by Boris Deschenes, Cloud Architect at Internap
Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration.
At this year’s OpenStack Summit in Tokyo, I gave a talk on how our team at Internap developed and open-sourced a network automation tool that enables hybrid bare-metal and virtual infrastructure environments on OpenStack. You can watch the video here.
Here I’ll share the factors that led us to build Netman, and explain how Netman enables bare metal orchestration in OpenStack. For an in depth overview, I’d encourage you to watch the video!
Increased Demand for Bare Metal Infrastructure
There are plenty of reasons for companies to request bare metal infrastructure. High-performance computing (HPC) comes to mind, where crunching numbers as fast as possible can sometimes be incompatible with virtualization and its many layers of abstraction. The rise of containers is another reason for this renewed interest in running a machine as close to the metal as possible.
Bare Metal on OpenStack
After the first iteration with the Nova bare metal project, developers quickly realized that an undertaking of this magnitude needed something more than an extension of Nova. Hence, the creation of a full project, aptly named Ironic, to deliver the opposite of what OpenStack was originally meant to do – run physical, not virtual, machines.
You can view Ironic’s documentation at https://docs.openstack.org/developer/ironic/.
The challenge: OpenStack Ironic’s tenant isolation gap
Since OpenStack has been all about virtualization since its inception, there’s never been any real interest in providing bare-metal orchestration to the customer.
The work that has been done (for example TripleO) was directed towards the undercloud, or the initial provisioning of the cloud. But there is a big difference between automating the provisioning of an undercloud and providing customers with these same servers. The customer servers need to reside in isolated tenant networks, which means we’re not just automating server installation, but automatically configuring networking equipment as well.
Although tenant network isolation is not yet part of Ironic, the Internap engineering team created Netman to provide just that – tenant network isolation delivered to the customer in a pure physical environment.
Introducing Netman: Open Source Solution that Enables Tenant Isolation
Netman abstracts all network configurations to Ironic. When Ironic needs to add or remove a server from a given network, Ironic simply passes the request to Netman, which in turn takes care of the network configuration. You can view the Netman documentation at https://github.com/internap/netman.