Cloud stack overview

  • 2,627 views
Uploaded on

 

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,627
On Slideshare
0
From Embeds
0
Number of Embeds
4

Actions

Shares
Downloads
43
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • 2013-03-20 Apache CloudStack graduates to become a TLP4.0.2 (2013.05.17)
  • CloudStack works within multiple enterprise strategies and mandates, as well as supporting multiple cloud strategies from a provider perspective. As an initial step beyond traditional server virtualization, many organizations are looking to private cloud implementations as a means to satisfy flexibility while still retaining control over service delivery. The private cloud may be hosted by the IT organization itself, or sourced from a managed service provider, but the net goals of total control and security without compromising SLAs is achieved.For some organizations, the managed service model is stepped up one level with all resources sourced from a hosted solution. SLA guarantees and security concerns often dictate the types of providers an enterprise will look towards. At the far end of the spectrum are public cloud providers with pay as you go pricing structures and elastic scaling. Since public clouds often abstract details such as network topology, a hybrid cloud strategy allows IT to retain control over key aspects of their operations such as data, while leveraging the benefits of elastic public cloud capacity.
  • When a user requests a VM instance, there are several steps performed.The user logs in and selects the desired availability zone for their instance, and then selects the desired template from the list of templates available to them. This is the trigger for the provisioning process.Depending on the instance and zone requirements, optional network services such as routing, dhcp and load balancing are provisioned for the zone. If these services are already provisioned, and can be shared by the user, then shared instances are used; otherwise isolated instances of the network services are used.The template representing the root disk of the VM is copied from the secondary storage for the zone to the primary storage for the cluster. CloudStack attempts to localize services for accounts to as few clusters as possible. This is done partly for security reasons, and partly to ensure optimal performance for provisioned services.If the instance requires any data volumes, the data volumes are created on primary storage for the cluster. Note that the storage preferences for the root volume and data volumes may be different resulting in the volumes occupying different primary storage devices within a given cluster. For example, data disks may have attributes which place them on a primary storage device which is continuously backed up while the root volume might be located on local storage.CloudStack then instructs the host to create and start the instance VM
  • When using XenServer, you will first add the XenServer pool master to CloudStack as a host, and CloudStack will transparently add all slave hosts to CloudStack.
  • For KVM, Support is only for RHEL 6.2 based KVM and Ubuntu 10.04. No other flavors of KVM are supported, including RHEV.
  • vCenter cluster/hostA vCenter cluster is mapped directly to a CloudStack cluster under PodA vCenter cluster for CloudStack can only belong to one vCenter datacenterWhy?vCenter Datastore used by vCenter cluster is at scope of vCenter datacentervCenter vSwitch used by vCenter cluster is at scope of vCenter datacenterSharing vCenter datacenter resource outside of CloudStack will be problematicSystem VM bootstrapFirst generation is done by CloudStack management serverSecond/beyond generations is done through a running SSVMSSVM (Secondary Storage VM)SSVM for template processingSSVM for VMware volume/snapshot/template operationCommand delegationSystem VM, extension of CloudStack management serverResource manager can be running in context of a system VMCommand delegation in CloudStack management serverSnapshotsCloudStack snapshot is taken at volume basisSnapshot in vCenter is take at VM basisFill the gapTake a VM snapshot, if it is for a detached volume in CloudStack, create a worker VMParse VM snapshot meta data, build up disk chain information at volume basisCreate intermediate VM on top of a selected disk chainExport VM (full backup) to secondary storageCleanupsvCenter vSwitchvSwitch setup is done through vCenterNIC-bonding is done through vCenterCloudStack creates networks (portgroups) dynamicallyCloudStack propagates networks across clusterWhy? To support independent VM live migration both in CloudStack and vCenterDefault vSwitch portsNot enough, usually needs to extend
  • The following external devices are supported in CloudStack 4.1.0.• F5: 10.1.10 (Build 3341.1084)• SRX model srx100b: Must be 10.3 or higher -10.4R7.5• Netscaler VPX 9.3, 10.0(Build 54.7.nc and 54.161)• Netscaler MPX 10• Netscaler SDX 10CS 4.1 supports Nicira NVP
  • External devices why not sequenced?

Transcript

  • 1. CloudStack Overview
  • 2. Outline• Overview of CloudStack• Problem Definition• Feature set overview• Network• Storage
  • 3. • Secure, Multi-tenant cloudorchestration platform– Turnkey solution for deliveringIaaS clouds– Hypervisor agnostic– Scalable and secure– Open source, open standards– Deploys on premise or as a hostedsolution• Deliver cloud services fasterand cheaperBuild your cloud the way theworld’s most successful cloudsare builtWhat is CloudStack
  • 4. • 2009: Cloud.com, 100% proprietary• 2010: Cloud.com, open core, GPL v3• 2011: Citrix Systems, 100% open, GPL v3• 2012: ASF, 100% open, Apache License 2• 2013: Graduated from incubator to ASF TLPHistory of Apache CloudStack
  • 5. Multi-tenantPublic Cloud• Dedicatedresources• Security & totalcontrol• Internal network• Managed byEnterprise or 3rdparty• Mix of shared anddedicatedresources• Elastic scaling• Pay as you go• Public internet,VPN accessHostedEnterprise Cloud• Dedicatedresources• Security• SLA bound• 3rd party ownedand operatedPrivate Clouds Public CloudsOn-premiseEnterprise CloudCloudStack Supports Multiple Cloud Strategies
  • 6. Compute Network StorageAdminUsersOrg AAdminUsersOrg BUsersEnd UserAdminCloudStack Provides On-demand Access
  • 7. • Offer a scalable, flexible, manageable IaaS platform thatfollows established cloud computing paradigms• IaaS– Orchestrate physical and virtual resources to offer self-serviceinfrastructure provisioning and monitoring• Scalable– 1 -> N hypervisors / VMs / virtual resources– 1 -> N end users• Flexible– Handle new physical resource types• Hypervisors, storage, networking– Add new APIs– Add new services– Add new network modelsProblem Definition
  • 8. • Manageable– Hide complexity of underlying resources– Rich functional end-user and admin UI– Admin API to automate operations– Easy install, upgrade for small -> large clouds– Simple scaling, automated resilienceProblem Definition (cntd)
  • 9. Feature Set Overview
  • 10. Service Offering
  • 11. Select Compute OfferingCPU & RAM & HypervisorSelect Operating SystemWindows, LinuxSelect Data Disk OfferingVolume Size & Storage TypeSelect Network OfferingNetwork & ServicesLaunch VMCreate Custom Virtual Machines via Service Offerings
  • 12. • Management Server Dashboard– Running, Stopped and Total VMs– Resource allocations (IPs and storage)– Latest events and alerts Root Admin View  Domain Admin ViewOverview Resource Provision
  • 13. Users• CPU Utilized• Network Read• Network WritesVM StatusChangeService Offering2 CPUs1 GB RAM20 GB20 Mbps4 CPUs4 GB RAM200 GB100 MbpsStartStopRebootDestroyVM Operations Console AccessVirtual Machine Management
  • 14. Add / DeleteVolumesCreate Templatesfrom VolumesVolume TemplateVolumeVM 1ScheduleSnapshotsHourlyDailyWeeklyMonthlyNowView SnapshotHistory 2012/05/29 7.30 am….2012/06/01 7.30 amVolume and Snapshot Management
  • 15. • Create Networks andattach VMs• Acquire public IP addressfor NAT & load balancing• Control traffic to VM usingingress and egress firewallrules• Set up rules to loadbalance traffic betweenVMsNetwork & Network Services
  • 16. ComputeXenServer VMware KVM Bare metalHypervisorStorageLocal Disk iSCSI NFSFiberChannelSwiftBlock & ObjectNetworkConnectionTypeIsolationLoadbalancerFirewall VPNNetwork & Network ServicesPrimary Storage Secondary StorageOpen Flexible Platform
  • 17. Pod 1….Host 2Cluster 1Host 1 Hypervisor is the basic unit ofscale. Cluster consists of one oremore hosts of same hypervisor All hosts in cluster have accessto shared (primary) storage Pod is one or more clusters,usually with L2 switches. Availability Zone has one ormore pods, has access tosecondary storage. One or more zones representcloudZone 1….L3 coreSecondaryStoragePod NCloudStackManagementServerInternetCloudStack Deployment ArchitecturePrimaryStorageAccess LayerCluster N
  • 18. Zone1Data Center 1CloudData Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 3Zone 4 CloudStack Cloud can haveone or more AvailabilityZones (AZ).Management Server Managing Multiple Zones
  • 19. Zone1Data Center 1CloudData Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 2Zone 3Zone 2Data Center 3Zone 4MgmtServer Single Management Server canmanage multiple zones Zones can be geographicallydistributed but low latency links areexpected for better performance Single MS node can manage up to10K hosts. Multiple MS nodes can be deployedas cluster for scale or redundancyManagement Server Managing Multiple Zones
  • 20. ReplicationMS MySQLDBBack UpDBInfrastructureResourcesUser APIAdmin APILoadBalancerMSMSMSMySQLDBInfrastructureResourcesUser APIAdmin APISingle-nodeDeploymentMulti-nodeDeployment MS is stateless. MS can be deployedas physical server or VM Single MS node can manage up to10K hosts. Multiple nodes can bedeployed for scale or redundancyManagement Server Deployment Architecture
  • 21. Pod 1Host 2Cluster 1Host 1PrimaryStorageL3 switchSecondaryStorageL2 switch• Configured at Cluster-level. Close to hosts for betterperformance• Stores all disk volumes for VMs in a cluster• Cluster can have one or more primary storages• Local disk, iSCSI, FC or NFSPrimary Storage• Configured at Zone-level• Stores all Templates, ISOs and Snapshots• Zone can have one or more secondary storages• NFS, OpenStack SwiftSecondary StorageCloudStack Storage
  • 22. • Hosts• Servers onto which services will be provisioned• Primary Storage• VM storage• Cluster• A grouping of hosts and their associated storage• Pod• Collection of clusters• Network• Within the same L2 switch• Secondary Storage• Template, snapshot and ISO storage• Zone• Collection of pods, network offerings and secondarystorage• Management Server Farm• Responsible for all management and provisioningtasks ZoneCloudStack PodClusterHostHostPrimaryStorageVMVMCloudStack PodClusterSecondaryStorage NetworkCore CloudStack Components
  • 23. • Primary Storage• Cluster level storage for VMs• Connected directly to hosts• NFS, iSCSI, FC and Local• Secondary Storage• Zone level storage for template, ISOs andsnapshots• NFS or OpenStack Swift via CloudStackSystem VM• Templates and ISOs• Imported into CloudStack• Can be private or publicZoneSecondary StoragePodClusterHostHostPrimary StorageTemplateUnderstanding the Role of Storage and Templates
  • 24. 1. User Requests Instance2. Provision Optional NetworkServices3. Copy instance template fromsecondary storage to primarystorage on appropriate cluster4. Create any requested datavolumes on primary storage for thecluster5. Create instance6. Start instance ZoneSecondary StoragePodClusterHostHostPrimary StorageVMTemplateProvisioning Process
  • 25. XenServerResource Pool• Integrates directly with XenServer PoolMaster• Snapshots at host level• System VM control channel at host level• Network management is host levelCloudStackManagerXenServer PoolMaster HostXenServer HostXenServer HostXenServer HostXenServer HostCitrix XenServer
  • 26. • Integrates with libvirt usingCloud Agent• Snapshots at host level• System VM control channel athost level• Network management is hostlevel• CentOS 6.2 with KVM• Only RHEL 6.2, not RHEVKVM HostCloud AgentLibvirtKVM HostCloud AgentLibvirtCloudStackManagerRedHat Enterprise Linux (KVM)
  • 27. • Integration through vCenter• System VM control channel viaCloudStack private network• Snapshot and volume managementvia Secondary Storage VM• Networking via vSphere vSwitchCloudStackManagerData CentervSphere ClustervSphere HostvSphere HostvSphere HostvSphere ClustervSphere HostvSphere HostvCenterVMware vSphere
  • 28. ManagementServerXenServerESXvCenterKVMAgentXAPI HTTPS• XS 5.6, 5.6FP1, 5.6 SP2,6.0.2• Incremental Snapshots• VHD• NFS, iSCSI, FC & Local disk• Storage over-provisioning:NFS• ESX 4.1, 5.0 (coming)• Full Snapshots• VMDK• NFS, iSCSI, FC & Local disk• Storage over-provisioning:NFS, iSCSI• RHEL 6.0, 6.1, 6.2 (coming)• Full Snapshots (not live)• QCOW2• NFS, iSCSI & FC• Storage over-provisioning:NFSManagement Server Interaction with Hypervisors
  • 29. Cloud• Domain is a unit ofisolation that representsa customer org, businessunit or a reseller• Domain can havearbitrary levels of sub-domains• A Domain can have oneor more accounts• An Account representsone or more users and isthe basic unit of isolation• Admin can limitresources at the Accountor Domain levelsAdminOrg AAdminReseller ADomainDomainAdminOrg CSub-DomainUser 1User 2Group BAccountGroup AAccountVMs, IPs, Snapshots…VMs, IPs, Snapshots…ResourcesResourcesMulti-tenancy & Account Management
  • 30. CloudStack Network
  • 31. CloudStack Network FeaturesThe Management ofPhysical NetworkThe service ofVirtual Network
  • 32. RouterL3 Core SwitchAccessLayerSwitches………… …Availability ZoneServersCloudStack MSClusterSecondaryStoragePod 1 Pod 2 Pod 3 Pod NMySQLLoad BalancerOperationsAdmin andCloud APIUsersPhysical Network
  • 33. Network Traffic type:Public Network:Public traffic is generated when VMs in the cloudaccess the internet, e.g Virtual RouterGuest Network:The tenant network to which instances are attached.Storage Network:The physical network which connects the hypervisor to thestorages.Management Network:Control Plane traffic between CloudStack managementserver and hypervisor clustersCloudStack Network Traffic Type
  • 34. CloudStack Network ModeBasic Network• AWS-style networking• All VMs in one sub-net• Account’s VM Isolation bySecurity Group• VR provides service: DHCP, DNS• Each VM has only one NICs(Network)Advanced Network• Account’s VM Isolation by VLAN• VR can provide more services :NAT, Firewall, PF, LB, VPN• Guest Network supports Isolatedand Shared Network types• Each VM can have more NICs(Network)
  • 35. CloudStack Basic Network• VR provides service: DHCP, DNS• VMs Isolation by Security Group
  • 36. Security Group Isolation
  • 37. CloudStack Advanced NetworkGuest 1VM 1Guest 1VM 2Guest 1VM 3PublicInternetGuest Network 1VLAN 101Gatewayaddress10.1.1.1NATDHCPLoad BalancingPort ForwardingFirewallVPNPublic IPaddress65.37.141.1110.1.1.210.1.1.310.1.1.4Guest 1 VirtualRouterGuest 2VM 1Guest 2VM 2Guest 2VM 3Gatewayaddress10.1.1.110.1.1.210.1.1.310.1.1.4Guest 2 VirtualRouterPublic IPaddress65.37.141.24Guest Network 2VLAN 102Public Network
  • 38. VLAN Isolation
  • 39. CloudStack Advanced Network Service• Firewall• Source NAT• Static NAT• Load Balancing• Port Forwarding• VPN
  • 40. Public NetworkInternetDHCP, DNSNAT, FirewallLB, VPN, PortForwarding10.1.1.2Web VM110.1.1.3Web VM210.1.1.4Web VM310.1.1.5Web VM4Public IP65.37.141.111CSVirtualRouterVirtual Network10.1.1.0/24VLAN 100Virtual Network10.1.2.0/24VLAN 10110.1.2.2110.1.2.1810.1.2.3810.1.2.3910.1.2.31App VM1 10.1.3.21Virtual Network10.1.3.0/24VLAN 10210.1.2.24App VM2 10.1.3.4510.1.3.24 DB VM 1CSVirtualRouterDHCP, DNS DHCP, DNSCSVirtualRouterAdvanced Network – Multi-tier NetworkPrivate IP10.1.1.1
  • 41. 10.1.1.1Web VM110.1.1.3Web VM210.1.1.4Web VM310.1.1.5Web VM4VirtualNetwork10.1.1.0/24Virtual Network10.1.2.0/24VLAN 10110.1.2.31App VM1Virtual Network10.1.3.0/24VLAN 10210.1.2.24App VM210.1.3.24DB VM 1CSVirtual Router /Other DataCenterIPSec or SSL site-to-site VPNInternet Internal VLANVirtual Router Services• DNS• LB• Site-to-Site VPN• Static Routes• Network ACLs• NAT, PF• FW [ingress & egress]LoadbalancerAdvanced Network – Virtual Private Network
  • 42. CloudStack Storage
  • 43. Zone-Level Layer 3 SwitchPod2PodNPrivate NetworkComputingServer 1ComputingServer 3ComputingServer 2ComputingServer 4Pod-Level Layer-2SwitchPrimaryStoragePrimaryStoragePod 1Scale-OutNFSCluster2Cluster1PrimaryStorageScale-OutNFS• Primary Storage– Block device to the VM– IOPs intensive– Accessible from host orcluster wide• WORM Storage– Secondary Storage or ObjectStore for templates, ISO, andsnapshot archiving– High capacity• CloudStack manages thestorage between the two toachieve maximum benefit andresiliencyStorage
  • 44. Type XenServer VMWare KVMLocal Disk Supported Supported SupportediSCSI Supported Supported Not SupportedFiber Channel Supported Supported Not SupportedNFS Supported Supported SupportedPrimary Storage Support Matrix
  • 45. • Supported via storage tags for primary storage• Specify a tag when adding a storage pool• Specify a tag when adding a disk offering• Only storage pools with the tag will beallocated for the volumeStorage Tagging
  • 46. • Write Once Read Many storage pattern issupported by two different storage types– Secondary Storage (NFS Server within an availabilityzone)– Object Store (Swift implementation for cross-zone)• Objective for WORM storage– High capacity, cheap storage– Easy to increase capacity• Used to store templates, ISOs, and snapshotsWORM Storage
  • 47. • Snapshots are used as backups for DRS• Taken on the primary storage and moved tosecondary storage• Supports individual snapshots and recurringsnapshots• Full snapshots on VMWare and KVM.• Incremental snapshots on XenServerSnapshot