Openstack presentation
Upcoming SlideShare
Loading in...5
×
 

Openstack presentation

on

  • 959 views

 

Statistics

Views

Total Views
959
Views on SlideShare
958
Embed Views
1

Actions

Likes
2
Downloads
72
Comments
0

1 Embed 1

http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Openstack presentation Openstack presentation Presentation Transcript

  • OpenStack Sankalp Jain
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Open Source Cloud Computing Software  Eucalyptus  OpenNebula  OpenStack
  • Open Stack: A Platform for Innovation “My UI will be easier to use” “I need a different VM placement policy” “I have a much better way to snapshot machine images” “I want to report on my customers SLAs” “I’ll build in a way to share revenue with my customer’s” “I let my customers span multiple clouds”
  • What is OpenStack?  Originated at NASA, with Rackspace  Driven by an open community process OpenStack Compute OpenStack Compute Three existing projects: (VMs & VM Networks) (VMs & VM Networks) OpenStack Compute OpenStack Image Service OpenStack Image Service OpenStack Image Service (Image Library & Management) (Image Library & Management) Open Object Storage Multiple hypervisors: Xen, KVM, ESXi, Hyper-V Releases: OpenStack Object Store OpenStack Object Store (Storage) (Storage) Grizzly: April 2013 Folsom: Oct 2012 Grizzly : April 2013: Current Havana: scheduled for Oct 2013
  • Open Source Advantages Leverage the work of a growing community of developers  Works across multiple hardware infrastructure  Possible to deploy at service providers and onpremise  Amazon AWS Interface Compatibility  Flexible Clustering and Availability Zones  Access Control List (ACL) with policies management  Network Management, Security Groups, Traffic Isolation 
  • OpenStack Arhictecture
  • OpenStack Components (Grizzly Release)
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Keystone Main Functions • Provides 4 primary services: – Identity: User information authentication – Token: After logged in, replace account-password – Service catalog: Service units registered – Policies: Enforces different user levels • Can be backed by different databases. – LDAP – SQL – Key Value Stores (KVS)
  • Keystone: Identity • User information: – username/password – Metadata (e-mail, etc.) – Tenant - organizes users into projects or group. – Role - define a user’s role and permissions in a project. • A user must belong to at least one tenant, and may belong to many tenants • Roles are assigned to user/tenant pairs – Common roles: Member, Admin
  • Keystone: Token • Once a user’s identity has been verified with a acc/pswd pair, a short-lived (24 hr) token is issued. • Tokens are a stand-in for the acc/pswd. • OpenStack services hold on to tokens and use them to query keystone during operations. • For example, once Nova can use a token to determine if an authenticated user has authorization to delete an instance.
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Storage as a Service • CAPEX to OPEX based business model. • Manage storage by well-defined set of remotely accessible APIs • Abstracts the actual storage implementation • This service offers specialized functions: DR, backup, document sharing, etc. Using Storage as a Service • Object • Block • File
  • Storage Available Ephemeral(On-instance) : -Used for running Operating System and scratch space -Persists until VM is terminated -Access associated with a VM -Implemented as a filesystem underlying OpenStack Compute -Administrator configures size setting, based on flavors -Example: 10GB first disk, 30GB/core second disk For desktop user PC's internal disk drives are ephemeral; persistent storage can be considered similar to an external USB drive.
  • OpenStack Object Storage Swift What Is It? • Object Storage is ideal for cost effective, scale-out storage. It provides a fully distributed, API-accessible storage platform that can be integrated directly into applications or used for backup, archiving and data retention. • Store 3 Copies & use for web, media files • In production today – Rackspace’s Cloud Files, • Architectural overview: – http://swift.openstack.org/overview_architecture.html
  • Swift • Object storage, objects “live” on an endpoint. – An endpoint could be any storage device • Every object belongs to a user/account pair. – keystone tenant : swift account – keystone user : swift user – keystone role : swift group • Proxy, Ring, and Workers • Account, Container, Object
  • Duplicated storage, load balancing ↑ Logical view ↓Physical arrangement ← Stores real objects ←Stores object metadata ↑Stores container / object metadata
  • Workers can be a account server, a container server, or an object server
  • Cinder What Is It? • Block Storage allows block devices to be exposed and connected to compute instances for expanded storage, better performance and integration with enterprise storage platforms. • OpenStack provides persistent block level storage devices for use with OpenStack compute instances. Can be exposed to applications as well. • Block storage volumes are fully integrated into OpenStack Compute and the Dashboard allowing for cloud users to manage their own storage needs.
  • Cinder (Contd.)  This is block storage (or volumes) and currently there are blueprints for filesystems like NFS or CIFS share • Used for adding additional persistent storage to a virtual machine (VM) • Persists until deleted • Access associated with a VM • Mounted via OpenStack Block-Storage controlled protocol (for example, iSCSI) • Sizings based on need • Example: 1TB "extra hard drive”
  • Cinder Capabilities         Cinder manages block storage Volumes attach to VM Instances Boot from volume Volumes have a lifecycle independent of VM instance Admin can create tiers of storage. e.g. two LVM backends, one with SSD’s and the other with HDD’s. Users can specify a tier they want when creating a volume. A backup is an archived copy of a Volume stored in a object store. A backup is just the data that was written, unlike a snapshot which is the entire block.
  • Cinder call flow Database Queue Cinder API C- scheduler Cinder Vol Cinder Vol Cinder Vol iSCSI NFS
  • Cinder Service  Cinder-api  Cinder-schedular  Cinder-volume
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Glance • Image storage and indexing. • Keeps a database of metadata associated with an image, discover, register, and retrieve. • Built on top of Swift, images store in Swift • Two servers: – Glance-api: public interface for uploading and managing images. – Glance-registry: private interface to metadata database • Support multiple image formats
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Nova • Major components: – API: public facing interface – Message Queue: Broker to handle interactions between services, currently based on RabbitMQ – Scheduler: coordinates all services, determines placement of new resources requested – Compute Worker: hosts VMs, controls hypervisor and VMs when receives cmds on Msg Queue – Volume: manages permanent storage
  • Nova Messaging and Data • Messaging is managed through RabbitMQ – Server that allows messages to be posted to channels. – Subscribers to channels receive messages. – Services regularly announce availability. – Scheduler regularly reads for availability. – Scheduler makes requests to services. • Persistent data stored in a database. – VM metadata, network topology, volume metadata, known services
  • Messaging (RabbitMQ) • Get data from point A to point B • Decouple publishers and consumers • Queueing for later delivery • Load balancing and scalability • RabbitMQ is an AMQP messaging broker • Advanced Message Queueing Protocol • Network wire-level protocol • Internet protocol - like HTTP, TCP - but ASYNCHRONOUS
  • Agenda • OpenStack Brief Overview • “Keystone” Identity • “Storage” • “Glance” Image • “Nova” Compute • “Without Quantum” Networking • “Quantum” Networking
  • Without Quantum • Originally, Nova handles all networking by: – Linux bridge networking – Virtual interfaces connecting network through the physical interface – Assigns VM IP address – Fixed IP: Returns when VM shuts down – Floating IP: Can be reassigned online • Network Manager provides VN to enable compute servers to interact with each other and the public network • A Blog states currently 90% Nova bugs are network related
  • Original Network Manager • Each VM network owned by one network host – Simply a Linux running Nova-network daemon • Nova Network node is the only gateway • Flat Network Manager: – Linux networking bridge forms a subnet – All instances attached same bridge – Manually Configure server, controller, and IP • Flat DHCP Network Manager: – Add DHCP server along same bridge • Later: VLAN Network Manager
  • Bridged Networking • One network card acts as many devices. • Host does not need an IP address. • Hypervisor sets virtual MAC address for guest machine. • ACISS uses bridges, along with Virtual Local Area Networks (VLANs) to segment traffic and assign network addresses.
  • Linux running Nova-network daemon Network host will act as the gateway for all the NICs bridged into that network. VMs bridged in to a raw Ethernet device The only gateway With security measures
  • What does Quantum provide ?  API for Networking in OpenStack  Nova Integration  OSI Network Layers L2 + L3    Decouples Logical / Tenant view of the network from Physical / Provider Provides connectivity to VMs, Decouples logical /Tenant view of the network from Physical/Provider. Manage OSI Network Layers L2 & L3 with an API.
  •   Cont... Not yet full-integraded with Dashboard : only L2 is working. L3 should be managed from CLI. Horizon can't manage L3 (routers + floatings IP). Networking backed by plugins : Open-vSwitch, Linux Bridge, Cisco, OpenFlow (BigSwitch, Floodlight, NEC, Ryu, etc), Midonet (Midokura) and NVP (Nicira /Vmware).
  • Quantum Openvswitch plugin The Quantum Openvswitch plugin consists of two components: • 1) A plugin loaded at runtime by the Quantum service. The plugin processes all API calls and stores the resulting logical network data model and associated network mappings in a database backend . • 2) An agent which runs on each compute node (i.e., each node running nova-compute). This agent gathers the configuration and mappings from the central mysql database and communicates directly with the local Open vSwitch instance to configure flows to implement the logical data model.
  • Plugin • The component where the ‘virtual networking’ magic happens. Fulfills API contract by implementing the ‘Plugin Interface’ • Tenants expect same behavior from Quantum API regardless of the particular plugin employed • Available Quantum Plugins: – Open vSwitch: Builds isolated networks with OVS and L2-in-L3 tunnels. – Cisco UCS: Isolation based on VLAN and net-profiles applied to Cisco UCS – converged network adapters – Linux Bridge: Build isolated networks with VLAN interfaces and linux bridge – NTT-Data Ryu: Acts as a proxy for the NTT Ryu platform – Nicira NVP: Acts as a proxy for the Nicira NVP platform
  • The Quantum Manager • Nova’s network manager for Quantum. Forwards network related requests. • Also, provides other network services such as IP address management, DHCP, NAT, Floating IPs… • Virtual Networking: A label nowadays applied to too many solutions and products. – Securely partitioning the network – Defining virtual network topologies – Automating network provisioning
  • Thanks