cloud | meetup openstack - redhat - automatização de datacenter com red hat enterprise linux...

Automatização de DataCenter comRed Hat Enterprise Linux OpenStack Platform

[rleite@redhat ~]$ [email protected] Solution Architect

mailto:rleite@redhat

mailto:[email protected]

Totvs – Meetup – Automação de DataCenter com Red Hat Enterprise Linux OpenStack Platform / Agosto 2015


IT Operations is Being Challenged By New Demands


Application demands are becoming more complex

IMMEDIATE PERVASIVE AWARE

CLOUD MOBILE INTERNET OF THINGS

BIG DATA AUTOMATION ABSTRACTION

These New Demands Are Forcing a Shift in Application Design

Application requirements are becoming more diverse


What is OpenStack?


• Modular architecture• Designed to easily scale out• Based on (growing) set of core services

Cloud Infrastructure for Cloud Workloads


OpenStack meets the needs of new “scale-out” applications● Brings public cloud-like capabilities into your datacenter● Provides massive on-demand (scale-out) capacity

1,000's 10,000's 100k's of VMs→ →● Removes vendor lock-in

● Open source provides high-degree of flexibility to customize and interoperate

● Community development = higher “feature velocity”● Features and functions you need, faster to market over proprietary

software● Greater automation, resource provisioning, and scaling

Why OpenStack?


Am I Ready for OpenStack?TRADITIONAL: SCALE UP

(RHEV)CLOUD: SCALE OUT

(OpenStack)MIXED/HYBRID

Big stateful VM Small stateless VMs Combination of traditional scale-up and cloud scale-out

workloads.

For example: Database may be hosted on traditional

workloads, web front-end and logic layers on cloud

workloads.

1 Application 1 VM→ 1 Application Many VMs→

Lifecycle in years Lifecycle hours to months

Scale up (VM gets bigger) Scale out (add VMs)

Not designed to tolerate failure of VM, so you need features

that keep VMs up

If a VM dies, application kills it and creates a new one, app

stays up

Application SLA requires enterprise virtualization

features (migration, HA, etc.) to keep applications available

Application SLA requires adding/removing VM instances to application cloud to maintain

application availability

Red Hat Enterprise LinuxOpenStack Platform


OpenStack: Framework for the Cloud

• Needs to access x86 hardware resources

• Needs an operating environment, hypervisor, services

• Leverages existing code libraries for functionality


Red Hat Enterprise Linux OpenStack Platform

• It is dependent on the underlying Linux

• Optimized and co-engineered with Red Hat Enterprise Linux


A typical OpenStack cloud is made up of at least 9 core services + plugins to interact with 3rd party systems

● These services run on top of a Linux distribution with a complex set of user space integration dependencies

● OpenStack cannot be productized as a stand alone layer

● A supported, stable platform requires integration and testing of each of the components

“If your Windows virtual machine hosted by a KVM hypervisor running on an IBM blade, connecting to an EMC storage array through an Emulex HBA has issues with storage corruption, who do you call?”

Red Hat

Supported Guests

OpenStack

KVM

RHEL

Hardware

The Importance of Integration with Linux


• Virtualization – guest performance, reliability and Windows

• Security - SELinux enforcing guest isolation

• Network – SDN/OVS performance optimized

• Storage – vendor plugins, performance, thin provisioning

• Ecosystem – certification of hardware, storage and networks

LinuxKernel

Security Enhanced Linux (SELinux)

KVM Network Stack

Device Drivers

Red Hat

Supported Guests

OpenStack

KVM

RHEL

Hardware

Red Hat Enterprise LinuxOptimized Enablers for OpenStack


I want a VM!

Please authenticate

with your credentials!!

Keystone

Ok, we need to find a

place to build this

VM.

NovaTag -

you’re it!

Nova

Neutron, please set up

the network for a new VM

Neutron

I've enabled Network policy for your VM,

Here’s your interface

Cinder, please create a block device for the

VM

Nova

Created! Don’t forget to mount it!

Swift Glance

Hey Glance, can I get the

RHEL 6.5 image?

Nova

Thank you

OpenStack!!

It’s ALIVE!

Credentials verified. Here's a

token to talk to other

OpenStack services

Keystone

Cinder

Horizon

● Core compute service comprised of compute node and distributed controllers to manage scheduling

● Native OpenStack API and Amazon EC2 compatible API

● Manages server resources, including CPU, memory, disk, and network

● Provides role based access control (RBAC) and security grouping to restrict access to resources

● Integrated with dashboard and RHEL OpenStack Platform director

● Bare-metal provisioning provides a solution for the “bare metal to tenant”● Hadoop on bare metal within

OpenStack● Hyperscale and High performance

computing (HPC) clusters● Database hosting for virtual machine

sensitive applications● Used by the director for re-provisioning

of system resources● NFV specific functionality

● vCPU pinning● Large pages● vCPU, RAM, and I/O device NUMA

awareness

RHEL OpenStack Platform 7Compute

● Core OpenStack networking service provides flexible architecture to meet application needs

● manages IP addresses, allowing for dedicated static, DHCP, or floating IPs

● Pluggable architecture provides network flexibility

● Deploy a software-defined networking (SDN) datacenter allowing massive multi-tenancy

● Support for port-security with ML2/OVS● Allow to disable/enable security-

groups (and default anti-spoofing rules) per Neutron port

● Required by network functions implemented in a VM

● Full IPv6 support● Support for multiple IPv6 prefixes on a

network● IPv6 external router connectivity

● Load Balancing as a Service ● Including support for SSL/TLS

termination

RHEL OpenStack Platform 7Networking

● NFS & POSIX Backup– Cinder backup supports NFS/POSIX

supplied data repositories as backup target

● Enhanced iSCSI multipath support– Cinder can return multiple iSCSI paths

information so that the connector can attach volumes even when the primary path is down

● Private Volume Types – Allows to restrict Cinder volume types

to selected users

RHEL OpenStack Platform 7 Block Storage

● Provides persistent block (volume) level storage device

● Manages the creation, attaching, and detaching of block devices to servers

● Full integration with compute nodes and the dashboard for easy management

● Offers flexible support for external storage solutions

● Uses Red Hat Ceph Storage as default block storage solution

● Incremental snapshot and management capabilities help simplify backup and restore process

● Supports composite tokens & service accounts for two levels of permission

● Replication for global distributed cluster

● By reducing the amount of data transfer between regions

● Fully integrated into RHEL OpenStack Platform director for configuration and management purposes

RHEL OpenStack Platform 7Object Storage

● Provides massively scalable and distributed object storage system, capable of storing petabytes of data● Distributed system provides greater

scalability, redundancy, and long-term availability

● Ideal for static data, such as VM images, photo's, email, etc

● Designed to scale in clusters horizontally● Native API and Amazon S3 compatible

● Convert imported images on-the-fly while importing an image ● Supports qcow2/raw formats

● Add software metadata definitions and specify information about images● Integrated with dashboard

● Metadata extraction allows introspection of images for more granular control and monitoring

● Disable images after import to check for contaminations/viruses

RHEL OpenStack Platform 7Image Storage

● Core OpenStack image storage service for disk and server images, snapshots, and backups

● Store and catalog an unlimited number of backups

● Built on a flexible REST API backend● Supports base templates from which

users can launch new instances● Users can choose from available images,

or create their own from existing servers

● Supports identity federation for authentication against external identity providers● Supports SAML

● Supports web single sign on authentication via a web browser with an existing IdP, through a Single Sign-On page

● Cloud Auditing Data Federation (CADF)● Adds ability to audit Keystone

create, update,delete operations in CADF standard

RHEL OpenStack Platform 7Identity

● Provides common identity and authorization framework across the stack

● Manages all users, tenants, and roles● Maintains a pluggable backend for

integration with common backend directory services, like LDAP, SQL, PAM, etc.

● Supports username, password, and tokens

● Support for hierarchical multi-tenancy ownership and management of projects and quotas

RHEL OpenStack Platform 7IaaS+ Shared Services

● Monitoring (Ceilometer)● Aggregates usage and performance data across all services● Provides visibility and metrics of resource usage and availability

● Data Processing (Sahara)● Provisioning and management of Hadoop clusters and elastic data processing on

bare metal OpenStack● Certified for Hortonworks, with Cloudera certification in progress

● Orchestration (Heat)● A template-driven service built on API backend to describe and automate the

deployment of infrastructure● Supports compute, storage, and networking configurations, as well as automation

of post-deployment provisioning


RHEL OpenStack Platform Director● Intuitive graphical installer, driven by an API backend● Ensures a production-ready environment with Automated Health Checks (AHC)

during and after installation● Enables high availability (HA) across controller and compute nodes (including

networking in “active-active”)● Automatically Utilizes Fencing as containment mechanism

● Includes Red Hat Ceph Storage client and server deployment1 with integrated director configuration support for storage backends

● Optional partner integration/configuration support● NetApp Data ONTAP (incl. 7-mode)● Cisco Nexus 1000v

1Red Hat Ceph Storage entitlement and subscription sold separately

● Best practices & reference architectures● Automation and repeatability● RHEL OpenStack platform director was created based on expertise from the

field● Lessons learned from previous deployment tools ● Reference architectures with certified hardware make deployment easier

● Hardware performance and validation testing● AHC (Automated Health Checks)● Hardware detection● Performance information● Black sheep detection

● Automated tests during and after deployment● Find and troubleshoot problems faster

Director: Deployment Consistency

● Deployment is just the first step, most of the action happens afterwards● Add and remove capacity● Deploy critical updates● Upgrade to new OpenStack versions

● Automation is a must● API first, used by both the CLI and GUI and allow for better integration with

external tools ● Automated hardware detection and performance tests● Automated functional tests to validate the deployment as early as possible● Orchestrated upgrades, easier to keep closer to the newest features

Director: Lifecycle Management

● Important for troubleshooting and system status● Ensure correct node behavior● Tracking resource capacity● Monitoring and alerts for operational failures

● Operational tools● Log aggregation and search● Core service and infrastructure availability monitoring● Performance monitoring

Director: Operational Visibility

● Cinder HA via Ceph● Ensure Cinder volumes remain

available if one or multiple nodes, hosting the Cinder services or volumes

● Support over subscription in thin provisioning ● The Cinder scheduler is aware of

thin provisioning/data reduction provided by the Ceph backend

● Offload RBD copy_volume_to_image function ● Expedites the volume data copy

speed

RHEL OpenStack Platform 7Ceph Integration

● RHEL OpenStack Platform director now sets Red Hat Ceph Storage as the default block storage solution

• Monitor nodes are collocated with controllers nodes

● Red Hat Ceph Storage 1.3 integration during installation

• Red Hat Ceph Storage clients• Red Hat Ceph Storage Server1 (new)

1Red Hat Ceph Storage entitlement and subscription sold separately

RHEL OpenStack Platform 7Hypervisor Support

Red Hat Enterprise Virtualization Hypervisor*Red Hat Enterprise Linux KVM

● Lightweight / small footprint● Less overhead● Smaller attack surface

● Cost effective● Closer to operating system DNA● Provides massive scale-out capabilities● Maximum benefit with virtualized Linux

VMware vSphere*vCenter Driver

● Co-exist with existing infrastructure assets

● Provides a seamless path to future migration to OpenStack

● Uses NSX1 plugin for Neutron

1NSX is only supported in production environments, per VMware's support requirements

*ESXi driver not supported

RHEL OpenStack Platform 7


● Red Hat Enterprise Linux 3





● Red Hat Enterprise Linux Atomic Host

*32 and 64 bit for all versions of RHEL

● Windows XP SP3+1

● Windows 73

● Windows 83

Microsoft SVVP Certified● Windows Server 2003 SP2+3

● Windows Server 20083

● Windows Server 2008 R22

● Windows Server 20122

1 32 bit only2 64 bit only3 32 and 64 bit

● SUSE Linux Enterprise Server 10

● SUSE Linux Enterprise Server 11

*32 and 64 bit for all versions

RHEL OpenStack Platform 7 Virtual Guest Support


Largest OpenStack Partner Ecosystem

OEMs, IHVs, and ISVs

System Integrators

Channel Partners

Cloud Service ProvidersManaged Service Providers

• Over 350+ members since launch in April 2013• Over 900 certified solutions in partner Marketplace• Over 4,000 RHEL certified compute servers• Over 13,000 applications available on RHEL

What's Coming?


RHEL OpenStack Platform 7 Tech Preview

*Tech Preview features are subject to change in GA release


Tech PreviewTroveOpenStack Database-as-a-Service

• Provides scalable and reliable Cloud Database as a Service provisioning functionality

• Supports relational and non-relational database engines

• Native OpenStack Heat templates (incl. “hot” template)

• Provision and manage multiple database instances as needed

• API supports JSON and XML to provision and manage instances



OpenStack DNS as a Service● Provide massively scalable domain name system services● Built on REST API for domain/record management● Supports multi-tenancy● Integrated with Keystone for authentication● Framework in place for future integration with Nova and Neutron

notifications (for auto-generated records)

Tech PreviewDesignate




File share service● An open, standard API for file system provisioning and management● Designed to provide a multi-tenant, secure file share as a service

across OpenStack compute instances● Vendor neutral API for provisioning and attaching filesystem-based

storage such as NFS, CIFS, GlusterFS and other network filesystems

Example use cases● Run legacy enterprise

applications on OpenStack● Improve IT responsiveness by

providing self-service share management

● Cross-tenant sharing of data

Tech PreviewManila


Focused on supporting two use cases● Deploying OpenStack itself● Deploying container workloads on top of OpenStack

● Primary project focus and involvement● Project “Kolla” for OpenStack deployment● Heat-kubernetes for deploying RHEL Atomic on OpenStack and configuring

a Kubernetes cluster for user workloads● Kubernetes integration with OpenStack infrastructure services

● e.g. Networking and Storage● Kubernetes cloud provider plug-in for OpenStack

*Future release features are subject to change and are not committed to any specific release or date

Future TechnologiesContainers

Community Contributions...


20.09%10.37%

18.78%

11.31%

22.46%

29.99%

4.36% 25.62%8.82%

24.23%

82.91%

Nova Horizon Heat Neutron CeilometerSahara Cinder Swift Glance IronicTripleO-heat-temps

Source:http://activity.openstack.org/dash/browser/scm-companies.html?release=kilo http://stackalytics.com/?release=kilo&company=red%20hat

Overall commits per company (aggregated)

Red Hat total community contributions (projects)

0

500

1000

1500

2000

2500

3000

3500

4000Red Hat

HP

IBM

Mirantis

Rackspace

Yahoo!

OpenStack Foundation

NEC

Cisco

Red Hat Community ContributionsTop Contributor to Kilo Release

Integrated Cloud Solutions...


Red Hat Cloud InfrastructureDelivering an open private cloud


Open Hybrid CloudCloudForms adds heterogeneous capacity


Red Hat Cloud Suite for ApplicationsIntegrated DevOps Platform for the enterprise

IaaS PaaS Management

OBRIGADO

plus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHatNews

cloud | meetup openstack - redhat - automatização de datacenter com red hat enterprise linux...

Software