Network service¶
Service description¶
The Network service is responsible for providing networking as a service (NaaS). It allows you to create, configure, and manage network resources such as networks, subnets, routers, and floating IPs, enabling connectivity and communication between virtual machines (VMs), other cloud resources, and external networks.
The Network service uses OpenStack Neutron in conjunction with other OpenStack services.
- Networks provide logical separation between different groups of resources, ensuring that traffic is isolated within each network. This is required for multi-tenant environments where different projects or users need to maintain private communication spaces.
- Networks enable communication between instances and other resources connected to the same network. They can also be connected to external networks, such as the internet, through routers and floating IPs.
- Each network can have one or more subnets associated with it. A subnet defines an IP address range, gateway, and other IP-related settings for the network, enabling IP addressing and routing within the network.
- Networks are created as project networks, meaning they are owned and managed by individual projects or tenants. This allows each project to have its own private networks.
- Networks can also be created as external networks, which are used to provide connectivity to external resources like the internet.
- Router integration which provide routing between different networks and subnets. Routers can also connect internal networks to external networks, enabling instances to access external resources.
- While not specific to networks, security groups are often used in conjunction with networks to define firewall rules that control traffic to and from instances connected to a network.
Features¶
- Networks, to allow you to create isolated virtual networks within the cloud, providing a private networking space for VMs and other resources.
- Subnets, so that within each network, you can define IP address ranges, gateways, and other network settings (subnets enable IP addressing and routing within the network)
- Virtual routers, to connect different networks and subnets, enabling communication between them (routers can also provide external connectivity for VMs by connecting internal networks to external networks)
- Floating IPs, that can be associated with virtual machines, allowing them to be accessible from external networks (floating IPs are typically used for providing public access to services hosted on VMs)
- Security groups, to define firewall rules that control inbound and outbound traffic to virtual machines (security groups provide a way to enforce network security policies at the VM level)
- Load balancers, to distribute incoming traffic across multiple virtual machines, improving the availability and scalability of applications.
- VPN as a Service (VPNaaS), to allow you to create secure VPN connections between your cloud environment and external networks or between different parts of your cloud environment
Default networks¶
Rumble Cloud projects come with two kinds of pre-built networks in every project.
PublicEphemeral
enables you to directly attach a virtual machine to the network, and is best used for testing or demostration purposes as this method of access leaves the virtual machine with exposure to the internet.
PublicStatic
enables you to access the internet through a private network or networks that host your VMs and cloud resources. You can never directly attach a virtual machine to the PublicStatic
network. PublicStatic
is a good choice for the controlled routing of external traffic to and from your cloud project.
Key concepts¶
- Networks
- Shared networks
- External networks
- Ports
- Virtual adaptors
- Local area networks (LANs)
- Routers
- Floating IP addresses
- Network topology
- Certificates
- Security groups
- Quality of service (QoS)
How it works¶
- Create isolated virtual networks within the cloud. These networks provide a private networking space for virtual machines s and other resources.
- Within each network, you can create subnets that define IP address ranges, gateways, and other network settings. Subnets enable IP addressing and routing within the network.
- Use virtual routers to connect different networks and subnets, enabling communication between them. Routers can also provide external connectivity for VMs by connecting internal networks to external networks.
- Use floating IP addresses that can be associated with virtual machines, allowing them to be accessible from external networks. Floating IPs are typically used for providing public access to services hosted on VMs.
- Use security groups to define firewall rules that control inbound and outbound traffic to virtual machines. Security groups provide a way to enforce network security policies at the VM level.
- Integrate with load balancers to distribute incoming traffic across multiple virtual machines, improving the availability and scalability of applications.
- Use the RESTful API or CLI tools for managing network resources, enabling automation and integration with other tools and systems.