Neutron Policy Extension
Currently there is a Group Based Policy proposal in Neutron which allows application administrators to express their networking requirements using group and policy abstractions. The policy abstraction is specified by a contract. A contract consists of Policy Rules that define the communication criteria between endpoint groups. Each rule contains a Classifier and Action.
However, GBP BP has some limitations which are addressed in this blueprint.
A more complete policy framework and APIs should include the following features:
1. Comprehensive matching criteria such as L7 fields and protocol path
2. A negation attribute to allow for the case where packets that do not match the classifier may result in an action
3. Allow multiple classifiers in a policy rule
4. Explicit specification of precedence for list of policy rules and actions
5. "AND" "OR" logical selectors of classifiers
6. Metadata insertion action in a policy rule
7. Enhance "redirect to a service chain" action to include specification of service functions associated with the chain
The BP is being proposed by Louis Fourie, Cathy Zhang, and Nicolas Bouthors
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- cathy Hong Zhang
- Direction:
- Needs approval
- Assignee:
- Louis Fourie
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Armando Migliaccio
Whiteboard
This is no longer relevant and not to be tracked as a Neutron blueprint.