Software-Defined Networking in Platform9 Private Cloud Director

Platform9’s presentation at Cloud Field Day 21 focused on their implementation of software-defined networking (SDN) within their Private Cloud Director, which is built on open-source technologies like Open Virtual Network (OVN) and Open Virtual Switch (OVS). This SDN solution is comparable to VMware’s distributed virtual switch, providing packet forwarding and enabling the creation of self-service virtual networks and routers. The platform supports advanced enterprise features such as SRIOV for low-latency applications, IPv6, and dual-stack networking. Security is a key focus, with support for security groups that filter traffic based on IP addresses, ports, and protocols at the L3 and L4 levels. For more advanced use cases, Platform9 offers extensions like DNS, firewall, and load balancer services, with the option to integrate third-party solutions such as InfoBlox, Fortigate, and F5.

The demo portion of the presentation showcased how users can create and manage virtual networks within different tenants, such as QA and Dev environments. The demo illustrated the creation of subnets, virtual routers, and the configuration of external networks for north-south traffic. The platform allows for inter-tenant communication through virtual routers, and public IPs can be associated with virtual machines for external access. Platform9 supports multiple underlay network types, including VLAN, VXLAN, and Geneva, with the flexibility to scale beyond the limitations of VLANs. The platform also allows for self-service users to create virtual networks once the blueprint is set up by the administrator.

In terms of routing and traffic management, Platform9 offers both distributed and centralized routing options. Users can configure routers to handle north-south traffic through specific nodes or distribute routing across multiple servers. Security groups can be customized with inbound and outbound rules based on protocols like TCP, UDP, and ICMP, and more advanced firewall capabilities are in development. The platform also supports policies for east-west traffic isolation within tenant networks, with the option to configure external interfaces for north-south traffic. Overall, Platform9’s SDN solution provides a flexible and scalable networking environment with robust security and integration options for enterprise and multi-tenant use cases.