networking Assurance - Koren Lev - Meetup
PDF
OpenStack Neutron Havana Overview - Oct 2013
PPTX
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
PDF
Simplifying the OpenStack and Kubernetes network stack with Romana
PPTX
OpenStack and the Transformation of the Data Center - Lew Tucker
PDF
Networking For Nested Containers: Magnum, Kuryr, Neutron Integration
PDF
BGP Dynamic Routing and Neutron
PPTX
How to write a Neutron Plugin - if you really need to
PPTX
You Can Build Your OpenStack and Consume it Too
PDF
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
PPTX
Tap as a service: What you need to know now
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Introduction to Openstack Network
Openstack Neutron and SDN
OpenStack Neutron behind the Scenes
OpenDaylight Netvirt and Neutron - Mike Kolesnik, Josh Hershberg - OpenStack ...
Interconnecting Neutron and Network Operators' BGP VPNs
Introduction to the Helium release of OpenDaylight
Network Intent Composition in OpenDaylight
Network Monitoring and Analytics
OpenStack Discovery and Networking Assurance - Koren Lev - Meetup
OpenStack Neutron Havana Overview - Oct 2013
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
Simplifying the OpenStack and Kubernetes network stack with Romana
OpenStack and the Transformation of the Data Center - Lew Tucker
Networking For Nested Containers: Magnum, Kuryr, Neutron Integration
BGP Dynamic Routing and Neutron
How to write a Neutron Plugin - if you really need to
You Can Build Your OpenStack and Consume it Too
Microservices Architectures with Docker Swarm, etcd, Kuryr and Neutron
Tap as a service: What you need to know now
Ad

Viewers also liked (20)

PDF
Adopting Open Source Software Policy: What Advantages and Challenges there ar...
PDF
Strategies and Policies for the implementation of Free & and Open Source Soft...
PDF
Freedom And Openness For Higher Education - Management workshop for Universit...
PDF
New learning paradigms and educational technologies
PDF
Strategies and Policies for the implementation of Free & and Open Source Soft...
PPTX
Templanza
PDF
Technologies For Higher Education
PPTX
Use of songs, raps, poems
PDF
FLOSS - Business Aspects of Software Industry
PDF
What Technology Lies Behind VPN
PDF
What can we learn from One Laptop Per Child Projects?
PDF
OLPC Oceania - ITU UNESCAP Regional Forum Bangkok -- 19 May 2011
PDF
FLOSS & OER
PPTX
OLPC Oceania -- Vanuatu -- brief to MOE -- 16 aug2011
PDF
JTELSS13 Why is free software important in education
PDF
Students' Experiential Knowledge Production in the Teaching-Learning Process ...
PPTX
Four Steps to Creating an Effective Open Source Policy
PDF
New learning paradigms and technologies
PPT
ERP Software Why its good
PPTX
Include it all. Filter it afterward.
Adopting Open Source Software Policy: What Advantages and Challenges there ar...
Strategies and Policies for the implementation of Free & and Open Source Soft...
Freedom And Openness For Higher Education - Management workshop for Universit...
New learning paradigms and educational technologies
Strategies and Policies for the implementation of Free & and Open Source Soft...
Templanza
Technologies For Higher Education
Use of songs, raps, poems
FLOSS - Business Aspects of Software Industry
What Technology Lies Behind VPN
What can we learn from One Laptop Per Child Projects?
OLPC Oceania - ITU UNESCAP Regional Forum Bangkok -- 19 May 2011
FLOSS & OER
OLPC Oceania -- Vanuatu -- brief to MOE -- 16 aug2011
JTELSS13 Why is free software important in education
Students' Experiential Knowledge Production in the Teaching-Learning Process ...
Four Steps to Creating an Effective Open Source Policy
New learning paradigms and technologies
ERP Software Why its good
Include it all. Filter it afterward.
Ad

Similar to Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron (20)

PPTX
All Things Open SDN, NFV and Open Daylight
PPTX
Collaborating with OpenDaylight for a Network-Enabled Cloud
PPTX
Openstack Group-Based Policy
PDF
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
PPTX
ICN in the IRTF and IETF
PDF
Neutron Networking: Service Groups, Policies and Chains
PDF
OGF standards for cloud computing
PPT
Introduction to OpenDaylight and Hydrogen, Learnings from the Year, What's Ne...
PDF
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
PPTX
LF Energy Webinar: Introduction to TROLIE
PDF
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
PPTX
Delivering Network Innovation with SDN - Tom Nadeau
PDF
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
PPTX
Webinar: Transforming Substation Automation with Open Source Solutions
PDF
Software Defined Networking: The OpenDaylight Project
PPTX
Basavaraj H - Open Day light.pptx for sdn
PPTX
Cloud open unveillithium-odlnewrelease-2-ns
PDF
1b_OPEN17_Microsoft & Open Source
PDF
Current & Future Use-Cases of OpenDaylight
PDF
George Grey Welcome Keynote - BUD17-100K1
All Things Open SDN, NFV and Open Daylight
Collaborating with OpenDaylight for a Network-Enabled Cloud
Openstack Group-Based Policy
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ICN in the IRTF and IETF
Neutron Networking: Service Groups, Policies and Chains
OGF standards for cloud computing
Introduction to OpenDaylight and Hydrogen, Learnings from the Year, What's Ne...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
LF Energy Webinar: Introduction to TROLIE
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Delivering Network Innovation with SDN - Tom Nadeau
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
Webinar: Transforming Substation Automation with Open Source Solutions
Software Defined Networking: The OpenDaylight Project
Basavaraj H - Open Day light.pptx for sdn
Cloud open unveillithium-odlnewrelease-2-ns
1b_OPEN17_Microsoft & Open Source
Current & Future Use-Cases of OpenDaylight
George Grey Welcome Keynote - BUD17-100K1

More from mestery (15)

PDF
OVN: Scaleable Virtual Networking for Open vSwitch
PDF
OpenStack Tokyo Summit Keynote Slides
PDF
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
PDF
OpenStack Neutron Liberty Updates
PDF
OpenStack Neutron Tutorial
PDF
Open Source Backends for OpenStack Neutron
PPT
OpenDaylight Integration with OpenStack Neutron: A Tutorial
PPTX
Next Generation Network Developer Skills
PPTX
Modular Layer 2 In OpenStack Neutron
PPTX
LISP and NSH in Open vSwitch
PPTX
vBrownBag OpenStack Networking Talk
PPTX
OpenStack: Why Is It Gaining So Much Traction?
PPTX
Triangle OpenStack Meetup
PPTX
OpenStack Development Using devstack
PPTX
Open Source Cloud, Virtualization and Deployment Technologies
OVN: Scaleable Virtual Networking for Open vSwitch
OpenStack Tokyo Summit Keynote Slides
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron Liberty Updates
OpenStack Neutron Tutorial
Open Source Backends for OpenStack Neutron
OpenDaylight Integration with OpenStack Neutron: A Tutorial
Next Generation Network Developer Skills
Modular Layer 2 In OpenStack Neutron
LISP and NSH in Open vSwitch
vBrownBag OpenStack Networking Talk
OpenStack: Why Is It Gaining So Much Traction?
Triangle OpenStack Meetup
OpenStack Development Using devstack
Open Source Cloud, Virtualization and Deployment Technologies

Recently uploaded (20)

PDF
Electronic commerce courselecture one. Pdf
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
PDF
cuic standard and advanced reporting.pdf
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
PDF
Chapter 3 Spatial Domain Image Processing.pdf
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
PDF
Network Security Unit 5.pdf for BCA BBA.
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
PDF
Advanced Soft Computing BINUS July 2025.pdf
PDF
Review of recent advances in non-invasive hemoglobin estimation
PPTX
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
PDF
Machine learning based COVID-19 study performance prediction
PDF
Unlocking AI with Model Context Protocol (MCP)
PDF
NewMind AI Weekly Chronicles - August'25 Week I
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
Electronic commerce courselecture one. Pdf
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
cuic standard and advanced reporting.pdf
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
Chapter 3 Spatial Domain Image Processing.pdf
“AI and Expert System Decision Support & Business Intelligence Systems”
Diabetes mellitus diagnosis method based random forest with bat algorithm
Network Security Unit 5.pdf for BCA BBA.
CIFDAQ's Market Insight: SEC Turns Pro Crypto
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
Advanced Soft Computing BINUS July 2025.pdf
Review of recent advances in non-invasive hemoglobin estimation
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
Per capita expenditure prediction using model stacking based on satellite ima...
Machine learning based COVID-19 study performance prediction
Unlocking AI with Model Context Protocol (MCP)
NewMind AI Weekly Chronicles - August'25 Week I
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...

Group Based Policy: Open Source Policy in OpenDaylight and OpenStack Neutron

  • 1. Group Based Policy Open Source Policy in OpenDaylight and OpenStack Neutron Kyle Mestery OpenStack Neutron PTL
  • 2. Abstract As computing has continued to evolve to a more utility or cloud-like environment, one area which has not evolved as much is networking. Concepts relevant 20 years ago such as switches, ports, networks, subnets and routers are today still very much the basic building blocks for operators and application deployers. Group Based Policy looks to extend this landscape by introducing the concepts of groups of endpoints and policy abstractions governing the communication between the groups. With Group Based Policy, application deployers can think in terms relevant to their applications when deploying networking for their applications. This talk will cover an introduction to Group Based Policy and explore it’s implementation in OpenStack Neutron and OpenDaylight. An overview of how the two work together to achieve harmony for application deployers will also be discussed.
  • 3. Our hero … the application developer Application Developer
  • 4. But first, some history
  • 5. What is a computer network? A computer network is a collection of computers and other hardware components interconnected by communication channels that allow sharing of resources and information.
  • 6. A typical computer network ...
  • 8. What if this could be simplified?
  • 9. Now, back to our hero Application Developer
  • 10. Our hero wants to deploy this Client Tier Web/App Tier DB Tier Internet Web/App Server DB
  • 11. Currently she does this ... External Network Q Network/ subnet Network/ subnet Network/ subnet Router Q
  • 12. What if she could do this! PG Web PG Application PG DB PG External Network (Internet) C1 C2 C3 Protocol: TCP Port: 80 Action: Redirect to FW_LB_CHAIN Protocol: TCP Port: 9080 Action: ALLOW Protocol: TCP Port: 3306 Action: ALLOW
  • 13. Introducing Group Based Policy ● APIs to allow the user to express intent ○ Separates intent from the actual underlying networking infrastructure ● Application policy abstracted from network specifics ● Open Standards, Open Source, Community Driver ○ OpenDaylight ○ OpenStack Neutron
  • 14. Group Based Policy Terminology ● Existing constructs ○ Switches ○ Networks ○ Subnets ○ Ports ○ Routers ○ Load balancers ○ Firewalls ● GBP Constructs ○ Policy Point ○ Policy Group
  • 15. Group Based Policy Elements ● Policy Repository ● Endpoint Repository ● Observer ● Policy Enforcer
  • 16. The Benefits of Group Based Policy ● Easier application focused networking ● Improved automation ● Consistency ● Extensible policy model ● User defined policy is not dependent on specific networking technologies
  • 17. Open Source Implementations By utilizing OpenStack Neutron with OpenDaylight and GBP APIs, application developers and deployers get a fully open source networking policy system.
  • 18. But first, back to our hero I need some background information on OpenDaylight and OpenStack. Application Developer
  • 19. What is OpenDaylight? OpenDaylight is an Open Source Software project under the Linux Foundation with the goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common industry supported platform Code Acceptance Community To create a robust, extensible, open source code base that covers the major common components required to build an SDN solution To get broad industry acceptance amongst vendors and users • Using OpenDaylight code directly or through vendor products •Vendors using OpenDaylight code as part of commercial products To have a thriving and growing technical community contributing to the code base, using the code in commercial products, and adding value above, below and around.
  • 20. What is OpenDaylight Building? OpenDaylight is an open community that is building: ● An evolvable SDN platform capable of handling diverse use cases and implementation approaches ● Common abstractions of capabilities NorthBound for people to program ● Intermediation of those capabilities to multiple Southbound implementations ● Programmable Network services ● Network Applications ● Whatever else we need to make it work ○ Including engineering systems
  • 21. What Is OpenStack? Self-service provisioning of virtual machines through a software API Your Application For tenant created, virtual isolated networks Massively scalable, distributed object store and subnets, and services
  • 22. OpenStack continues to build services which abstract infrastructure and provide highly scalable utilities through REST APIs, command tools and user portals Compute (VM provisioning) Networking (Virtual, Physical) Orchestration Identity/Authentication Storage (Object) VM Image Catalog User/Admin Portal Metering (Ceilometer) (HEAT) Storage (Block) Networking Services (LB, FW, VPN, IDS..)
  • 23. How Does Group Based Policy Fit Into OpenDaylight and OpenStack? Application Developer
  • 24. GBP In OpenDaylight ● Active project targeting the Helium Release of OpenDaylight ● Initial code available: ○ https://git.opendaylight.org/gerrit/groupbasedpolicy ● More info on the wiki ○ https://wiki.opendaylight.org/view/Group_Policy: Main
  • 26. Group Based Policy Renders ● GBP supports a variety of underlying technologies ○ Possible because policy model is based on high level user intent ○ Complexity lies in the renderers ● Renders being worked include: ○ OVS Overlay ○ OpenFlow Render ○ OpFlex Render
  • 27. Group Based Policy In OpenStack Neutron ● GBP sub-team focused on proof of concept during Icehouse cycle ● Code patches out for review during Juno ○ https://blueprints.launchpad. net/neutron/+spec/group-based-policy-abstraction ○ Patches encompass neutron, CLI, Horizon and Heat
  • 28. CLI Heat Horizon Neutron Policy Manager Legacy Policy Driver ODL Policy Driver others OpenStack GBP Architecture
  • 29. The Open Source Policy “Stack” Group Policy as defined by OpenStack OpenDaylight provide northbound API for Group Policy and southbound interface for OpFlex protocol. OpFlex protocol defined through IETF (OpFlex Control Protocol draft-smith-opflex-00) OpFlex Policy Agent with northbound OpFlex protocol interface and southbound interface for device (OVS is the reference implementation). Linux libvirt OpenFlow OVSDB OVS
  • 30. Back to our hero Application Developer
  • 31. In Summary ● Group Based Policy goals: ○ Separate application intent from underlying implementation ○ Provide application oriented APIs for application developers and deployers ○ Uses and extends existing open standards and protocols ○ Simplify complex networking for application deployers!
  • 32. Allows anyone to accomplish this! PG Web PG Application PG DB PG External Network (Internet) C1 C2 C3
  • 33. More Information ● For more information on OpFlex and how it integrates with GBP, attend Scott Mann’s talk: ○ Open Source Policy: OpenDaylight and OpFlex ○ Thursday, 2:30-3:20PM ○ Room SB 3