openstack on fedora, fedora on openstack: an introduction to cloud iaas
TRANSCRIPT
Openstack On Fedora, Fedora On Openstack: An Introduction To Cloud IaaSSadique PuthenPrincipal Technical Support Engineer, Red Hat27 June 2015, FudCon, Pune
❏ Application and legacy infrastructure.❏ Application and infrastructure-as-a-
service.❏ Openstack: Operating system for cloud
IaaS.❏ Openstack: Components
❏ keystone, glance and nova
❏ Openstack: Storage-as-a-service❏ cinder, swift and manila
❏ Openstack: Networking-as-a-service❏ Neutron
Agenda
❏ Openstack: Orchestration, metering and dashboard❏ Heat, ceilometer and horizon.
❏ Openstack: Database-as-a-service❏ Trove
❏ Openstack: Bigdata-as-a-service❏ Sahara
❏ Openstack: Deployment❏ TripleO and Ironic
❏ Openstack: How to Contribute.
❏ Application need infrastructure mainly for:❏ Compute❏ Storage❏ Networking
❏ Traditional workloads run directly on a server using local or remote storage with physical networking equipments.
Application and Infrastructure relationship Soon to be Traditional/Current
Server
Storage
Network
❏ Challenges:❏ Scalability
❏ Scale up is limited.
❏ Time to implement.❏ Lots of approval, budget restrictions, procurement,
provisioning, etc.
❏ Cost❏ Most of the hardware remain underutilized, need to
plan and keep paying for future growth.
❏ Maintenance and management.❏ Long term management and maintenance is a pain.
❏ High Availability of the infrastructure.❏ Application expects the infrastructure is HA
Application and Infrastructure relationshipCurrent/ Soon to be Traditional
Server
Storage
Network
❏ Application is emotionally attached to the infrastructure.❏ Need to treat infrastructure like you treat a
pet.
❏ Workloads running on Virtual machines instead of physical systems has almost all the challenges explained earlier.
❏ It simply allows us to share same compute, network and storage resources among multiple applications.
❏ It can only scale up which is limited, need to make HA, no self service.
❏ Again, application is emotionally attached to the infrastructure.
Application and Infrastructure relationship:Virtualization
❏ Advantages.❏ API - Self service dashboard for
provisioning infrastructure.❏ Time to go live is minimal.
❏ Seconds to minutes.
❏ Pay as you go.❏ Save on spending.
❏ Illusion of infinite capacity.❏ No need for upfront capacity planning. Scale
on demand.
Cloud: Infrastructure-as-a-service
Traditional Workloads Cloud Workloads
❏ Stateful vms: Application defined in vms/physical systems
❏ Application SLA = SLA of VM/physical server
❏ Scale up. Add CPU, RAM❏ SLA requires enterprise features for HA❏ Lifecycle measured in years❏ Application not designed to tolerate failure
of vm/physical system.
Cloud: Infrastructure-as-a-service and workloads
❏ Stateless VMs: Application distributed❏ Application SLA not dependent on any one
vm.❏ SLA requires ability to create and remove
VMs when needed.❏ Applications scale out: add more vms❏ Lifecycle measured in hours to months.❏ Applicationn designed to tolerate failure of
vms.
Traditional Workloads - Pets vs Cloud Workloads - Cattle
❏ Pets are unique, lovingly hand raised and cared for.
❏ They are given names.❏ When they get ill, you nurse them back to
health.❏ Traditionally, servers are managed like pets.
Cloud: Infrastructure-as-a-service and workloads
❏ Cattle are almost identical to each other.❏ They are given numbers.❏ When they get ill, you replace it with
another one.❏ In Cloud, servers are managed like Cattles.
❏ Cloud-IaaS is a different way of providing compute, networking and storage required for your application as a service.
❏ Just like your server requires an operating system (Eg, Fedora, RHEL, Solaris, Windows), a cloud requires an operating system.
Cloud: Infrastructure-as-a-service
❏ Openstack is open source.❏ Supports multiple Hypervisors.
❏ KVM, Xen, Hyper-V, VMware, containers, etc
❏ It has a modular architecture.❏ Designed for scalability and Elasticity.❏ Provides
❏ Compute-as-a-service❏ Network-as-a-service❏ Storage-as-a-service.
Cloud IaaS: Openstack
❏ Keystone provides authentication, authorization, access control (roles), etc of tenants and users for openstack projects.❏ Uses tokens to authenticate and authorize.
❏ Provides global catalog of services.❏ Facilitates multi-tenancy.
❏ Helps to exist multiple projects with each projects having multiple users.
❏ Provides an API for tenants and projects to interact with it.
❏ Can be integrated with multiple identity backends.❏ Openldap, AD, IPA and etc.
Openstack: Keystone
❏ Uses token based authentication.❏ Catalogue and user roles are embedded to token
which clients use to get info about other api services and access control.
❏ Provides lifecycle management for images.❏ Images are file with a lightweight version of
operating system pre installed and used to base the instance off.
❏ life cycle management involves all operations on image from creation to deletion.
❏ Supports multiple images formats like raw, qcow2, vmdk, etc.
❏ Supports multiple storage backends like s3, swift, local, remote, ceph, etc.
❏ Involves glance-api and glance-registry.
Openstack: Glance
❏ Provides lifecycle management for instances.❏ Instances are virtual machines that runs the
application.❏ life cycle management involves all operations
on an instance from creation to deletion like,❏ migration❏ snapshots❏ volume attachment and detachment.❏ Attaching network interfaces.
Openstack: Nova-compute
❏ Supports multiple hypervisors provided a driver is available for nova to interact with them.❏ KVM❏ Hyper-V❏ VMware❏ Xen❏ lxc (Containers)❏ etc
Openstack: Nova-compute
❏ Involves multiple components❏ nova-api❏ nova-scheduler❏ nova-conductor❏ nova-novncproxy❏ nova-compute
❏ All nova components communicates with each other using a message queue. Eg, rabbitmq and qpid
❏ Interacts with neutron to configure networking and cinder to attach persistent volumes to instances.
❏ Talk on Nova at 10:50 AM today at D406
❏ Provides lifecycle management for elastic, persistent block storage.❏ synonymous to Amazon EBS❏ Facilitates volume creations, deletions,
snapshot management for volumes, migrations, etc.
❏ Have multiple components.❏ cinder-api: Provides api interface for clients
and services to interact cinder.❏ cinder-scheduler: Selects best backend
node for volume placement.❏ cinder-volume: Actual volume creation and
other tasks.❏ cinder-backup: Facilitates volume backup.
Openstack: Cinder - Block Storage
❏ Cinder volume service can be connected to multiple storage backends.❏ LVM backend works out of the box without additional drivers.❏ Can plugin vendor specific drivers to cinder volume to directly interact with vendor provided storage for
volume management tasks. Eg,❏ NetApp, EMC, HP, IBM, Ceph and etc
Openstack: Cinder Backends
Cinder-volume
LVM Ceph NetApp EMC 3Par
❏ Provides Object Storage for Openstack.❏ Highly available, distributed object/blob store.
❏ synonymous to Amazon S3❏ Enables faster upload and retrieval of objects
with simple http interface.
❏ Have multiple components.❏ swift-proxy: Proxy to interact with Swift.❏ Ring: Internal data Structure❏ Object: Your data❏ Containers: Organize your data by placing
them to containers.❏ Account
❏ Talk on Openstack Swift. 11:40 AM at D406.
Openstack: Swift - Object Storage
❏ Shared filesystem as a service.❏ Share Data across vm instances.
❏ Incubated since Openstack Juno❏ Provides an API for management of
shared filesystems with support of multiple protocols and back ends.❏ NFS and CIFS supported.
❏ Supports multi tenancy.❏ Enables public cloud use cases.
❏ Talk on Storage-as-service. Covers cinder, swift and manila in detail. 12:30 PM at D406.
Openstack: Manila
❏ Manages all networking functions with in openstack.❏ Create, manage and delete private and external
networks.❏ Manages Layer 2 packet flow for networks.❏ Manages dhcp ip addressing for networks.❏ Manages Layer 3 routing between private
networks and private network and external network.
❏ Create and manage❏ Load balancers - LBaaS
❏ Firewalls between routers - FWaaS❏ VPN - VPNaaS
❏ Provides multe-tenancy and overlapping networks.
Openstack: Neutron
❏ In a nutshell, neutron helps you to provision network resources for your multi-tier application within minutes.
Openstack: Neutron
Openstack: Neutron Components
❏ Neutron has multiple components.❏ Neutron-server: Provides an REST API for users
and services to interact with neutron.❏ Layer 2 Agent: Manages layer 2 flow of packets.
❏ Can support openvswitch, linuxbridge and other vendor plugins for layer 2 switching.
❏ dhcp-agent: Manages dhcp ip addressing for instances using dnsmasq.
❏ Layer 3 Agent: Facilitates layer-3 routing between private networks or private network and external network.
❏ LBaas Agent: Provisions load balancers.❏ FWaaS Agent: Provisions firewalls between routers.❏ VPNaaS Agent: Provisions vpn services.
Openstack: Neutron Topology
❏ Controller node:❏ Runs neutron api server.
❏ Network Node:❏ Runs all neutron agents.
❏ Compute Nodes:❏ Runs layer-2 Agent.
❏ Vxlan/GRE/VLAN is used to provide isolation between tenant private networks.
❏ Neutron can be integrated with an SDN Controller for greater flexibility.
❏ Talks.❏ “Introduction to SDN”. 2:40 PM at D406❏ “Introduction to Openvswitch”. 3:30 PM at
D406
❏ Heat provides application orchestration.❏ A heat stack is created. Describe what the
components and resources are, how they are connected and how they elastically scale.
❏ A template is used to define this.❏ Submit the template to heat-api to get the application
provisioned.
❏ Heat has multiple components connected through message queue.❏ heat-api: Provides an API to interact with heat.
❏ Supports native heat API.❏ Support CFN. AWS CloudFormation template
format via heat-api-cfn❏ heat-engine: Provides main orchestration
functionality.
Openstack Orchestration: Heat
❏ Collects measurements within openstack and provides an interface for billing softwares to read them.❏ metering and monitoring
❏ Components.❏ Compute Agent: Runs on each compute node and
pools for resource utilization.❏ Central Agent: Polls for resource utilization not tied to a
compute node.❏ Collector: Monitors for messages from message queue
from agents and collects.❏ Data Store: Stored in a database. Mongodb used by
default.❏ API Server: Provides an interface to access ceilometer
data.
Openstack Metering: Ceilometer
❏ Graphical self-service user interface for tenants to interact with all openstack services.❏ Can manage networks, volumes, instances,
swift storage, user management among other things.
❏ Extensible: Anyone can integrate a new component easily with horizon.
Openstack Dashboard: Horizon
❏ Provision relational and non-relational databases on demand for your application.❏ Involves:❏ trove-api: Provides an interface to interact
with trove.❏ trove-taskmanager: Provisions trove
instances, responsible for their lifecycle management and performing operations on the database instance.
❏ trove-guestagent: A service that runs within the instance responsible for operations on the database.
Openstack DBaaS: Trove
❏ Provisions and operate data processing clusters. Schedule and operate data processing jobs.
❏ Primarily for Hadoop. Run Hadoop workloads
in a few clicks (self service provisioning) without expertise in hadoop operations.
❏ EDP - Elastic Data Processing. API for executing MapReduce jobs on Hadoop clusters.❏ synonymous to Amazon EMR❏ Supports Swift, HDFS and Ceph as
datasource.
Openstack: Sahara
❏ Packstack is the quickest way to get openstack installed and running.
❏ Supports all-in-one deployment.❏ Use puppet manifests in the background.❏ Ideal for small deployment. eg, 1 controller
and 2 or 3 compute nodes.❏ Does not support a Highly Available
deployment.
Openstack: Packstack (Testing)
❏ For all-in-one, run:# packstack --all-in-one
❏ For other deployment:❏ Generate an answer file.# packstack --gen-answer-file=GEN_ANSWER_FILE
❏ Modify the answer file.❏ Deploy using the answer file.# packstack --answer-file=ANSWER_FILE
❏ Can also run interactively.# packstack
❏ TriplO (OoO) is Openstack-on-Openstack.
❏ You provision an Openstack deployment and use that openstack deployment to deploy another openstack deployment.
❏ Result: A deployed and Managed cloud.❏ Plan, Deploy and Manage.❏ Install, Upgrade and Operate Openstack
❏ Highly Scalable and ideal for production use case.
❏ Can Deploy Full HA environment.
Openstack: TripleO & Tuskar
❏ Tuskar provides deployment management service for TripleO and introduces the tuskar operator UI, CLI and API.
❏ Both TripleO and Tuskar works together for production grade deployment of openstack.
❏ We are going to have two clouds.❏ Undercloud❏ This is the Deployment and
Management Cloud❏ Command and Control cloud.❏ Only for cloud operator use.
❏ Overcloud❏ Production Cloud❏ Your production Openstack cloud
where your tenants will live.
Openstack: TripleO & Tuskar
❏ Ironic helps to perform bare metal provisioning of openstack hardware nodes for deployment.❏ Discovers hardware nodes.❏ Supports power managements - IPMI
❏ Turns on discovered hardware nodes using power management, pxe boots and provisions it from image.
❏ TripleO uses Ironic bare metal provisioning to discover new hardware and deploy them for overcloud.
Openstack: TripleO - Ironic for Bare metal provisioning
❏ Designate - Provides DNS-as-a-service for openstack.❏ Magnum - Container-as-a-service for openstack.
❏ Run your containerized application inside openstack instances.❏ Installs docker, kubernetes inside nova instances and to provide container services.
❏ List of complete projects is at http://governance.openstack.org/reference/projects/index.html
Openstack: Other Projects
Openstack: This is Opensource. How to Contribute? Talk at 4:30 pm in D406.
Contributing to Openstack 101