what's new in open stack juno (pnw os meetup)

Copyright © 2014 Mirantis, Inc. All rights reserved

www.mirantis.com

A Technical Overview

What's New in OpenStack Juno

November 19, 2014


Introductions

Christopher Aedo (here in person) — Product Architect at Mirantis

Christopher is an IT veteran for consulting, design and technology companies. He is also an outspoken public advocate for OpenStack, cloud computing, software defined networking and software defined storage. He often speaks at OpenStack and Open Source related conferences around the world.

Nick Chase (here in spirit) — Technical Product Marketing at Mirantis

Nick has 20+ years' experience as a developer and author and is an IBM developerWorks Certified Master Author. He also founded NoTooMi.com and has done Web application development for companies such as Alcatel-Lucent, Sun Microsystems, Oracle, and the Tampa Bay Buccaneers. He's also the editor of OpenStack:Now.


Agenda

● OpenStack Juno Overview● Project Additions● Incubated Projects● Community Changes● Coming in Kilo● Kilo Design Summit in Paris● Q&A


Fixes over features

OpenStack Juno Overview


Direction

● Enterprise adoption on the rise● Best Buy● Bloomberg● eBay● Comcast

● Conscious attempt to provide a better experience for operators

● End-user working group● Stability over new features


Deployment improvements

● One size does not fit all


The statistics


To implement services and associated libraries to provide massively scalable, on demand, self service access to compute

resources, including bare metal, virtual machines, and containers.

OpenStack Compute (Nova)


NFV

● New working group● Multiple interfaces per network● Improved performance

● PCI-SR-IOV● Large page allocation● Peg vCPUs to pCPUs● Control vCPU configurations


Rescue Mode

● Ability to specify a rescue image on launch POST: /v2/d1b123/servers/7d14f8123/action \

-d '{"rescue": {"rescue_image_ref": "a88ddc123"}}'

● Local disks re-attached during rescue


Docker

● Driver in stackforge● Pause/Unpause


Networking

● Unfrozen in Juno to align with Neutron● Ability to set "hooks" to be executed for specific

networking events● Per-network settings● SR-IOV neutron ports


Upgrades

● Rolling upgrades of Nova possible from Havana to Icehouse

● Ongoing process● Continuing to move to Objects● Version everything


Scheduler

● Being broken out into the Gantt project so it can be used by other projects

● Resource tracking, so when an instance is rescued the scheduler knows what needs to go where

● Host aggregates


Hypervisor improvements

● libvirt● Performance, logging improvements● Snapshots of network backed disks● Enable qemu memory balloon statistics for ceilometer reporting● Unused disk blocks given back to the underlying storage system● Records meta-data in libvirt domain XML● Namespaces for LXC containers● Copy-on-write cloning for RBD-backed disks● Controlled shutdown of guest OS during VM power off● Intelligent NUMA node placement for guests


Hypervisor improvements

● Hyper-V● Soft reboot, better logging, differencing vhdx images

● Ironic● Add a virt driver for Ironic

● VMware● Changed to use the Oslo vmware helper library


To implement services and associated libraries to provide on-demand, scalable, and technology-agnostic network abstraction.

OpenStack Network Service (Neutron)


Feature parity

● Feature parity with nova-network in progress● Initial migration path (prerequisite for nova-network

deprecation)


L3 Enhancements

● Multiple L3 agents● HA through plugins

● In Juno, through keepalived

● Each router created is assigned to 2 or more agents


Distributed Virtual Router (DVR)

● Uses L3 HA● Removes bottleneck in east-

west traffic● shares OVS route information

across virtual routers

● one-hop traffic for VMs on different hypervisors

● Requires OVS on ML2


IPv6

● Next generation of IP routing● 2001:0db8:85a3:0042:1000:8a2e:0370:7334

rather than 10.28.255.168● 3.4×1038 addresses rather than 4.3 billion● Address assignment

● SLAAC● Stateful DHCP● Stateless DHCP

● Router advertisement through RADVD


New Plugins

● A10 Networks LBaaS driver for the LBaaS V1 API● Arista L3 routing plugin● Big Switch L3 routing plugin● Brocade L3 routing plugin● Cisco APIC ML2 Driver (including a L3 routing plugin).● Cisco CSR L3 routing plugin● Freescale SDN ML2 Mechanism Driver● Nuage Networks ML2 Mechanism Driver● SR-IOV capable NIC ML2 Mechanism Driver


Deprecated Plugins

● Cisco Nexus Sub-Plugin (The Nexus 1000V Sub-Plugin is still retained and supported in Juno)

● Mellanox Plugin● Ryu Plugin● (Should still work as ML2 plugins though!)


Goodbye native OVS, LinuxBridge

● Deprecated in Icehouse● Removed in Juno● Replaced by ML2 MechanismDrivers


To implement services and libraries to provide on-demand, self-service access to Block Storage resources via abstraction and

automation on top of other block storage devices.

OpenStack Block Storage (Cinder)


Continuing development

● Nova is now using v2 API; v1 API deprecated● Third party CI● Contributor base is moving towards feature development

rather than just driver development


New Drivers

● EMC VNX FC direct driver● EMC XtremIO iSCSI driver● EMC XtremIO FC driver● Fusion-io Control Volume driver● ZFS Storage Appliance driver● ProphetStor driver● Volume driver for Pure Storage FlashArray storage system● XenAPI Storage Manager volume driver


OpenStack Object Storage (Swift)


Storage policies

● Allows different storage types per object● Replication settings per object● Available through the API


Other additions

● Project-to-project copy● Keystone v3 support


To provide a service where users can upload and discover data assets that are meant to be used with other services, like images

for Nova and templates for Heat.

OpenStack Image Service (Glance)


Beyond images

● Moving to artifact storage model● Addition of metadata


Usability

● Restrict downloads based on policy● Asynchronous processing to improve performance


To facilitate API client authentication, service discovery, distributed multi-tenant authorization, and auditing.

OpenStack Identity (Keystone)


Backend improvements

● Multiple Identity backends● For example, LDAP for existing users, Keystone's SQL back end

for OpenStack users● Set per resource ID● Map Keystone's "enabled" property to LDAP's "lock" property

● LDAPs now available


Keystone-to-Keystone Federation

● Two Keystone services in tandem● Identity Provider● Service Provider

● Can be used for bursting between clouds

● Single-sign on● Older federation endpoints to be

deprecated● This feature is experimental


Token changes

● UUID now the default for simplicity● PKIZ rather than PKI

● Smaller keys mean it's easier to use external data store through Apache httpd -- and generalize federation (not just SAML)

● Also possible for Kerberos and X.509


Behind the Scenes

● Service catalogs available via the v3 API● Addition of service names to the catalog

● Filter by service name

● Enable to user to retrieve only their credentials


To provide an extensible unified web based user interface for all integrated OpenStack services.

OpenStack Dashboard (Horizon)


General Improvements

● Many project-related additions● Look and feel, move to Bootstrap 3● Centralized color pallette● Tablesorter


JavaScript Library Unbundling

● Security issues● Maintenance issues


Added Sahara


Role Based Access Control

● Fine-grained control for access● Compute● Networking● Orchestration● Glance and Swift were added in Icehouse


Create a human and machine accessible service for managing

the entire lifecycle of infrastructure and applications within

OpenStack clouds.

OpenStack Orchestration (Heat)


Better scaling

● Multiple Heat servers● Multiple users can run stacks concurrently


Better failure handling

● Cancel update● Update failure recovery


Delegation

● Better delegation for non-admin users● Heat users created in separate project/namespace


New Resources

● Sahara● Glance Image


To reliably collect measurements of the utilization of the physical and virtual resources comprising deployed clouds, persist these data for subsequent retrieval and analysis, and

trigger actions when defined criteria are met.

OpenStack Telemetry (Ceilometer)


General changes

● Community changes● Re-architecting for performance

● Gnocchi


Monitoring Network Events

● Firewall as a Service● Load Balancer as a Service● VPN as a Service


To provide scalable and reliable Cloud Database as a Service functionality for both relational and non-relational database

engines, and to continue to improve its fully-featured and extensible open source framework.

OpenStack Database Service (Trove)


New Database Options

● SQL● Postgres

● NoSQL● MongoDB● Added database type● Added capabilities so Horizon can present appropriate options


Replication and clustering

● Replication● Set a master● Add a slave● Promote a slave● Detach a slave to be a new master

● Clustering● Create an instance individually or as part of a cluster


Convenience

● Ability to create databases in Horizon● Configuration groups● Incremental backup


Backend improvements

● Trove-conductor isolates the created databases from the trove database itself

● Better integration with Tempest API


To provide a scalable data processing stack and associated management interfaces.

OpenStack Data Processing (Sahara)


What is Sahara?

● Data processing● Originally to

easily deploy data processing frameworks such as Hadoop and Spark


Updates

● Update to Hadoop 2.4● Cloudera plugin has been added● Apache Spark plugin has been added● Addition of Spark as a job type

● Designed to run Java and Hive● Spark currently runs as Java, but may change later


Deployment improvements

● Now installs with Heat● Multi-region support -- not what you think● Integrated with Ceilometer● Anti-affinity through server groups● Security groups added by default


Provide documentation for core OpenStack projects to promote OpenStack. Develop and maintain tools and processes to ensure

quality, accurate documentation. Treat documentation like OpenStack code.

OpenStack Documentation


Guides

● High Availability Guide, Security Guide broken out into separate repositories

● New Architecture Guide produced via the book sprint process


Improving community participation

● Push for projects to self-document● Networking Guide swarm● Experiment with working on the wiki environment


Incubated Projects


Graduated

● Sahara (Juno)● Ironic (Kilo)


Added to incubation

● Zaqar (formerly Marconi)● Designate● Manila● Barbican


Community Changes


DefCore

● DefCore to define "OpenStack" -- for trademark purposes● RefStack to verify

● The Technical Committee still defines the "integrated" release● Should we consider changing the "incubation" model?● Layers versus big tent versus rings versus tags versus ...


New specifications process


DriverLog and Vendor CI


April 30, 2015

Coming in Kilo


Product changes

● Nova● The return of Docker to the Nova project

● Neutron● NFV functions● Stability improvements● Possible nova-network deprecation

● Swift● Erasure coding


Paris Summit


Paris Summit

● Nova-Network deprecation takes shape● Docker love continues to grow● Neutron keeps improving● No consensus on upgrading OpenStack

● Pumphouse has potential

● Big-name adoption growing● EVERYONE is hiring


Download the slides from: bit.ly/openstack-juno(and we’re hiring, ask me about working at Mirantis!)

[email protected] - twitter: @docaedo

Thank you

mailto:[email protected]

mailto:[email protected]

what's new in open stack juno (pnw os meetup)

Technology