Sanger has a vision of performing world class bio-informatics research for the benefit of human health. As research continues to generate new spinout companies, they require a flexible and cost effective way of bringing services to life as required and with the SLA's and performance that they need for a cost that they can afford. This presentation walks through how Sanegr IT have created such a platform.
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014Belmiro Moreira
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale
OpenStack Design Summit, Paris - November, 2014
Belmiro Moreira - CERN
Matt Van Winkle - Rackspace
Sam Morrison - NeCTAR, University of Melbourne
Sanger OpenStack presentation March 2017Dave Holland
A description of the Sanger Institute's journey with OpenStack to date, covering RHOSP, Ceph, S3, user applications, and future plans. Given at the Sanger Institute's OpenStack Day.
Sanger has a vision of performing world class bio-informatics research for the benefit of human health. As research continues to generate new spinout companies, they require a flexible and cost effective way of bringing services to life as required and with the SLA's and performance that they need for a cost that they can afford. This presentation walks through how Sanegr IT have created such a platform.
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014Belmiro Moreira
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale
OpenStack Design Summit, Paris - November, 2014
Belmiro Moreira - CERN
Matt Van Winkle - Rackspace
Sam Morrison - NeCTAR, University of Melbourne
Sanger OpenStack presentation March 2017Dave Holland
A description of the Sanger Institute's journey with OpenStack to date, covering RHOSP, Ceph, S3, user applications, and future plans. Given at the Sanger Institute's OpenStack Day.
Learning to Scale Openstack: A Case Study in Rackspace's Open Cloud Deployment was presented at OpenStack Design Summit in Portland, OR on April 17, 2013. Watch the recording of the presentation on youtube at the following link: http://www.youtube.com/watch?v=3x8X6f5mnzc
OpenStack Summit Vancouver: Lessons learned on upgradesFrédéric Lepied
Deploying OpenStack in production at any scale, upgrade support is one of the requirements to have a successful deployment. Without upgrade management, adeployment will have bugs and security issues from day 1. Also in longer term, it will miss the latest features that OpenStack offers.
10 Years of OpenStack at CERN - From 0 to 300k coresBelmiro Moreira
CERN, the European Laboratory for Particle Physics, provides the infrastructure and resources to thousands of scientists all around the world to uncover the mysteries of the Universe. In the quest to build a private Cloud Infrastructure to support its users, CERN started early evaluating the OpenStack project, building several prototypes and engaging with the community. Finally, in 2013 CERN released its production Cloud Infrastructure using OpenStack. Since then we moved from a few hundred cores to a multi-cell deployment spread between different regions. After 7 years deploying and managing OpenStack in production at a large scale, we now look back and discuss the challenges of building a massive scale infrastructure from 0 to +300K cores. In this talk we will dive into the history, architecture, tools and technical decisions behind the CERN Cloud Infrastructure over the years.
CERN is the European Centre for Particle Physics based in Geneva. The home of the Large Hadron Collider and the birth place of the world wide web is expanding its computing resources with a second data centre to process over 35PB/year from one of the largest scientific experiments ever constructed.
Within the constraints of fixed budget and manpower, agile computing techniques and common open source tools are being adopted to support over 11,000 physicists in their search for how the universe works and what is it made of.
By challenging special requirements and understanding how other large computing infrastructures are built, we have deployed a 50,000 core cloud based infrastructure building on tools such as Puppet, OpenStack and Kibana.
In moving to a cloud model, this has also required close examination of the IT processes and culture. Finding the right approach between Enterprise and DevOps techniques has been one of the greatest challenges of this transformation.
This talk will cover the requirements, tools selected, results achieved so far and the outlook for the future.
Learning to Scale Openstack: A Case Study in Rackspace's Open Cloud Deployment was presented at OpenStack Design Summit in Portland, OR on April 17, 2013. Watch the recording of the presentation on youtube at the following link: http://www.youtube.com/watch?v=3x8X6f5mnzc
OpenStack Summit Vancouver: Lessons learned on upgradesFrédéric Lepied
Deploying OpenStack in production at any scale, upgrade support is one of the requirements to have a successful deployment. Without upgrade management, adeployment will have bugs and security issues from day 1. Also in longer term, it will miss the latest features that OpenStack offers.
10 Years of OpenStack at CERN - From 0 to 300k coresBelmiro Moreira
CERN, the European Laboratory for Particle Physics, provides the infrastructure and resources to thousands of scientists all around the world to uncover the mysteries of the Universe. In the quest to build a private Cloud Infrastructure to support its users, CERN started early evaluating the OpenStack project, building several prototypes and engaging with the community. Finally, in 2013 CERN released its production Cloud Infrastructure using OpenStack. Since then we moved from a few hundred cores to a multi-cell deployment spread between different regions. After 7 years deploying and managing OpenStack in production at a large scale, we now look back and discuss the challenges of building a massive scale infrastructure from 0 to +300K cores. In this talk we will dive into the history, architecture, tools and technical decisions behind the CERN Cloud Infrastructure over the years.
CERN is the European Centre for Particle Physics based in Geneva. The home of the Large Hadron Collider and the birth place of the world wide web is expanding its computing resources with a second data centre to process over 35PB/year from one of the largest scientific experiments ever constructed.
Within the constraints of fixed budget and manpower, agile computing techniques and common open source tools are being adopted to support over 11,000 physicists in their search for how the universe works and what is it made of.
By challenging special requirements and understanding how other large computing infrastructures are built, we have deployed a 50,000 core cloud based infrastructure building on tools such as Puppet, OpenStack and Kibana.
In moving to a cloud model, this has also required close examination of the IT processes and culture. Finding the right approach between Enterprise and DevOps techniques has been one of the greatest challenges of this transformation.
This talk will cover the requirements, tools selected, results achieved so far and the outlook for the future.
Grid'5000: Running a Large Instrument for Parallel and Distributed Computing ...Frederic Desprez
The increasing complexity of available infrastructures (hierarchical, parallel, distributed, etc.) with specific features (caches, hyper-threading, dual core, etc.) makes it extremely difficult to build analytical models that allow for a satisfying prediction. Hence, it raises the question on how to validate algorithms and software systems if a realistic analytic study is not possible. As for many other sciences, the one answer is experimental validation. However, such experimentations rely on the availability of an instrument able to validate every level of the software stack and offering different hardware and software facilities about compute, storage, and network resources.
Almost ten years after its premises, the Grid'5000 testbed has become one of the most complete testbed for designing or evaluating large-scale distributed systems. Initially dedicated to the study of large HPC facilities, Grid’5000 has evolved in order to address wider concerns related to Desktop Computing, the Internet of Services and more recently the Cloud Computing paradigm. We now target new processors features such as hyperthreading, turbo boost, and power management or large applications managing big data. In this keynote we will both address the issue of experiments in HPC and computer science and the design and usage of the Grid'5000 platform for various kind of applications.
A “meta‑cloud” for building clouds
Build your own cloud on our hardware resources
Agnostic to specific cloud software
Run existing cloud software stacks (like OpenStack, Hadoop, etc.)
... or new ones built from the ground up
Control and visibility all the way to the bare metal
“Sliceable” for multiple, isolated experiments at once
OpenNebulaConf2015 1.07 Cloud for Scientific Computing @ STFC - Alexander DibboOpenNebula Project
The Science and Technology Facilities Council is a UK Research Council which funds research and provides large facilities to the UK Scientific Community. This includes running a Tier 1 site for the LHC computing project, the JASMIN Super Data Cluster and a number of other HPC and HTC facilities. The Scientific Computing Department at the Rutherford Appleton Laboratory has been developing a cloud for use across both sites of the Department and in the wider scientific community. This is an OpenNebula backed by Ceph block storage. I will give a brief background of the project, describe our set up, some use cases and the work we have done around OpenNebula (including a simplified web front-end and a number of hooks to provide us with traceability). I will also discuss how we are creating an elastic boundary between our HTC batch farm and cloud.
Author Biography
I am a Systems Administrator in the Scientific Computing Department of the UK’s Science and Technology Facilities Council. I work as part of the cloud team and I also work on a number of Grid services including our HTC batch farm for the LHC computing project.
Prior to my position here I worked in IT at a SMB focusing on Storage and Virtualisation, in particular Hyper-V and VMWare.
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014Patrick McGarry
Everyone needs storage, but Open Source is changing how we think about storage infrastructure through new features, added durability, and reduced cost. New storage solutions like Ceph are providing distributed, flexible, powerful options that can support a myriad of use cases across object, block, and file system applications. This talk will explore the history and basics of Ceph, the current status of the community, and where the project is headed in the near future.
OCCI - The Open Cloud Computing Interface – flexible, portable, interoperable...Alan Sill
The Open Cloud Computing Interface (OCCI) specification set defines a general protocol and API applicable to many different cloud resource management tasks.
OCCI began as a remote management API for IaaS model based Services, allowing for the development of interoperable tools for common tasks including deployment, autonomic scaling and monitoring. It has since evolved into a general-purpose flexible RESTful API framework with a strong focus on integration, portability, interoperability and innovation while still remaining highly extensible.
OCCI is suitable to serve many other models in addition to IaaS, including e.g. PaaS and SaaS. The current release (v1.1) of OCCI has achieved a high degree of adoption and implementation in production in a wide variety of languages, projects, software products and application areas.
The OCCI working group is in the process of developing an update of the OCCI specifications as version 1.2 with improvements that result from nearly four years of successful field experience. This version will be backwards compatible with v1.1 and will include:
- A new JSON rendering to accompany updates to the existing HTTP and text renderings.
- Minor updates of current OCCI core infrastructure model and specification.
- New extensions that will include PaaS support, notifications support and SLA support.
?In addition, the OCCI group is considering best methods for support of additional features, including monitoring, key management and security, interdomain networking and direct interface support for popular batch systems through the Distributed Resource Management Application API (DRMAA) standard.
The number of production CI environments increased from 2 in Arno to 8 with Brahmaputra, each dedicated to a particular installer version (OPNFV flavor and scenario). In future in order to improve overall robustness of the platform production test resources should be independent from installers and scenarios. Furthermore testing between OPNFV deployments will be needed to ensure the promise of data-center interoperability. This presentation deals with mid and long term challenges of the OPNFV testing infrastructure.
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015Belmiro Moreira
Tips Tricks and Tactics with Cells and Scaling OpenStack
OpenStack Design Summit, Paris - May, 2015
Belmiro Moreira - CERN
Matt Van Winkle - Rackspace
Sam Morrison - NeCTAR, University of Melbourne
In this talk, Tim Bird will discuss the recent status of the Linux with regard to embedded systems. This will include a review of the last year's worth of mainline kernel releases, as well as topic areas specifically related to embedded, such as boot-up time, security, system size, etc. Tim will also present recent and planned work by the Core Embedded Linux Project of the Linux Foundation, and discuss the current status of Linux in various markets and fields. Tim will go over current areas of work, and discuss remaining challenges faced by Linux in embedded projects.
- Introduction to Kubernetes features
- A look at Kubernetes Networking and Service Discovery
- New features in Kubernetes 1.6
- Kubernetes Installation options
To know more about our Kubernetes expertise, visit our center of excellence at: http://www.opcito.com/kubernetes/
[Presented at All Things Open 2015 in Raleigh, NC, USA]
OpenStack is one of the fastest-growing and exciting open source projects of our time. OpenStack has drawn together technologists from all over the world to create a cloud operating system and a huge, diverse community behind it. This talk will provide an introduction to OpenStack for newcomers to the project of those who just want to know more. We’ll take a brief look at OpenStack’s history, get a technical overview of the project, learn how to contribute, and check out a few emerging trends and hot topics in the OpenStack world.
Similar to 20140509 cern open_stack_linuxtag_v3 (20)
Review of CERN's objectives and how the computing infrastructure is evolving to address the challenges at scale using community supported software such as Puppet and OpenStack.
CERN, the European Organization for Nuclear Research, is one of the world’s largest centres for scientific research. Its business is fundamental physics, finding out what the universe is made of and how it works. At CERN, accelerators such as the 27km Large Hadron Collider, are used to study the basic constituents of matter. This talk reviews the challenges to record and analyse the 25 Petabytes/year produced by the experiments and the investigations into how OpenStack could help to deliver a more agile computing infrastructure.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
3. 09/05/2014 LinuxTag 2014 3
CERN was founded 1954: 12 European States
“Science for Peace”
Today: 21 Member States
Member States: Austria, Belgium, Bulgaria, the Czech Republic, Denmark,
Finland, France, Germany, Greece, Hungary, Israel, Italy, the Netherlands,
Norway, Poland, Portugal, Slovakia, Spain, Sweden, Switzerland and
the United Kingdom
Candidate for Accession: Romania
Associate Members in Pre-Stage to Membership: Serbia
Applicant States for Membership or Associate Membership:
Brazil, Cyprus (awaiting ratification), Pakistan, Russia, Slovenia, Turkey, Ukraine
Observers to Council: India, Japan, Russia, Turkey, United States of America;
European Commission and UNESCO
~ 2,300 staff
~ 1,000 other paid personnel
> 11,000 users
Budget (2013) ~1,000 MCHF
8. A Big Data Challenge
09/05/2014 LinuxTag 2014 8
In 2014,
• 100PB archive with additional 35PB/year
• 10,000 servers
• 75,000 disk drives
• 45,000 tapes
In 2015,
• Run 2 of LHC expected to double data rates
• But many limits and limitations…
12. Status
• Multi-data centre cloud in production since July
2013 (Geneva and Budapest)
• Currently running OpenStack Havana
• KVM and Hyper-V deployed
• All configured automatically with Puppet
• 65,000 cores in CERN IT Private Cloud
• 3PB Ceph pool available for volumes, images and
other physics storage
09/05/2014 LinuxTag 2014 12
13. 09/05/2014 LinuxTag 2014 13
Microsoft Active
Directory
CERN DB
on Demand
CERN Network
Database
Account mgmt
system
Horizon
Keystone
Glance
Network
Compute
Scheduler
Cinder
Nova
Block Storage
Ceph & NetApp
CERN
Accounting
Ceilometer
16. Architecture Components
16
rabbitmq
- Keystone
- Nova api
- Nova conductor
- Nova scheduler
- Nova network
- Nova cells
- Glance api
- Ceilometer agent-central
- Ceilometer collector
Controller
- Flume
- Nova compute
- Ceilometer agent-compute
Compute node
- Flume
- HDFS
- Elastic Search
- Kibana
- MySQL
- MongoDB
- Glance api
- Glance registry
- Keystone
- Nova api
- Nova consoleauth
- Nova novncproxy
- Nova cells
- Horizon
- Ceilometer api
- Cinder api
- Cinder volume
- Cinder scheduler
rabbitmq
Controller
Top Cell Children Cells
- Stacktach
- Ceph
- Flume
17. Some Caution on Cells
• Single cell limits around 1,000 hypervisors
• Can be adapted using Bluehost alternative approach
with MySQL replication
• Significant function gap being worked on
• Flavors, Availability zones, Scheduling, Ceilometer
need workarounds
• Tested in the OpenStack gate
• Not blocking so local QA environment needed
09/05/2014 LinuxTag 2014 17
18. Scheduling at Scale
• CERN users want more sophisticated scheduling:
• Processor architecture
• Private network subnets
• Varying memory/core/disk ratios
• Hardware with more redundancy
• Servers should be used fully
• Tetris-like problem to find the matches
• Packing is more difficult the nearer to 100% used
• Cells scheduler is rather simple currently
• Try Cell X, if not match, try Cell Y…
09/05/2014 LinuxTag 2014 18
19. Upgrade Strategy
• Surely “OpenStack can‟t be upgraded”
• Our Essex, Folsom and Grizzly clouds were „tear-down‟
migrations
• Puppet managed VMs are typical Cattle cases – re-create
• User VMs snapshot, download image and upload to new instance
• One month window to migrate
• Users of production services expect more
• Physicists accept not creating/changing VMs for a short period
• Running VMs must not be affected
09/05/2014 LinuxTag 2014 19
20. Phased Migration
• Migrated by Component
• Choose an approach (online with load balancer, offline)
• Spin up „teststack‟ instance with production software
• Clone production databases to test environment
• Run through upgrade process
• Validate existing functions, Puppet configuration and monitoring
• Order by complexity and need
• Ceilometer, Glance, Keystone
• Cinder, Client CLIs, Horizon
• Nova
09/05/2014 LinuxTag 2014 20
21. Upgrade Experience
• No significant outage of the cloud
• During upgrade window, creation not possible
• Small incidents (see blog for details)
• Puppet can be enthusiastic! - we told it to be
• Community response has been great
• Bugs fixed and points are in Juno design summit
• Rolling upgrades in Icehouse will make it easier
09/05/2014 LinuxTag 2014 21
22. OpenStack Federation
• OpenStack clouds in many high energy physics sites
• 2 more clouds at CERN in experiment areas (>20K cores each)
• Many collaborating sites adopting OpenStack
• Rackspace collaboration in Openlab
• Aim for seamless cloud resources (CERN, sites, public)
• All code to be included as open source in core OpenStack
• Federation building blocks (authentication, images, compute)
• Authentication included in Icehouse
• More to come…
09/05/2014 LinuxTag 2014 22
23. Next Steps
• Scaling to >100,000 cores by 2015
• Around 100 hypervisors per week with fixed staff
• Deploying and configurimg the latest features
• Kerberos / X.509 certificate authentication
• Delegated quota management
• Orchestration
• Database as a Service
• Cells scaling and scheduling
• Federation
09/05/2014 LinuxTag 2014 23
24. Summary
• OpenStack at CERN is in production for thousands of
physicists to analyse the results of the LHC
• Rapid innovation around OpenStack gives new function
at an incredible rate
• Upgrades already done at scale and are approaching
transparent in future
• Collaboration around vibrant open source communities
has delivered production quality services
09/05/2014 LinuxTag 2014 24
25. Questions ?
09/05/2014 LinuxTag 2014 25
• Details at
http://openstack-in-
production.blogspot.fr
• CERN User guide at
http://information-
technology.web.cern.ch/boo
k/cern-private-cloud-user-
guide
• Previous presentations at
http://information-
technology.web.cern.ch/boo
k/cern-private-cloud-user-
guide/openstack-information
27. Service Models
09/05/2014 LinuxTag 2014 27
• Pets are given names like pussinboots.cern.ch
• They are unique, lovingly hand raised and cared for
• When they get ill, you nurse them back to health
• Cattle are given numbers like vm0042.cern.ch
• They are almost identical to other cattle
• When they get ill, you get another one
31. 09/05/2014 LinuxTag 2014 31
Tier-1 (11 centres):
•Permanent storage
•Re-processing
•Analysis
Tier-0 (CERN):
•Data recording
•Initial data reconstruction
•Data distribution
Tier-2 (~200 centres):
• Simulation
• End-user analysis
• Data is recorded at CERN and Tier-1s and analysed in the Worldwide LHC
Computing Grid
• In a normal day, the grid provides 100,000 CPU days executing over 2 million jobs
40. Metering at Scale
• Ceilometer provides metering functions for
OpenStack
• Requires careful configuration for cells
09/05/2014 LinuxTag 2014 40
41. I/O at Scale
• Most hypervisors are recycled servers
• Most are 2 SATA disks 1-2 TBs
• Some SSD but limited capacity
• IOPS limited with local storage
• Some guest tuning e.g. Linux scheduler
• General approach to use remote storage
• Ceph storage
• Network protocols such as webdav
09/05/2014 LinuxTag 2014 41
Editor's Notes
Over 1,600 magnets lowered down shafts and cooled to -271 C to become superconducting. Two beam pipes, vacuum 10 times less than the moon
These collisions produce data, lots of it. Over 100PB currently 45,000 tapes… data rates of up to 35 PB/year currently and expected to significantly increase in the next run in 2015. The data must be kept at least 20 years so we’re expecting exabytes….
Recording and analysing the data takes a lot of computing power.The CERN computer centre was built in the 1970s for mainframes and crays. Now running at 3.5MW of power, it houses 11,000 servers but is at the limit of cooling and electrical power. It is also a tourist attraction with over 80,000 visitors last year!As you can see, racks are only partially empty in view of the limits on cooling.
We adopted a Google toolchain approach. The majority of home written software was replaced by open source projects. Commercial tools which were already working well such as JIRA and Active Directory were maintained. The approach was to select a tool, prototype, fail early and then refine requirements (following the we are not special approach)Key technologies were Puppet for configuration management and OpenStack for the private cloud.
Already 3 independent clouds – federation is now being studiedRackspace inside CERN openlabHelix Nebula as discussed later
HA Proxy load balancers to ensure high availabilityRedundant controllers for compute nodesCells used by the largest sites such as Rackspace and NeCTAR – more than 1000 hypervisors is the recommended configuration
Child cells have their own keystone in view of load from ceilometerRequires care to set up and test
The Worldwide LHC Computing grid is used to record and analyse this data. The grid currently runs over 2 million jobs/day, less than 10% of the work is done at CERN. There is an agreed set of protocols for running jobs, data distribution and accounting between all the sites which co-operate in order to support the physicists across the globe.
We asked our 20 member states to make us an offer for server hosting using public procurement. 27 proposals and Wigner centre in Budapest, Hungary was chosen. This allows us to envisage sufficient computing and online storage for the run from 2015.