Cisco Cisco Intelligent Automation for Cloud 4.3.1 User Guide
143
Cisco Systems, Inc.
www.cisco.com
Using OpenStack with the GBP Plug-in
What is GBP for OpenStack?
Group-Based Policy (GBP) extends OpenStack Networking with policy and connectivity abstractions to enable an
application-centric, policy-oriented interface. The GBP automatically creates the network and the subnet. The GBP API
extensions’ purpose is to become the main interface to Neutron for deploying applications that consume Neutron
resources. It is a separate layer on top of existing OpenStack services.
application-centric, policy-oriented interface. The GBP automatically creates the network and the subnet. The GBP API
extensions’ purpose is to become the main interface to Neutron for deploying applications that consume Neutron
resources. It is a separate layer on top of existing OpenStack services.
A Cloud Provider Technical Administrator (CPTA) can discover and register the following OpenStack objects for
APIC- and GBP-enabled servers:
APIC- and GBP-enabled servers:
—
policy actions,
—
policy classifiers, and
—
policy target groups.
A CPTA can create/update an OpenStack platform element and set the GBP-enabled flag.
A CPTA can Create Application Policy for a VDC that is APIC- and GBP-enabled.
Installing and Running GBP with Cisco APIC
For complete instructions on available options see the document here:
Working with Policy Rules
Important:
Before you can work with policy rules, be sure that all prerequisites are in place. See
for additional information.
To define, modify, or delete policy rules, follow the steps below.
1.
Go to My Cloud > My VDCs.
2.
Right click the gear icon
⚙
next to a APIC/GBP-enabled VDC (created previously) for which you want to create a
policy and then select one of the following buttons:
—
Create Application Policy
—
Manage Policy Target Groups
—
Delete Application Policy