Cloud stack overview


Published on

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • 2013-03-20 Apache CloudStack graduates to become a TLP4.0.2 (2013.05.17)
  • CloudStack works within multiple enterprise strategies and mandates, as well as supporting multiple cloud strategies from a provider perspective. As an initial step beyond traditional server virtualization, many organizations are looking to private cloud implementations as a means to satisfy flexibility while still retaining control over service delivery. The private cloud may be hosted by the IT organization itself, or sourced from a managed service provider, but the net goals of total control and security without compromising SLAs is achieved.For some organizations, the managed service model is stepped up one level with all resources sourced from a hosted solution. SLA guarantees and security concerns often dictate the types of providers an enterprise will look towards. At the far end of the spectrum are public cloud providers with pay as you go pricing structures and elastic scaling. Since public clouds often abstract details such as network topology, a hybrid cloud strategy allows IT to retain control over key aspects of their operations such as data, while leveraging the benefits of elastic public cloud capacity.
  • When a user requests a VM instance, there are several steps performed.The user logs in and selects the desired availability zone for their instance, and then selects the desired template from the list of templates available to them. This is the trigger for the provisioning process.Depending on the instance and zone requirements, optional network services such as routing, dhcp and load balancing are provisioned for the zone. If these services are already provisioned, and can be shared by the user, then shared instances are used; otherwise isolated instances of the network services are used.The template representing the root disk of the VM is copied from the secondary storage for the zone to the primary storage for the cluster. CloudStack attempts to localize services for accounts to as few clusters as possible. This is done partly for security reasons, and partly to ensure optimal performance for provisioned services.If the instance requires any data volumes, the data volumes are created on primary storage for the cluster. Note that the storage preferences for the root volume and data volumes may be different resulting in the volumes occupying different primary storage devices within a given cluster. For example, data disks may have attributes which place them on a primary storage device which is continuously backed up while the root volume might be located on local storage.CloudStack then instructs the host to create and start the instance VM
  • When using XenServer, you will first add the XenServer pool master to CloudStack as a host, and CloudStack will transparently add all slave hosts to CloudStack.
  • For KVM, Support is only for RHEL 6.2 based KVM and Ubuntu 10.04. No other flavors of KVM are supported, including RHEV.
  • vCenter cluster/hostA vCenter cluster is mapped directly to a CloudStack cluster under PodA vCenter cluster for CloudStack can only belong to one vCenter datacenterWhy?vCenter Datastore used by vCenter cluster is at scope of vCenter datacentervCenter vSwitch used by vCenter cluster is at scope of vCenter datacenterSharing vCenter datacenter resource outside of CloudStack will be problematicSystem VM bootstrapFirst generation is done by CloudStack management serverSecond/beyond generations is done through a running SSVMSSVM (Secondary Storage VM)SSVM for template processingSSVM for VMware volume/snapshot/template operationCommand delegationSystem VM, extension of CloudStack management serverResource manager can be running in context of a system VMCommand delegation in CloudStack management serverSnapshotsCloudStack snapshot is taken at volume basisSnapshot in vCenter is take at VM basisFill the gapTake a VM snapshot, if it is for a detached volume in CloudStack, create a worker VMParse VM snapshot meta data, build up disk chain information at volume basisCreate intermediate VM on top of a selected disk chainExport VM (full backup) to secondary storageCleanupsvCenter vSwitchvSwitch setup is done through vCenterNIC-bonding is done through vCenterCloudStack creates networks (portgroups) dynamicallyCloudStack propagates networks across clusterWhy? To support independent VM live migration both in CloudStack and vCenterDefault vSwitch portsNot enough, usually needs to extend
  • The following external devices are supported in CloudStack 4.1.0.• F5: 10.1.10 (Build 3341.1084)• SRX model srx100b: Must be 10.3 or higher -10.4R7.5• Netscaler VPX 9.3, 10.0(Build and 54.161)• Netscaler MPX 10• Netscaler SDX 10CS 4.1 supports Nicira NVP
  • External devices why not sequenced?
  • Cloud stack overview

    1. 1. CloudStack Overview
    2. 2. Outline• Overview of CloudStack• Problem Definition• Feature set overview• Network• Storage
    3. 3. • Secure, Multi-tenant cloudorchestration platform– Turnkey solution for deliveringIaaS clouds– Hypervisor agnostic– Scalable and secure– Open source, open standards– Deploys on premise or as a hostedsolution• Deliver cloud services fasterand cheaperBuild your cloud the way theworld’s most successful cloudsare builtWhat is CloudStack
    4. 4. • 2009:, 100% proprietary• 2010:, open core, GPL v3• 2011: Citrix Systems, 100% open, GPL v3• 2012: ASF, 100% open, Apache License 2• 2013: Graduated from incubator to ASF TLPHistory of Apache CloudStack
    5. 5. Multi-tenantPublic Cloud• Dedicatedresources• Security & totalcontrol• Internal network• Managed byEnterprise or 3rdparty• Mix of shared anddedicatedresources• Elastic scaling• Pay as you go• Public internet,VPN accessHostedEnterprise Cloud• Dedicatedresources• Security• SLA bound• 3rd party ownedand operatedPrivate Clouds Public CloudsOn-premiseEnterprise CloudCloudStack Supports Multiple Cloud Strategies
    6. 6. Compute Network StorageAdminUsersOrg AAdminUsersOrg BUsersEnd UserAdminCloudStack Provides On-demand Access
    7. 7. • Offer a scalable, flexible, manageable IaaS platform thatfollows established cloud computing paradigms• IaaS– Orchestrate physical and virtual resources to offer self-serviceinfrastructure provisioning and monitoring• Scalable– 1 -> N hypervisors / VMs / virtual resources– 1 -> N end users• Flexible– Handle new physical resource types• Hypervisors, storage, networking– Add new APIs– Add new services– Add new network modelsProblem Definition
    8. 8. • Manageable– Hide complexity of underlying resources– Rich functional end-user and admin UI– Admin API to automate operations– Easy install, upgrade for small -> large clouds– Simple scaling, automated resilienceProblem Definition (cntd)
    9. 9. Feature Set Overview
    10. 10. Service Offering
    11. 11. Select Compute OfferingCPU & RAM & HypervisorSelect Operating SystemWindows, LinuxSelect Data Disk OfferingVolume Size & Storage TypeSelect Network OfferingNetwork & ServicesLaunch VMCreate Custom Virtual Machines via Service Offerings
    12. 12. • Management Server Dashboard– Running, Stopped and Total VMs– Resource allocations (IPs and storage)– Latest events and alerts Root Admin View  Domain Admin ViewOverview Resource Provision
    13. 13. Users• CPU Utilized• Network Read• Network WritesVM StatusChangeService Offering2 CPUs1 GB RAM20 GB20 Mbps4 CPUs4 GB RAM200 GB100 MbpsStartStopRebootDestroyVM Operations Console AccessVirtual Machine Management
    14. 14. Add / DeleteVolumesCreate Templatesfrom VolumesVolume TemplateVolumeVM 1ScheduleSnapshotsHourlyDailyWeeklyMonthlyNowView SnapshotHistory 2012/05/29 7.30 am….2012/06/01 7.30 amVolume and Snapshot Management
    15. 15. • Create Networks andattach VMs• Acquire public IP addressfor NAT & load balancing• Control traffic to VM usingingress and egress firewallrules• Set up rules to loadbalance traffic betweenVMsNetwork & Network Services
    16. 16. ComputeXenServer VMware KVM Bare metalHypervisorStorageLocal Disk iSCSI NFSFiberChannelSwiftBlock & ObjectNetworkConnectionTypeIsolationLoadbalancerFirewall VPNNetwork & Network ServicesPrimary Storage Secondary StorageOpen Flexible Platform
    17. 17. Pod 1….Host 2Cluster 1Host 1 Hypervisor is the basic unit ofscale. Cluster consists of one oremore hosts of same hypervisor All hosts in cluster have accessto shared (primary) storage Pod is one or more clusters,usually with L2 switches. Availability Zone has one ormore pods, has access tosecondary storage. One or more zones representcloudZone 1….L3 coreSecondaryStoragePod NCloudStackManagementServerInternetCloudStack Deployment ArchitecturePrimaryStorageAccess LayerCluster N
    18. 18. Zone1Data Center 1CloudData Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 3Zone 4 CloudStack Cloud can haveone or more AvailabilityZones (AZ).Management Server Managing Multiple Zones
    19. 19. Zone1Data Center 1CloudData Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 3Zone 4MgmtServer Single Management Server canmanage multiple zones Zones can be geographicallydistributed but low latency links areexpected for better performance Single MS node can manage up to10K hosts. Multiple MS nodes can be deployedas cluster for scale or redundancyManagement Server Managing Multiple Zones
    20. 20. ReplicationMS MySQLDBBack UpDBInfrastructureResourcesUser APIAdmin APILoadBalancerMSMSMSMySQLDBInfrastructureResourcesUser APIAdmin APISingle-nodeDeploymentMulti-nodeDeployment MS is stateless. MS can be deployedas physical server or VM Single MS node can manage up to10K hosts. Multiple nodes can bedeployed for scale or redundancyManagement Server Deployment Architecture
    21. 21. Pod 1Host 2Cluster 1Host 1PrimaryStorageL3 switchSecondaryStorageL2 switch• Configured at Cluster-level. Close to hosts for betterperformance• Stores all disk volumes for VMs in a cluster• Cluster can have one or more primary storages• Local disk, iSCSI, FC or NFSPrimary Storage• Configured at Zone-level• Stores all Templates, ISOs and Snapshots• Zone can have one or more secondary storages• NFS, OpenStack SwiftSecondary StorageCloudStack Storage
    22. 22. • Hosts• Servers onto which services will be provisioned• Primary Storage• VM storage• Cluster• A grouping of hosts and their associated storage• Pod• Collection of clusters• Network• Within the same L2 switch• Secondary Storage• Template, snapshot and ISO storage• Zone• Collection of pods, network offerings and secondarystorage• Management Server Farm• Responsible for all management and provisioningtasks ZoneCloudStack PodClusterHostHostPrimaryStorageVMVMCloudStack PodClusterSecondaryStorage NetworkCore CloudStack Components
    23. 23. • Primary Storage• Cluster level storage for VMs• Connected directly to hosts• NFS, iSCSI, FC and Local• Secondary Storage• Zone level storage for template, ISOs andsnapshots• NFS or OpenStack Swift via CloudStackSystem VM• Templates and ISOs• Imported into CloudStack• Can be private or publicZoneSecondary StoragePodClusterHostHostPrimary StorageTemplateUnderstanding the Role of Storage and Templates
    24. 24. 1. User Requests Instance2. Provision Optional NetworkServices3. Copy instance template fromsecondary storage to primarystorage on appropriate cluster4. Create any requested datavolumes on primary storage for thecluster5. Create instance6. Start instance ZoneSecondary StoragePodClusterHostHostPrimary StorageVMTemplateProvisioning Process
    25. 25. XenServerResource Pool• Integrates directly with XenServer PoolMaster• Snapshots at host level• System VM control channel at host level• Network management is host levelCloudStackManagerXenServer PoolMaster HostXenServer HostXenServer HostXenServer HostXenServer HostCitrix XenServer
    26. 26. • Integrates with libvirt usingCloud Agent• Snapshots at host level• System VM control channel athost level• Network management is hostlevel• CentOS 6.2 with KVM• Only RHEL 6.2, not RHEVKVM HostCloud AgentLibvirtKVM HostCloud AgentLibvirtCloudStackManagerRedHat Enterprise Linux (KVM)
    27. 27. • Integration through vCenter• System VM control channel viaCloudStack private network• Snapshot and volume managementvia Secondary Storage VM• Networking via vSphere vSwitchCloudStackManagerData CentervSphere ClustervSphere HostvSphere HostvSphere HostvSphere ClustervSphere HostvSphere HostvCenterVMware vSphere
    28. 28. ManagementServerXenServerESXvCenterKVMAgentXAPI HTTPS• XS 5.6, 5.6FP1, 5.6 SP2,6.0.2• Incremental Snapshots• VHD• NFS, iSCSI, FC & Local disk• Storage over-provisioning:NFS• ESX 4.1, 5.0 (coming)• Full Snapshots• VMDK• NFS, iSCSI, FC & Local disk• Storage over-provisioning:NFS, iSCSI• RHEL 6.0, 6.1, 6.2 (coming)• Full Snapshots (not live)• QCOW2• NFS, iSCSI & FC• Storage over-provisioning:NFSManagement Server Interaction with Hypervisors
    29. 29. Cloud• Domain is a unit ofisolation that representsa customer org, businessunit or a reseller• Domain can havearbitrary levels of sub-domains• A Domain can have oneor more accounts• An Account representsone or more users and isthe basic unit of isolation• Admin can limitresources at the Accountor Domain levelsAdminOrg AAdminReseller ADomainDomainAdminOrg CSub-DomainUser 1User 2Group BAccountGroup AAccountVMs, IPs, Snapshots…VMs, IPs, Snapshots…ResourcesResourcesMulti-tenancy & Account Management
    30. 30. CloudStack Network
    31. 31. CloudStack Network FeaturesThe Management ofPhysical NetworkThe service ofVirtual Network
    32. 32. RouterL3 Core SwitchAccessLayerSwitches………… …Availability ZoneServersCloudStack MSClusterSecondaryStoragePod 1 Pod 2 Pod 3 Pod NMySQLLoad BalancerOperationsAdmin andCloud APIUsersPhysical Network
    33. 33. Network Traffic type:Public Network:Public traffic is generated when VMs in the cloudaccess the internet, e.g Virtual RouterGuest Network:The tenant network to which instances are attached.Storage Network:The physical network which connects the hypervisor to thestorages.Management Network:Control Plane traffic between CloudStack managementserver and hypervisor clustersCloudStack Network Traffic Type
    34. 34. CloudStack Network ModeBasic Network• AWS-style networking• All VMs in one sub-net• Account’s VM Isolation bySecurity Group• VR provides service: DHCP, DNS• Each VM has only one NICs(Network)Advanced Network• Account’s VM Isolation by VLAN• VR can provide more services :NAT, Firewall, PF, LB, VPN• Guest Network supports Isolatedand Shared Network types• Each VM can have more NICs(Network)
    35. 35. CloudStack Basic Network• VR provides service: DHCP, DNS• VMs Isolation by Security Group
    36. 36. Security Group Isolation
    37. 37. CloudStack Advanced NetworkGuest 1VM 1Guest 1VM 2Guest 1VM 3PublicInternetGuest Network 1VLAN 101Gatewayaddress10.1.1.1NATDHCPLoad BalancingPort ForwardingFirewallVPNPublic IPaddress65.37.141.1110. 1 VirtualRouterGuest 2VM 1Guest 2VM 2Guest 2VM 3Gatewayaddress10. 2 VirtualRouterPublic IPaddress65.37.141.24Guest Network 2VLAN 102Public Network
    38. 38. VLAN Isolation
    39. 39. CloudStack Advanced Network Service• Firewall• Source NAT• Static NAT• Load Balancing• Port Forwarding• VPN
    40. 40. Public NetworkInternetDHCP, DNSNAT, FirewallLB, VPN, PortForwarding10.1.1.2Web VM110.1.1.3Web VM210.1.1.4Web VM310.1.1.5Web VM4Public IP65.37.141.111CSVirtualRouterVirtual Network10.1.1.0/24VLAN 100Virtual Network10.1.2.0/24VLAN 10110.1.2.2110.1.2.1810.1.2.3810.1.2.3910.1.2.31App VM1 Network10.1.3.0/24VLAN 10210.1.2.24App VM2 DB VM 1CSVirtualRouterDHCP, DNS DHCP, DNSCSVirtualRouterAdvanced Network – Multi-tier NetworkPrivate IP10.1.1.1
    41. 41. VM110.1.1.3Web VM210.1.1.4Web VM310.1.1.5Web VM4VirtualNetwork10.1.1.0/24Virtual Network10.1.2.0/24VLAN 10110.1.2.31App VM1Virtual Network10.1.3.0/24VLAN 10210.1.2.24App VM210.1.3.24DB VM 1CSVirtual Router /Other DataCenterIPSec or SSL site-to-site VPNInternet Internal VLANVirtual Router Services• DNS• LB• Site-to-Site VPN• Static Routes• Network ACLs• NAT, PF• FW [ingress & egress]LoadbalancerAdvanced Network – Virtual Private Network
    42. 42. CloudStack Storage
    43. 43. Zone-Level Layer 3 SwitchPod2PodNPrivate NetworkComputingServer 1ComputingServer 3ComputingServer 2ComputingServer 4Pod-Level Layer-2SwitchPrimaryStoragePrimaryStoragePod 1Scale-OutNFSCluster2Cluster1PrimaryStorageScale-OutNFS• Primary Storage– Block device to the VM– IOPs intensive– Accessible from host orcluster wide• WORM Storage– Secondary Storage or ObjectStore for templates, ISO, andsnapshot archiving– High capacity• CloudStack manages thestorage between the two toachieve maximum benefit andresiliencyStorage
    44. 44. Type XenServer VMWare KVMLocal Disk Supported Supported SupportediSCSI Supported Supported Not SupportedFiber Channel Supported Supported Not SupportedNFS Supported Supported SupportedPrimary Storage Support Matrix
    45. 45. • Supported via storage tags for primary storage• Specify a tag when adding a storage pool• Specify a tag when adding a disk offering• Only storage pools with the tag will beallocated for the volumeStorage Tagging
    46. 46. • Write Once Read Many storage pattern issupported by two different storage types– Secondary Storage (NFS Server within an availabilityzone)– Object Store (Swift implementation for cross-zone)• Objective for WORM storage– High capacity, cheap storage– Easy to increase capacity• Used to store templates, ISOs, and snapshotsWORM Storage
    47. 47. • Snapshots are used as backups for DRS• Taken on the primary storage and moved tosecondary storage• Supports individual snapshots and recurringsnapshots• Full snapshots on VMWare and KVM.• Incremental snapshots on XenServerSnapshot