Little-known Cisco open source project among contributors to OpenStack Neutron policy blueprint

Little-known Cisco open source project among contributors to OpenStack Neutron policy blueprint

Multiple vendors, including an open source project within Cisco, have had a policy blueprint approved for the OpenStack cloud platform's Neutron networking component.

The blueprint is intended to allow for an application-centric interface to Neutron that complements its existing network-centric interface. Application awareness will take Neutron beyond basic connectivity to network service enablement, such as service chaining, QoS, access control, path properties, and others.

Vendors working on the so-called Group Based Policy blueprint over the past eight or nine months include Cisco, Juniper, Alcatel-Lucent and its Nuage Networks subsidiary, Big Switch Networks, Midokura, One Convergence, IBM, RedHat, NTT, Intel, Mirantis, Plexxi and others, including Noiro Networks, an open source activity within Cisco.

+MORE ON NETWORK WORLD:Cisco, VMware take SDN battle to policy arena+

Noiro is a project within Cisco's Insieme Business Unit (INSBU). The group reports into INSBU leadership team, according to Mike Dvorkin, Insieme's co-founder and chief scientist, who tweeted on Friday about the policy blueprint being approved. It was created with a goal of building a set of open-source technologies centered around group-based policies.

Noiro is funded within INSBU and is not a Cisco spin-in startup company like Insieme was. Currently, Noiro is focused on OpenStack Neutron, OpenDaylight and Open vSwitch, Dvorkin says.

"As many know, declarative models, abstractions and describing behaviors in terms of groups and policies that regulate how these groups interact have been my life-long obsession, and taking these concepts to open source is very exciting," Dvorkin said in an e-mail to Network World. "We have a small team of dedicated software engineers with prior open source involvement who care deeply about these concepts and related theoretical work. The group does not have a product or an end-goal in its charter. Instead, its only focus is to drive the declarative methods of control forward and apply it to variety of technologies across multiple disciplines."

Noiro, which means black zero, took on its own identity to make it visibly focused and distinct from other open-source related projects within Cisco, Dvorkin said. Black, or noir, represents abstraction as a form of obfuscation of implementation detail; zero is an ideal amount of discrepancy between desired state and the reality.

Noiro has been quietly active sponsoring SDN conferences and open source demonstrations.

According to the Group Based Policy document on the OpenStack website, the current Neutron model of networks, ports, subnets, routers, and security groups provides the necessary building blocks to create a logical network topology for connectivity, but does not provide the right level of abstraction for an application administrator. The administrator understands the application's details -- like application port numbers -- but not the infrastructure details like networks and routes.

Neutron's current connectivity abstraction puts the burden of maintaining the consistency of the network topology on the user, the document states. The lack of application developer/administrator focused abstractions supported by a declarative model like OpenStack makes it hard for those users to consume Neutron as a connectivity layer, the document states.

The Group Based Policy framework complements Neutron by defining policies that can be applied between groups of endpoints for broader, more diverse network services beyond basic connectivity. These services are expressed as     policies that allow application administrators to delegate networking requirements to groups of endpoints.

The Group Based Policy framework is not yet the default application-centric policy abstraction for Neutron though, Dvorkin notes.

"The beauty of the open source is that the best or, at least, the most adopted approach will eventually win," he says. "So, time will tell. However, we do hope that GBP will become the default application-centric policy abstraction for Neutron, and we'd be glad to evolve it in any way that would make it more useful and adoptable."

With regard to the OpenStack Congress declarative compliance and governance cloud policy framework currently under development, the Group Based Policy framework for Neutron will be utilized by Congress for application-centric network policy definition, abstraction and enforcement, developers say. It will also be utilized in the Data Services Engine (DSE) of the OpenDaylight open source SDN project, they say.

"It provides a framework by which compliance and governance systems like Congress can issue directives that can affect how policies are applied without change of intent," Dvorkin says.

OpenDaylight DSE was recently demonstrated by Plexxi as a way to refresh configuration data when changes occur.

Jim Duffy has been covering technology for over 28 years, 23 at Network World. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy.

Read more about data center in Network World's Data Center section.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Cisco open sourceConfiguration / maintenanceOpenstack neutronIBMhardware systemsData CenterintelVMwareLAN & WANalcatel-lucentCisco NoiroSDN



Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments