Motivation, considerations, approach on adopting private cloud. Discussion on using Open Stack, Docker for building private clouds.

1. Private Cloud
with Open Stack, Docker
Increasing organization’s agility and scalability
Davinder Kohli
Jon Reber

2. Agenda
• Why build private cloud?
• Approach & considerations
• Private cloud ecosystem
• Why Open Stack, Docker?
– Benefits
– Architecture
– Elasticity - Scaling
– Demo

3. Why Private Cloud?
• NPI data and processing of sensitive information
• Regulatory compliances
• Specific location of data
Data and application security
• Dynamic workload management
• Self-service by developer
Moving from virtualized environment to cloud
• Disaster Recovery
• Provider of niche services
Managed service provider
• Specific infrastructure e.g. HPC - CPU speed, storage, number of
concurrent machines
• Competitor to public cloud provider
Support business needs

4. Infrastructure/Operations
Capacity planning
Efficient resource utilization
Scalability - Cloud Bursting
Monitor utilization
Platform
High availability (SLA)
Performance
Support
Dev Team
Enable agile development & continuous
delivery
Infrastructure available as needed
Platform as a service
VM Templates
Virtual Desktop Solutions
Stakeholders
CxO
Capitalize on investments
Existing infrastructure, data centers
Reduce operational costs
Growth
Entry into new markets
New revenue streams
Accelerate speed to market
Security Team
Reduce security threats
Regulatory compliances
Secure app and data
Private Cloud

5. Approach on adopting private clouds
Cloud Readiness
• Financial
• Business
• Technical
• Organization
Cloud-enabled Platform
• Target architecture
• Capacity Planning
• Delivery processes
• Roles/Responsibilities
Implementation
• Infrastructure setup
• App migration
• Integrations

6. Considerations – Private Cloud
Use-case driven
Security
Elasticity
Networking
Platform-as-a-service
Metering
Disaster Recovery
•Compute focused - HPC
•Storage focused – data analytics
•Network focused – CDN
•Multi-level
•Scalability - Cloud bursting
•Storage
•Separation of network segments for operators & tenants
•Internal network for Message Bus, Database
•Auto deployments
•VM Templates
•VM/Container management
•Chargebacks
•Managed service provider
•In-house

7. • Open Source TechnologiesA
• Runs on commodity hardwareB
• Highly scalableC
• Integrates well with infrastructure
vendorsD
Why Open Stack, Docker?

8. Open Stack
• Public or Private cloud
• Apache 2.0 licensed
• Releases – Kilo(2015.4), Juno(2014.10), Icehouse (2014.1), Havana (2013.2), Grizzly (2013.1)
• Technologies – Python, Rabbit MQ, MySQL/PostgreSQL, libvirt driver, Linux based services,
Django
• NOTE: Modular architecture, substituted with other open source technologies based on business
needs
Component Functionality Notes
Keystone Authentication Authenticates users and provides security token
Nova Compute Worker daemon that creates and terminates VMs through hypervisors
Swift Object Storage Persistent; Manage large datasets, VM Images; Chatty; 10x TB; Ref. S3, Multi-
tenant, highly scalable
Cinder Block Storage Persistent; Volume storage attached to VMs(/var/lib/nova); 1 TB disk
Glance Image Service Provides images, stored in Swift. Metadata is stored in MySQL DB.
Horizon Dashboard CRUD – instances, network, storage, images
Heat Orchestration Template (HOT) for creating OS resources. Used for auto-scaling, high availability
Ceilometer Metering Runs on each compute node and controller node, polls resource utilization
Neutron Networking Plugs and unplugs ports, creates networks or subnets, and provides IP addressing.

9. Open Stack - Example Architecture
Open Stack
64-bit Machine
Open Stack - Havana
Ubuntu
glance-api
keystone
nova-
scheduler
MySQL
nova -
Network
V
M
V
M
V
M
Cloud Controller
Compute Node Compute Node
64-bit Machine
Open Stack
Ubuntu/KVM
V
M
V
M
V
M
Rabbit
MQ
Heat
Horizon
ceilometer
Cinder-api,
scheduler
Network
64-bit Machine
Ubuntu/KVM
LVM/iSCSI
Cinder -
Volume
Block Storage Node
nova -
compute
Internet
nova -
Network
nova -
compute
Ephemeral Storage Node
NFS

10. Use Case based Architecture
An education company has their online student registration twice a year.
Online education content is accessed 75% of the time throughout the
academic year. General purpose architecture
Weather simulation software – constant crunching of data and
establishing weather patterns.
Compute oriented architecture
Content Delivery Network - streaming video, photographs or any other
cloud based repository of data that is distributed to a large number of
end users. Network oriented architecture
Once a year, customer load exceeds the capacity of a private cloud of a
retail organization, the extra load is handled by a public cloud provider.
Hybrid oriented architecture

11. Compute Oriented Architecture
Source: Open Stack Architecture Design Manual

12. Open Stack – Architecture Levers
Compute
•(Overcommit ratio x
cores)/virtual cores per
instance
•Usage pattern
Storage
•Ephemeral/Persistent
•Content distribution
•Databases
Network
•Speed:1, 10, 40 GbE
•Port count
•Port density
Software
•Operating System &
Hypervisor
•Open Stack Components
•Supplemental Components
Form Factor
Business Transaction Volume, Data Retention, Replication,
Compliances, Reliability, Usage Pattern
Cost, Data Center Capacity, Performance, Fault Tolerance, Scalability,
High Availability

13. Private Cloud Ecosystem
Physical
Compute
NodeLogging Security
PaaS Monitoring
Cloud Controller
Compute
Node
Compute
Node
Physical Physical
Node Provisioning
Foreman
Puppet
Splunk
Ceilometer
Nagios
LDAP
Oauth
Keystone
Cloud
Foundry

14. Open Stack Auto-Scaling
o User instantiates Heat Template
o Heat registers with Ceilometer for callbacks on alarm events
o Ceilometer triggers alarm event and Heat scales a group based on scaling
policy
o Using monitors on virtual machines or load balancers
o Invoke Openstack via REST API or Python client
o Use Chef/Puppet/Ansible
Heat / Ceilometer – Native OpenStack
Other Tools

15. Auto Scaling with Heat
Controller Compute Node
HOT (scaling.yaml)
ceilometer-api
heat
nova
ceilometer-agent-
compute
nova-compute
VM VM VM VM
HOT - Heat Orchestration Template
ceilometer-collector
ceilometer-alarm
notification

16. Containers
VM VM
 VMs virtualize the hardware
 Limit on the # of VMs based on hardware
resources
 Maintain multiple OS versions – each guest OS
patched/updated separately
 A full virtualized system takes mins to start
VM
Physical
Hypervisor
Ubuntu Ubuntu Ubuntu
Host OS
App
Bins/Lib
App
Bins/Lib
App
Bins/Lib
 Virtualize an OS – each app running in each
containers believes it has full, unshared access
to host OS.
 Lightweight – runs on single OS and consumes
very few system resources (CPU, memory).
 Low management – patches applied to single
guest OS
 Takes seconds to start, no hypervisor overhead
 Can run on cheap hardware
 Solaris zones, Open VZ, Linux Containers, Imctfy
Container
Physical
Docker Engine
Host OS
App
Bins/Lib
Container
App
Bins/Lib
Container
App
Bins/Lib
Ubuntu Ubuntu Ubuntu

17. Open source engine that enables (pack, ship, run) any
application and its dependencies to be encapsulated as
a lightweight container that will run in almost any Linux
environment:
 Bare metal
 Virtualized
 Public or private cloud
Docker

18. Why should I care?
• Faster application delivery
• Developers have a platform to run their applications, Ops can deploy
the same container on production servers
• Supports continuous delivery
• Deploy and scale more easily
• Runs on dev machine, physical/vm in data center, cloud
• Scale up/down apps/services near real time
• Run more workloads
• Place 4 to 6 times as many apps on a single server compared to
virtualization

19. Docker Concepts
• Written in Go
• Linux kernel features
– Namespace layers
– Control Groups – limit resource (memory,
CPU, disk I/O) usage
– Advanced multi-layered unification file
system (AuFS)
– Container format

20. Docker Architecture
• Docker daemon – builds, runs, and distributes Docker
containers on host machine
• Docker Image – build component
• Docker Registry – distribution component
• Docker Container – run component
• Docker client – interacts with daemon using sockets or
REST
• Docker Hub – SaaS for managing Docker containers

21. Containers – Example
Ubuntu 14.4
Ubuntu 14.4
App Container
WAR
Ubuntu 14.1
LB
Ubuntu 14.4
App Container
WAR
FROM tomcat:8
EXPOSE 8080
ADD sample.war $CATALINA_HOME/webapps/
CMD $CATALINA_HOME/bin/catalina.sh run && tail -f $CATALINA_HOME/logs/catalina.out
Dockerfile (Tomcat):
#!/bin/bash
sudo docker build -t javaapp1 .
build.sh (Build image):
#!/bin/bash
sudo docker run -it --rm -p 8888:8080 javaapp1
start.sh (Run container):

22. Containers – Example
Ubuntu 14.4
Ubuntu 14.4
App Container
WAR
Ubuntu 14.1
LB
Ubuntu 14.4
App Container
WAR
FROM httpd:2.4
COPY httpd.conf /usr/local/apache2/conf/httpd.conf
EXPOSE 80
CMD ["httpd-foreground"]
Dockerfile (Load Balancer):
#!/bin/bash
sudo docker build -t httpd101 .
build.sh (Build image):
#!/bin/bash
sudo docker run -it --rm -p 80:80 httpd101
start.sh (Run container):

23. QAIntegration
Container based architecture
Dev m/c
Build Server
Private Docker
Hub
App Container
WAR
App Container
WAR
Code Repository
Svc Container
REST
Svc Container
SOAP
Continuous
Integration
Images
L
B
L
B
L
B
L
B
Dockerfile
Source Code
WAR Chef

24. Scaling Docker with Open Stack
Source: https://wiki.openstack.org/wiki/Docker

25. Docker Scaling
Docker Machine – Zero to Docker
Swarm - native clustering for Docker containers
Compose – Define multi-container applications running on swarm
2 cores CPU
Open Stack
VM – Swarm Node
Ubuntu
Container Container Container
Docker
RackSpace
VM- Swarm Node
Container Container Container
Docker
Swarm
Scheduler
Discovery Service
Physical- Swarm Node
Container Container Container
Docker
Client
2 cores CPU

26. What’s are we working on next?
 Docker
 Baremetal
 Chargebacks with
 Docker
 Open Stack

27. Contact Information
Davinder Kohli
Head of Cloud Services
davinder.kohli@stagrp.com
Jon Reber
Sr. Architect
jon.reber@stagrp.com