If OpenStack is something you have heard of, but aren’t too familiar with, you probably think “virtual servers” - or maybe “automatic server provisioning”. That is in my opinion not what OpenStack is about. It is about being able to integrate with “everything infrastructure-related”, and enforcing access in a secure manner. OpenStack is a very good starting point for achieving that, giving you virtual servers, networking, storage management, and at it’s core: identity management. Installing virtual servers and provisioning resources for them are well and good, but that’s just an appliance. The fun part comes when we can Build Things.
OpenStack Neutron has since Mitaka had extensions available for availability zone based scheduling of routers and DHCP-agents. This is really useful if you have a cluster that is otherwise partitioned into availability zones (on the Cinder and Nova-levels.).
I’ve been playing with AWS for a few years, on and off. I’ve used many individual pieces of what’s available - but I haven’t yet tried to combine a larger set of feature into a thing. Until now. This blog.
A feature of Neutron that is probably less known, is that most network resources have a description field available in their APIs. This is pretty useful to pass some readable information about what a resource is for. This exists for everything from routers and networks to security group rules.