Documentation

Skip to end of metadata
Go to start of metadata

Introduction to FW and LB integration

Abiquo 3.8 introduces an improved interface with logical devices to integrate the firewall and load balancer front-end for private cloud with network managers. 

Abiquo 3.8 introduces logical devices to define the endpoint and credentials of the network virtualization technology that will manage the network elements.

The platform interacts with the network virtualization technology using the Cloud Provider Proxy (CPP), so now when you create a private cloud datacenter, you must also enter this remote service. If you don't wish to use firewalls and load balancers, you can delete the URI or edit the remote service after the datacenter is created and remove it from the datacenter location. 

Devices link virtual datacenters to the network virtualization technology

Abiquo uses logical devices to define integrations with network virtualization systems. In private cloud these integrations offer features such as software defined networking (SDN), and self-service firewall and load balancer policies.

A device:

  • Registers the endpoint and credentials of the network virtualization system in a private cloud datacenter. 
  • Contains a list of the virtual datacenters that the network virtualization system is managing
    • For example, one component of a Neutron device is a list of the virtual datacenters for which Neutron will manage firewalls.

The Cloud Administrator creates a logical device for a datacenter using the UI or the API. A logical device can be optionally restricted to a single enterprise. If there is more than one device present, Abiquo will use the virtualization system defined by the device with the highest priority. A device belonging to a specific enterprise has a higher priority than a device for all enterprises.

When users create a virtual datacenter, the platform will automatically obtain the details of the network virtualization system from the device. The device functionality is transparent to the cloud user, who will automatically have self-service access to networks, and firewall and load balancer policies.

Private cloud firewall and load balancer integrations

Abiquo provides the following integrations:

  • Abiquo OpenStack Neutron integration
  • Abiquo VMware NSX integration 

 

Network virtualization integrationsOpenStack NeutronVMware NSX
Abiquo version3.8.03.8.2+
Network virtualization system version 

NSX version 6.1.x and version 6.2.x.
Advanced edition for firewall and loadbalancers

Firewall policies(tick)(tick)
Load balancers(tick)(tick)
Private networks(tick)(tick)
Static routes(tick)(tick)
Chef(tick)-
External networks-(tick) 3.8.3+
Public networks - IPs-(tick) 3.8.3+

 

Private cloud firewalls

Users with the Manage firewalls privilege can create private cloud firewalls, which are security groups.

Users with the Assign firewalls privilege can assign firewalls to virtual machines and load balancers.

  • OpenStack Neutron: In Abiquo 3.8.x, firewalls will only filter traffic between an exterior network and a load balancer.  Firewalls will not apply to a virtual machines, even though users can assign them
  • Vmware NSX: In Abiquo 3.8.2 - Abiquo 3.8.3, firewalls will only apply to virtual machines. Firewalls will not apply to load balancers

See Manage Firewalls

Private cloud load balancers

Users with the Manage load balancers privilege can create private cloud load balancers.

Users with the Assign load balancers privilege can assign them to virtual machines or other load balancers.

See Manage Load Balancers