ironic - vietnam openstack technical meetup #12
TRANSCRIPT
OpenStackBaremetal provisioning with
Ironic
12 Nov 2016Dao Cong Tien (irc: tiendc, email: [email protected])Fujitsu Vietnam Limited Copyright 2016 Fujitsu Vietnam Limited
Agenda
2
• Ironic introduction• Ironic overview• Ironic works by community• Ironic works by Fujitsu• Q&A
Copyright 2016 Fujitsu Vietnam Limited
Agenda
3
• Ironic introduction• What is Ironic?• Why need Ironic?
• Ironic overview• Ironic works by community• Ironic works by Fujitsu• Q&A
Copyright 2016 Fujitsu Vietnam Limited
Ironic introduction
4
OpenStack Ironic is a set of projects that perform bare metal provisioning and related activities. Ironic is a virt driver for Nova like libvirt, xen, hyperv, … Ironic virt dirver starts a Nova instance in a real machine instead of virtual ones.
Copyright 2016 Fujitsu Vietnam LimitedCopyright 2016 Fujitsu Vietnam Limited
Ironic introduction
5
Why do we need Ironic? In some cases, user has some requirements:
• User prefers to have an actual, physical server• User wants to use hardware directly• User wants to deploy the workloads with higher performance
Why do user need bare metal service?• Mission-critical legacy applications that aren’t designed for cloud architectures• Real-time and “near real-time” systems• HPC (High-Performance computing)• BigData and related Data Science and Machine Learning projects• Tasks accessing devices and resources that cannot be virtualized
What do Ironic provide? Ironic brings the advantages of both bare metal and virtualization: performance and manageability.
Copyright 2016 Fujitsu Vietnam Limited
Agenda
6
• Ironic introduction• Ironic overview
• Architecture• Ironic components• Key technologies• BM provisioning workflow• Vendor drivers
• Ironic works by community• Ironic works by Fujitsu• Q&A
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview
7
Ironic provides baremetal service in a very similar fashion in comparison to other Nova hypervisors.
Horizon
Nova
Hypervisor
VM VM VM
Horizon
Nova
Ironic
BM BM BM
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview – Logical architecture
8
VM provisioning BM provisioning
baremetal
Nova-API
Nova-Scheduler
Nova-Compute Hypervisors
Neutron Glance Cinder, Swift…
Nova-API
Nova-Scheduler
Nova-Compute Ironic-API
Neutron
Glance
Ironic-Conductor
DriversCinder, Swift…
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview – Components
9
Ironic main components: ironic-api and ironic-conductor python-ironicclient is a Python client program ironic-python-agent is an agent (small program) that is launched inside the Bootstrap
image. It prepares a node for deployment and downloads the target system image. ironic-inspector helps with hardware introspection. bifrost, ironic-webclient, ironic-ui, ironic-lib, pyghmi…
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview – Key technologies
10
PXE – Preboot Execution Environment. Booting computers via a network. NBP – Network Bootstrap Program is responsible for loading the OS kernel into memory so
that the OS can be bootstrapped over a network. IPMI – Intelligent Platform Management Interface is a standardized computer system
interface used by system administrators for out-of-band management of computer systems and monitoring.
DHCP – Using PXE, the BIOS uses DHCP to obtain an IP address for the network interface and to locate the server that stores the network bootstrap program (NBP).
TFTP – Trivial File Transfer Protocol. TFTP is used to download NBP over the network using information from the DHCP server.
iSCSI – Internet Small Computer Systems Interface is used to copy an image to the target machine local disk.
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview – BM provisioning workflow
11
Ironic-API
Ironic-Conductor
PXE driver
IPMI driver
Glance
TFTP server
DHCP server
Request
(1)
(2)
Neutron
(3)
(4)(5)
(6)(7)
(8)
(9)
(10)
(11)
(13)
(14)
Using PXE
(12)
Copyright 2016 Fujitsu Vietnam Limited
Ironic overview – Vendor Drivers
12
Many vendors have contribution to Ironic to make Ironic support their hardware. Cisco (UCS drivers) Cray (pxe_snmp driver) Dell (DRAC drivers) Fujitsu (iRMC drivers) HP, HPE (iLO, OneView drivers) IBM (pxe_ipminative driver) SeaMicro (SeaMicro drivers)
NOTE: Ironic provides some generic drivers that can support provisioning a wide range of hardware from multiple vendors even there is no equivalent vendor driver. Eg. Using driver pxe_ipmitool may provision hardware that supports PXE and IPMI.
Copyright 2016 Fujitsu Vietnam Limited
Agenda
13
• Ironic introduction• Ironic overview• Ironic works by community
• New features• Under development and future plans
• Ironic works by Fujitsu• Q&A
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by community – New features
14
New features land on Ironic recently: Multi-tenant network / Tenant network isolation (from Newton) Serial console compatible with Nova (from Ocata)
New serial console: SOCAT console(supports Nova-serialproxy)
Tenant network isolation
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by community – Under development
15
Must Do priorities Network redundancy (portgroups) Sec groups Rolling upgrades
Top priorities Tenant networking Boot from Cinder volume
Others Rescue mode Graphical console (vnc) Soft power off / Inject NMI (graceful shutdown)
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by community – Under development
16
Network redundancy Configure LAG on physical network switch NIC bonding on OS of bare metal
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by community – Under development
17
Sec groups Control ACL on physical network switch by Neutron ML2 vendor plugin
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by community – Under development
18
Boot from Cinder volume Connect directly bare metal to a volume
Copyright 2016 Fujitsu Vietnam Limited
Agenda
19
• Ironic introduction• Ironic overview• Ironic works by community• Ironic works by Fujitsu
• New features• Under development and future plans
• Q&A
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by Fujitsu
20
Fujitsu is contributing much effort to Openstack community, including Ironic. Fujitsu is a hardware manufacturer, provides hardware servers for cloud. Fujitsu is a cloud provider with infrastructure built with Fujitsu hardware.
Who at Fujitsu are contributing to Ironic? Naohiro Tamura (maintainer of Ironic iRMC drivers) Hironori Shiina (Ironic contributor) Dao Cong Tien (this is me, Ironic contributor) Nguyen Hung Phuong (Ironic contributor) Luong Anh Tuan (Ironic contributor)
What are Ironic works at Fujitsu? Multi-tenant network / Tenant network isolation (have contribution) Soft power off / Inject NMI (in progress) Serial console (co-operated with NEC, done) SAN boot for bare metal (have plan) Rolling upgrades (have plan)
Copyright 2016 Fujitsu Vietnam Limited
Ironic works by Fujitsu
21
Serial console compatible with Nova This is the result of a co-operation between NEC’s Ironic team and Fujitsu’s Ironic team. Brings Nova compatible serial console to end-users to provide an unified method to access to
instance console.
Before the feature When available
Copyright 2016 Fujitsu Vietnam Limited
Thank you
22
• Q&A
Copyright 2016 Fujitsu Vietnam Limited
References
23
https://wiki.openstack.org/wiki/Ironic http://docs.openstack.org/developer/ironic/ https://www.mirantis.com/blog/openstack-ironic-bare-metal-matter/ Fujitsu – Filling the gap between bare metal and VM (summit session)
https://www.youtube.com/watch?v=AAqzTlEZ2do
Copyright 2016 Fujitsu Vietnam Limited
Copyright 2014 Fujitsu Vietnam LimitedCopyright 2016 Fujitsu Vietnam Limited