Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

For the per-tenant router use-case, Neutron provides an API that allows tenants to create and manage their own routers. It also provides an L3-agent that implements the API using the Linux network stack.

I believe you are looking to coerce all tenant traffic to flow through a service VM (Nova managed instance?) that runs some application layer security stuff and is possibly managed by the admin and transparent to the tenants? OpenStack and Neutron does not provide anything like this today.

For the per-tenant router use-case, Neutron provides an API that allows tenants to create and manage their own routers. It also provides an L3-agent that implements the API using the Linux network stack.

I believe you are looking to coerce all tenant traffic to flow through a service VM (Nova managed instance?) that runs some application layer security stuff and is possibly managed by the admin and transparent to the tenants? OpenStack and Neutron does not provide anything like this today.today, but there is this blueprint.

For the per-tenant router use-case, Neutron provides an API that allows tenants to create and manage their own routers. It also provides an L3-agent that implements the API using the Linux network stack.

I believe you are looking to coerce all tenant traffic to flow through a service VM (Nova managed instance?) that runs some application layer security stuff and is possibly managed by the admin and transparent to the tenants? OpenStack and Neutron does not provide anything like this today, but there is this blueprint. Also there is a tread about "Service VMs" and Neutron here.