Take Control of your OpenStack Environment Again
Over the last 4-5 years, OpenStack has clearly emerged as one of the dominant players in providing an open-source platform to offer Infrastructure-as-a-Service (IasS). With its rich features and hybrid architecture, OpenStack momentum continues to grow as an important component of hybrid cloud strategy, particularly among enterprises and Telcos.
While OpenStack addresses most of the Infrastructure challenges which high-tech industries are facing, some challenges such as the following are not addressed.
- IP address Management (IPAM) and DNS records: With the advent of Dev-Ops and related technologies, instances or virtual machines (VMs) are being created and terminated at a rapid pace. In such scenarios, keeping track of IP addresses becomes critical. Unfortunately, OpenStack does not have any native mechanism to maintain and track IP addresses. Also, along with IP addresses, provisioning of DNS records is equally important. OpenStack does not have any component which can provision an IP address and automate DNS record creation. Keeping track of IP addresses manually in a spreadsheet and managing DNS records manually can be an arduous task and can negatively impact the adoption of OpenStack.
- Security: Security is something which everyone is paranoid about. In a complex ecosystem like OpenStack, making sure that instances can only reach and see what they are supposed to, is vital. While OpenStack does offer basic security (based on IP tables), for the VMs it does not have much to offer when DNS and web security is concerned.
- Reporting and Visibility of OpenStack infrastructure.: Reporting and Visibility is also one of the fields where OpenStack does not have much to offer. Enterprises are looking for a holistic view of their private cloud. They want to know which instance is generating what traffic and how much. OpenStack does not have any native component that can generate reports on the DNS usage and network
The above challenges might make enterprises think twice before they decide to move their workloads to OpenStack.
With Infoblox, you can fill the gaps in OpenStack
Infoblox is committed to supporting enterprise cloud strategy for public, private and hybrid clouds. As part of this commitment, Infoblox has created a cloud adapter for OpenStack.
Where does Infoblox Cloud Adapter for OpenStack Fit in?
Infoblox Cloud Adapter for OpenStack provides core network service automation to shorten the time to provision instances while maintaining consistent network policies across the enterprise. It works in conjunction with the open-source OpenStack cloud orchestration platform to automate the provisioning of DNS records and IP addresses for OpenStack environments as well as cleaning up upon decommissioning of instances.
Installing Infoblox Cloud Adapter for OpenStack from GitHub
Infoblox cloud adapter for OpenStack is super easy to install and use. It is available as a plugin and can be downloaded from the Infoblox GitHub repository using pip method. Once installed, the cloud adapter runs as a service and communicates with neutron and nova services during instance instantiation.
After installation, it syncs with the neutron DB and gives a complete view of all the tenants in the OpenStack environment. One can easily toggle between various tenants and view the subnets and instances with their IP addresses and MAC addresses. For the newly created tenants, it creates a new tenant view in the Grid which encompasses all the subnets and IP addresses in use or will be provisioned in future. This feature provides a 360-degree visibility of the OpenStack ecosystem to the user.
Infoblox cloud adapter also enables the user to use overlapping IP addresses across various tenants without making any Infrastructure changes. One might argue that Overlapping IP address functionality is natively available in OpenStack. And the answer is yes, it is available, but it comes at a cost. For overlapping IP addresses, VX-LAN/GRE/NV-GRE has to be enabled which requires changing MTU of physical switches and routers. Not many customers prefer changing settings like MTU across the physical fabric and hence this powerful feature of OpenStack gets underutilized.
The Infoblox Cloud Adapter gives a relief to the customers who would like to use overlapping IP addresses without changing the underlying physical network.
Figure 1: Available tenants in OpenStack
Figure 2: Holistic view of the same tenants in Infoblox
DNS Name creation, Security, and Reporting
The Infoblox Cloud Adapter automates the creation of DNS records (such as A, AAA, and AAAA) for the VMs/instances. Quite often, OpenStack administrators are tasked with repetitive and mundane tasks such as manually assigning DNS records or attempting to track IP addresses in spreadsheets or databases. The Infoblox Cloud Adapter eliminates manual processes through automation, which increases accuracy, leads to lower operational costs, enables rapid instance creation, and allows IT-staff to focus on business-impacting initiatives instead of laborious tasks.
Customers may also leverage Response Policy Zones(RPZ) or DNS firewall as it is commonly known, to make sure users are protected from known-malicious global identifiers such as host names, domain names, IP addresses, or nameservers. With an exponential increase in DNS-based attacks, most organizations are looking to secure their cloud-based infrastructure. RPZs are a foolproof way of securing DNS traffic.
With the use of the cloud adapter for OpenStack, customers can leverage the world-class reporting and analytics capabilities from Infoblox. Infoblox Reporting and Analytics provides Actionable Network Intelligence by combining centralized visibility with data-driven insight so one can easily analyze, control, and secure your OpenStack environment, no matter how extensive or sophisticated it becomes.
Infoblox reporting comes with built-in reports like:
- Top DNS traffic generators
- DHCP lease history
- IP address utilization
These reports put the OpenStack administrator back on the driver seat to make faster decisions. Infoblox also lets the user create their own reports based on environment specific variables and parameters.
OpenStack is being adopted by many enterprises as a standard platform for private cloud deployments. It is maturing at a very fast pace. It is foreseeable that it will soon become one of the preferred enterprise cloud options provided if it fills in management and security concerns. Infoblox is excited to support OpenStack to deliver a secure and efficient private cloud environment.
Infoblox is committed to support OpenStack and provide users the best in class experience. Infoblox works very closely with all OpenStack releases and updates the cloud adapter plugin with every OpenStack new release.