Mark Voelker VMware - OpenStack Architect Tuesday, Oct 20th 10:30 am - Cloud Find more by Mark Voelker: http://www.slideshare.net/markvoelker/

1. © 2014 VMware Inc. All rights reserved.
OpenStack 101
Or: “Take the red pill”
Mark T. Voelker, OpenStack Architect
Oct. 20, 2015
All Things Open 2015

2. CONFIDENTIAL 2
Remember the first time you
were asked to stand up a
distributed system?
Or maybe a series of
cooperating ones?

3. CONFIDENTIAL 3
Turns out, distributed systems are both very powerful
…and sometimes hard to learn.

4. CONFIDENTIAL 4
But at least the fine manuals are all pretty clear for these things.
…right?
?

5. CONFIDENTIAL 5
A little help making that first leap goes a long way.
So where do you start?

6. 6

7. “A computer nerd….is somebody who uses a computer in order to use a computer.”
–Douglas Adams
Mark T. Voelker (@marktvoelker)
• OpenStack Architect @ VMware, OpenStack ATC, Former Puppet-OpenStack core dev, Triangle
OpenStack Meetup founder, OS Foundation Member #54, DefCore Committee Member
• Fact: can be bribed with doughnuts
• OpenStack community member since 2011, VMware since 11 months ago.
• In copious (hah!) spare time: data center OS’s, Big Data, Massively Scalable Data Centers, DevOps,
outdoorsey stuff, making sawdust

8. Let’s begin.

9. “OpenStack software controls large pools of compute, storage, and networking resources throughout a datacenter,
managed through a dashboard or via the OpenStack API. OpenStack works with popular enterprise and open source
technologies making it ideal for heterogeneous infrastructure…The software is built by a thriving community of
developers, in collaboration with users, and is designed in the open…”
What if I told you….

10. …ok, let me rephrase that.

11. Basically: it’s software to run cloud services (compute, storage, network, etc) and
the community behind that software.

12. History
• Founded July 2010 by Rackspace, NASA, & friends
– NASA contributed a compute controller (Nova)
– Rackspace contributed an object storage controller (Swift)
• 12th release (Liberty) just went live a few days ago
– The project now follows a 6-month release cycle
• Hundreds of companies and thousands of people contribute
– 1,933 contributors from 164 organizations in the last release
– It’s probably easier to list IT/cloud companies that aren’t involved somehow than it is to list the ones that are:

13. Structure

14. Structure
• The OpenStack Foundation
– Membership free for individuals
– Platinum, Gold, Corporate memberships paid for by member companies
– Board of Directors comprised of Platinum, some Gold, and generally elected members
• Provides strategic & financial oversight of Foundation resources & staff
– Controls the OpenStack brand & logo, coordinates events, etc
• The Technical Committee
– Provides technical leadership for OpenStack as a whole
– Enforces OpenStack ideals (Openness, Transparency, Commonality, Integration, Quality)
– Elected by active technical contributors (ATC’s) to the project
• Project Team Leaders
– Elected to lead individual projects by contributors to those projects
• User Committee
– Represents users with the Technical Committee and Board of Directors

15. All to give you this: power.
The power to build a cloud out of the stuff you want, or use one
Someone else has built for you to consume.

16. How to Participate
• IRC Channels and Mailing Lists
• User/Meetup Groups
– Local to RTP? http://meetup.com/Triangle-OpenStack-Meetup/
• Code is in git, reviewed in Gerrit, mirrored on GitHub, Bugs in Launchpad
• Two annual Design Summit/Conferences
– I leave for Tokyo this Saturday
– Spring 2016: Austin
– Fall 2016: Barcelona
• There’s a welcome guide here.
• You can try out OpenStack as a user here or get a development instance running on your
laptop to start hacking on here.

17. What are people using it for?
Much more info from
annual User Survey data

18. With hundreds of projects
available, it’s a very flexible
platform.

19. You get to choose which
projects you deploy.

20. But a few
projects are
where the
majority of the
focus (and
users) are.

21. Horizon (GUI)
Nova (Compute) Neutron (Networking)
Swift (Object Storage)
Cinder (Block storage)
Glance
(VM Image Service)
Keystone
(Identity Service)
OpenStack: The Software
AWS Management Console
EC2 VPC/ELB
S3
EBS
Ceilometer
(Telemetry Service)
Trove (Database as a Service)
Heat (Orchestration)
Sahara (Data Processing)
EMR
RDS
AWS CloudFormation
and AWS comparables

22. DefCore: the new interoperability standard for OpenStack Powered™ products
• The DefCore Committee creates Guidelines to
which products must adhere if they use the
OpenStack name or OpenStack Powered logo.
• Guidelines contain a list of Capabilities that
products must expose and tests they must pass in
order to prove it.
• Guidelines also contain Designated Sections of
code products must use to provide those
Capabilities

23. Keystone: the Identity Service

24. • Provides a central service for authentication and authorization as well as a service catalog
(e.g. a list of where the API endpoints of other services are)
• Abstracts various backend auth services
– SQL databases
– LDAP/AD
• Uses a bearer token model
– Clients are assigned a token which they present to other services in headers
• Multiple token types
– UUID
– PKI/PKIz
– Fernet
• Can federate
– E.g. use another keystone as a service provider via SAML assertion

25. Primitives:
• Tokens
• Services
• Endpoints
• Domains
• Projects
• Groups
• Credentials
• Roles
• Policies

26. Glance:
The Image Service

27. • Houses virtual machine images that can later be launched as instances
• Abstracts various image containers and disk formats
– Note: this does not mean that we magically make all image formats work on all hypervisors although there
are some ways to do conversion
– Bare, OVF, AKI, ARI, AMI
– Qcow2, raw, VHD, AKI/ARI/AMI, ISO, VDI, VMDK
• Multiple storage backends
– File, Swift, Ceph, etc

28. Primitives:
• Images
• Metadata
• Tags
• Tasks

29. Nova: The Compute Controller

30. • Basically, it’s what takes care of launching VM instances (think Amazon EC2) and plugging
things into them.
• Nova abstracts hypervisors and pools of computer hardware.
• Most operations can be involved with a REST API call, a CLI client, or a few clicks in the
Horizon web GUI.
• A few high-level features:
– Supports most hypervisors
– Distributed, mostly asynchronous architecture
– Public REST API, SQL backend DB, AMQP for RPC
– Supports security groups
– Several means of providing resource segregation
• Host aggregates
• Availability zones
• Regions
• Cells

31. Some primitives:
• Flavors
• Servers
• Keypairs
• Quotas
• Aggregates

32. Neutron: the network controller

33. • Provides tenants with the ability to create isolated or shared L2 and L3 virtual networks,
route between them, and connect compute instances to them
• Abstracts various networking backends
– SDN controllers
– Physical switches
– Dozens of backend plugins, both open source and proprietary
• Supports IPv4 and IPv6 (depending on plugin)
• Organized as a “stadium” project to house many networking subprojects with their own
lieutenants
• Can also provide L4-L7 services
– Load Balancing as a Service
– VPN as a Service
– Firewall as a Service

34. Primitives:
• Networks
• Subnets
• Ports
• Quotas
• Security groups
• Routers
• VIPs
• Health Monitors
• Pools
• Members

35. Swift: The object storage service

36. • Provides highly available, distributed, eventually consistent object storage.
• Can (and often is) run completely independently of OpenStack Compute.
• Optimized around durability and availability
• One of the most long-lived API’s in OpenStack (still v1)
• Similar in some respects to Hadoop HDFS and Amazon S3
– Replicates objects over multiple machines (usually at least 3)
– Replicas lost due to hardware failures can be re-replicated
– Clusters can be rebalanced

37. Primitives:
• Accounts
• Containers
• Objects

38. Cinder: the block storage service

39. • Provides persistent block storage volumes to compute instances
• Abstracts underlying storage systems
• Originally part of Nova itself, but split out into it’s own project since the Folsom release
• Dozens of drivers
– EMC, NetApp, LVM, VMware, Gluster, Nexenta, NFS, Ceph, SolidFire, etc etc etc
• Volumes appear to instances as block devices
– E.g. a virtual hard drive
• There’s a separate service for shared file systems called Manila

40. Primitives:
• Volumes
• Backups
• Snapshots
• Quota sets
• QoS Specs

41. And much more!
• Documentation
• CI & Infrastructure
• Client libraries
• Oslo (common libs)
• DevStack
• Tempest (integration tests)
• Rally (benchmarking/scale
test)
• Modules for deploying with
Ansible, Puppet, Chef, Salt
• Metering service
• DNS as a Service
• Data Processing Service
• Bare metal service
• Container service
• Orchestration service
• Key management service
• Queue service
• Database as a service

42. Questions?

43. Thank You
@marktvoelker