Visit the OpenStack Summit page for the latest news, registration and hotels.
Back To Schedule
Monday, November 3 • 16:20 - 17:00
Group Based Policy Extension for Networking

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The Group Based Policy (GBP) extension introduces a declarative policy driven framework for networking in OpenStack. The GBP abstractions allow application administrators to express their networking requirements using group and policy abstractions, with the specifics of policy enforcement and implementation left to the underlying policy driver. This facilitates clear separation of concerns between the application and the infrastructure administrator.

Over the past two release cycles, the GBP model has been incubated in Neutron as an extension. A new sub group has worked on defining this extension and  the proposed specification has been approved for implementation in the Juno release cycle. In this talk, we first discuss the GBP extension API and then present the reference implementation for it. In particular, we show how a new Service plugin is designed and developed in order to support this extension through a framework of configurable policy drivers similar to that used in the ML2 plugin. We will showcase the latest working version of the code, and provide an end-to-end demonstration of the features. We will also present several vendor and open source policy drivers that are being developed to support this new extension.


The work in Juno implements a subset of a more richer model that is intended for development in Kilo. We will provide a roadmap for the upcoming features including the integration with the advanced services (L4-7) framework. We will also discuss how the new extension can be utilized by other OpenStack projects.


avatar for Mohammad Banikazemi

Mohammad Banikazemi

Research Staff Member, IBM Research
Mohammad is a research staff member at the IBM T.J. Watson Research Center. His research interests include cloud computing and software-defined networking. He is a senior member of the ACM and the IEEE and an active contributior to Neutron. Mohammad lives with his family in NYC.

Sumit Naiksatam

Principal Engineer, Cisco Systems
Sumit Naiksatam is a Principal Engineer at Cisco Systems. He has been involved with Neutron as a core developer since it's inception. He is actively involved in driving and implementing the Group Policy model. He is also driving the efforts around Group-based Policy, integration of... Read More →

Hemanth Ravi

Hemanth Ravi works as CTO at One Convergence and is resonsible for the technology direction and architecture of their solution providing network virtualization and deployment of network services. His experience includes working as an architect of products in data networking such as... Read More →

Stephen Wong

Stephen Wong has nearly ten years of experiences contributing to various open source communities. He is currently the PTL (Project Team Lead) of OPNFV Clover, a project which utilizes cloud native related projects for NFV (network function virtualization) use cases. Previously he... Read More →

Monday November 3, 2014 16:20 - 17:00 CET
Amphitheatre Bleu

Attendees (0)