OpenStack–IDentity and Networking

Keystone Identity Service in OpenStack

  • Keystone is the most important and preferred Identity Service in OpenStack and executes the complete OpenStack Identity API.
  • The Keystone Identity Service is responsible for user management and service catalog. In user management, it tracks users and their permissions while Service Catalog offers a list of services available with their API.
  • The former provides authentication credential details of users, tenants and roles.
  • Internal services like Token and Policy are also part of Keystone Identity.

Networking Managers in OpenStack

Flat Network Manager: This places all VMs on a single network utilizing the same subnet and bridge as created by the administrator. Thus, all VMs share the same network that can be interconnected and are known to have Flat Network Manager.

  • Flat DHCP Network Manager: Much similar to the above except that the IP addresses to VM are assigned via DHCP (Dynamic Host Configuration Protocol).
  • VLAN: Unlike the single network concept, VLAN facilitates more secure and separate network to VMs. It has a physical switch to offer separate virtual network and separate IP range and bridge for each tenant. This is indeed most preferable choice for multi-tenant/project environment.

Cloud Advisory Services | Security Advisory Services | Data Science Advisory and Research

Specializing in high volume web and cloud application architecture, Anuj Varma’s customer base includes Fortune 100 companies (dell.com, British Petroleum, Schlumberger).

All content on this site is original and owned by AdverSite Web Holdings, Inc. – the parent company of anujvarma.com. No part of it may be reproduced without EXPLICIT consent from the owner of the content.

Anuj Varma – who has written posts on Anuj Varma, Technology Architect.


Leave a Reply

Your email address will not be published. Required fields are marked *