starlingx introduction building community momentum
TRANSCRIPT
StarlingX IntroductionBuilding community momentum
Ian Jolliffe, Product Architect, Wind River
Brent Rowsell, Principal Technologist, Wind River
1
We believe in the power of Cloud technologies to transform the safety and security of critical infrastructure
2
3
4
5
Introducing StarlingX
• StarlingX Launched in May at the Vancouver OpenStack summit
• Formed with seed code from the Wind River Titanium Cloud portfolio
• Provides an integrated platform with focus on high availability, quality of service, performance, security and low latency needed at the edge
• K8s and OpenStack are first class citizens
• Aligned with the OpenStack Foundation Edge Working Group
6
Where are we now?
• Early days - Forming and Norming
• 100 active developers
• Working build recipe
• Repos hosted by openstack foundation https://git.openstack.org/cgit/openstack/stx-xxxxx
• Starting to attract new developers
• New features being added
7
Security at the Edge
Guest
Hypervisor
Network
OS
Host
Physical
Locks,Restricted access (console)
TPM 2.0, Bios Password,
Disabled USB boot
Signed Kernel,
Kernel Modules
Disabled ports, encryption,
Firewall
vTPM
Authenticated Guest,
applications
8Propose Security Break Out at Next Summit
9
Control Plane
Storage Network
StarlingXStarlingX
StarlingX
StarlingX ServicesHA,Config,Mtce,EPA,Security,Patching
CNI / OVS
Compute
StarlingX/ Linux / Linux / Linux
/ Linux
Compute
StarlingX / Linux
10
Operating System
Infrastructure/orchestration
Pods
applications
Pods
Secure Boot TPM
VMVM
kublet
dockeretcd
kubectl
HELMdocker registry
Container Platform
kube-proxy kube-scheduler
kube-controller-manager
kube-apiserver
calico
kube-dashboard
kube-dns
tiller
System Pods
Clients
armada
fault management
service management
StarlingX Services
software management
configuration management
host management
security management
CEPH
Storage Networking
ovs-dpdk sr-iov
Accelerators
crypto gpu
openStack
Pods
VM VM
Scalable Solutions for Edge Use Cases
Flexible Deployment Models for the Edge
Whistler
Two servers
Compute
VM
Control
VM VM
Storage
1:1 protected pair
of servers
Compute
VM
Control
VM VM
Storage
Compute
VM VM VM
Compute
VM VM VM
Top of Rack
Control
Storage
Control
Storage
Robson
4 –100 servers
Compute
VM
Control
VM VM
Storage
Grouse
Single server
Storage
11
Software Stack
12
Operating System
Infrastructure/orchestration
Pods
applications
Pods
Secure Boot TPM
VMVM
kublet
dockeretcd
kubectl
HELMdocker registry
Container Platform
kube-proxy kube-scheduler
kube-controller-manager
kube-apiserver
calico
kube-dashboard
kube-dns
tiller
System Pods
Clients
armada
fault management
service management
StarlingX Services
software management
configuration management
host management
security management
CEPH
Storage Networking
ovs-dpdk sr-iov
Accelerators
crypto gpu
openStack
Pods
VM VM
OS is based on Centos with multiple kernel configurations for performance and security
Extensions/fixes to open source packages, upstream to applicable projects
CEPH as the default storage backend
OVS-DPDK and SR-IOV support for openstack networking
Support for crypto and gpu accelerators
StarlingX Services for system deployment and management
Container platform - k8s with support for HELM and armada
Containerized infrastructure orchestration
Containerized openstack based on Pike with a significant number of value added extensions for hardening, new features and performance enablement
Upstreaming in progress– building momentum
K8s cluster available for end user applications (control plane apps)
StarlingX - A kubernetes hosting environment
Project Structure
13
stx-metal
stx-config
stx-fault
stx-gui
stx-ha
stx-clients
stx-nfv
OpenStack Foundation StarlingX (The Flock)
stx-distcloud
stx-distcloud-client
StarlingX Staging Github
stx-nova
stx-neutron
stx-glance
stx-cinderstx-heat
stx-horizon
stx-keystone stx-ironic
stx-magnum
stx-muranostx-ceilometer
clients
Openstack Foundation StarlingX – “The Flock” stx-metal - Bare Metal Management stx-config - Configuration Management stx-ha - High Availability/Service Mgmt stx-nfv - NFVI Orchestration stx-fault - Fault Management stx-update - Installation/Update/Patching stx-clients - Client libraries stx-gui - Horizon plugins for StarlingX services stx-distcloud – Distributed Cloud (in progress) stx-distcloud-client – Distributed Cloud Client (in progress)
StarlingX Staging Github Holding repo for StarlingX openstack extensions being up
streamed
Integration Project Pulls in components required to build edge cloud
infrastructure distributions Build infrastructure and tooling Distro build, patches, packaging
Working to drive patches to zero over time
Upstr
ea
m to
opensta
ck p
roje
cts
stx-ceph
stx-qemu
stx-libvirtrpm mirror
stx-root
stx-tools
stx-manifest
stx-tis-repo
stx-integ
stx-upstream
Build Infrastructure
Integration Project
Upstream Projects
K8S Ceph OVS DPDK CentOS
.
Docker
Container Platform • High availability k8s
• Calico CNI plugin
• CEPH as persistent storage backend
• Authentication/authorization of Kubernetes API
• K8s master components runs on StarlingX controller nodes
• Docker runtime
• Local docker image registry
HELM as the package manager
Armada for managing multiple Helm charts (ex. openstack)
14
kublet
dockeretcd
kubectl
HELMdocker registry
Container Platform
kube-proxy kube-scheduler
kube-controller-manager
kube-apiserver
calico
kube-dashboard
kube-dns
tiller
System Pods
Clients
armada
Openstack Support
Optional set of services currently based on the Pike release
Openstack services are containerized
Deployment and life cycle managed by StarlingX leveraging k8s/helm/armada
Includes openstack dependencies (db, rabbit etc.)
Significant number of changes for hardening, new features and performance enablement
Upstreaming in progress– building momentum
15
nova neutron
cinder
heat horizon telemetrykeystone
magnum
glance
ironic muranoswift-api
OpenStack(Pike)
Working with Akraino
Far Far Edge problem
Enable 5G use cases at the Edge vRAN
Work with EdgeX and NEV SDK
Blueprint proposal ready
Looking for community feedback
16
17