1. GMO Internet has optimized their OpenStack models over time, initially using Nova network on Onamae.com VPS with Diablo, then implementing Quantum overlay network on ConoHa with Grizzly. They launched GMO AppsCloud with Havana featuring Cinder, Swift, and baremetal compute.
2. ConoHa and GMO AppsCloud have since upgraded to Juno, with ConoHa adding multi-region support across Tokyo, Singapore, and San Jose with Designate DNSaaS and domain structures for tenants.
3. GMO Internet shares a Swift object storage cluster between their different OpenStack installations.
OpenStack Korea 2015 상반기스터디(devops) 스크립트로 오픈스택 설치하기 20150728jieun kim
※ 본 발표자료는 DevOps팀의 codetree님이 주도적으로 작성하신 shell script를 리뷰하여 작성하였습니다.
[OpenStack Korea Community Study Group, DevOps]
2015년 상반기 두번째 스터디, DevOps Class
"쉘 스크립트를 활용한 오픈스택 Kilo 설치 - 10분만에 끝내기"
D2에서 진행한 스터디 마무리 발표, 2번째 발표에대한 자료입니다.
OpenStack Korea 2015 상반기스터디(devops) 스크립트로 오픈스택 설치하기 20150728jieun kim
※ 본 발표자료는 DevOps팀의 codetree님이 주도적으로 작성하신 shell script를 리뷰하여 작성하였습니다.
[OpenStack Korea Community Study Group, DevOps]
2015년 상반기 두번째 스터디, DevOps Class
"쉘 스크립트를 활용한 오픈스택 Kilo 설치 - 10분만에 끝내기"
D2에서 진행한 스터디 마무리 발표, 2번째 발표에대한 자료입니다.
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...Masaaki Nakagawa
DOCOMO MAIL is 24/7 cloud mail system which has accesses from over 20 million people. This mail system stores user's mail archive in OpenStack Swift with Peta Byte scale capacity deployed by NTT DATA.
We have been successfully operating this service since Sep 2014 without any downtime. In this session, we'll present the actual issues and challenges we have faced and conquered.
Here're some specific points we'd like to highlight.
* No service degrade, no downtime.
* Massive scale and still growing.
* Hundreds of servers operated by few people.
Compute 101 - OpenStack Summit Vancouver 2015Stephen Gordon
OpenStack Compute (Nova), has been a core component of OpenStack since the original Austin release in 2010. In the intervening years development has proceeded at a rapid pace adding support for new virtualization technologies and exposing additional features. Learn how Compute fits into the OpenStack architecture, and how it interacts with other OpenStack components and the hypervisors it manages.
Presentation from OpenStack Summit Tokyo
Online video link is below.
https://www.openstack.org/summit/tokyo-2015/videos/presentation/approaching-open-source-hyper-converged-openstack-using-40gbit-ethernet-network
- What is NOVA ?
- NOVA architecture
- How instance are spawned in Openstack ?
- Interaction of nova with other openstack projects like neutron, glance and cinder.
A lot of Internet of things devices use linux as its core. More so with the advent of DIY projects and Internet of things projects. A lot of Raspberry PI's, Beaglebone, Tessel boards are out there with default settings, and all connected to the internet, ready to be taken over. With the recent dyn DNS attack its of prime importance to know how we can keep these end point devices secure and out of the hands of botnet hoarders, attackers. In this presentation Rabimba Karanjai will show how to harden the security on these endpint devices taking a RaspBerry PI as an example. He will explain different techniques with code examples along with a toolkit made specifically for this demo which will make devices considerable harder to compromise. And even when they are, will allow to locate and detect the breach. After all, proetcting the device fially protects us all (prevents another DDOS)
Openstack summit walk DNSaaS 2015-0713 Summit LTNaoto Gohko
We will introduce the first is DNSaaS OpenStack Designate.
We will talk about what has been announced for the Designate at OpenStack summit 2015 / Liberty in Vancouver.
We will talk about how to spend the Summit, which was limited to the specific theme of DNS.
まずDNSaaSであるOpenStack Designateについてご紹介します。
OpenStack summit 2015/Liberty in Vancouver にてDesignateについて発表された内容について話します。
DNSという特定のテーマに限定したSummitの過ごし方についてお話します。
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...Masaaki Nakagawa
DOCOMO MAIL is 24/7 cloud mail system which has accesses from over 20 million people. This mail system stores user's mail archive in OpenStack Swift with Peta Byte scale capacity deployed by NTT DATA.
We have been successfully operating this service since Sep 2014 without any downtime. In this session, we'll present the actual issues and challenges we have faced and conquered.
Here're some specific points we'd like to highlight.
* No service degrade, no downtime.
* Massive scale and still growing.
* Hundreds of servers operated by few people.
Compute 101 - OpenStack Summit Vancouver 2015Stephen Gordon
OpenStack Compute (Nova), has been a core component of OpenStack since the original Austin release in 2010. In the intervening years development has proceeded at a rapid pace adding support for new virtualization technologies and exposing additional features. Learn how Compute fits into the OpenStack architecture, and how it interacts with other OpenStack components and the hypervisors it manages.
Presentation from OpenStack Summit Tokyo
Online video link is below.
https://www.openstack.org/summit/tokyo-2015/videos/presentation/approaching-open-source-hyper-converged-openstack-using-40gbit-ethernet-network
- What is NOVA ?
- NOVA architecture
- How instance are spawned in Openstack ?
- Interaction of nova with other openstack projects like neutron, glance and cinder.
A lot of Internet of things devices use linux as its core. More so with the advent of DIY projects and Internet of things projects. A lot of Raspberry PI's, Beaglebone, Tessel boards are out there with default settings, and all connected to the internet, ready to be taken over. With the recent dyn DNS attack its of prime importance to know how we can keep these end point devices secure and out of the hands of botnet hoarders, attackers. In this presentation Rabimba Karanjai will show how to harden the security on these endpint devices taking a RaspBerry PI as an example. He will explain different techniques with code examples along with a toolkit made specifically for this demo which will make devices considerable harder to compromise. And even when they are, will allow to locate and detect the breach. After all, proetcting the device fially protects us all (prevents another DDOS)
Openstack summit walk DNSaaS 2015-0713 Summit LTNaoto Gohko
We will introduce the first is DNSaaS OpenStack Designate.
We will talk about what has been announced for the Designate at OpenStack summit 2015 / Liberty in Vancouver.
We will talk about how to spend the Summit, which was limited to the specific theme of DNS.
まずDNSaaSであるOpenStack Designateについてご紹介します。
OpenStack summit 2015/Liberty in Vancouver にてDesignateについて発表された内容について話します。
DNSという特定のテーマに限定したSummitの過ごし方についてお話します。
This is the presentation materials of Japanese OCDET of bare metal computing meeting.
In "GMO AppsCloud" of GMO Internet, Inc., by modifying the nova Baremetal compute of OpenStack Havana so as to drive the Ansible, by installing the OS in the cobbler, has commercialized the environment to start with disk boot loader.
Janog36 ConoHa: Making GSLB - OpenStack Designate and PowerDNSNaoto Gohko
GSLB, Global server load balancing, is a technology to dispatch DNS requests to the different servers. But the server appliances with these features are complex and expensive. So we try to make it ourselves with the open source softwares.
Designate is one of the components in OpenStack to provide DNSaaS services. It has features that can register DNS records via RESTful APIs and can select backend types; for example choosing BIND, NSD, PowerDNS, etc.
In this session, we will present GSLB with Designate and PowerDNS.
About GMO Internet, Inc.
GMO Internet Group, headquartered in Tokyo, is a leading force in the Internet industry offering one of the most comperehensive ranges of Internet services worldwide.
We are providing a public cloud called “ConoHa” and “GMO APPs Cloud” as part of our services. Both are based on OpenStack.
Lisa Caywood and Colin Dixon's presentation at the 2017 Open Networking Summit.
OpenDaylight has become a nexus for open source integration, creating a new open networking stack and enabling a new generation of open source, agile IT infrastructure. The fifth “Boron” release provides new tooling and documentation to support application developers, as well as greater integration with industry frameworks from OPNFV and OpenStack to CORD and Atrium. Boron also brings a practical focus on two leading types of deployments: (1) direct control of virtual switches to provide network virtualization and NFV and (2) management and orchestration of existing networks to provide new features and automation. This talk will cover trends in open SDN and cloud networking, with a focus on Boron milestones. In particular, it dives into the architecture across OpenStack and OpenDaylight to enable OpenStack service function chaining support in OpenDaylight.
Neutron Done the SDN Way
Dragonflow is an open source distributed control plane implementation of Neutron which is an integral part of OpenStack. Dragonflow introduces innovative solutions and features to implement networking and distributed network services in a manner that is both lightweight and simple to extend, yet targeted towards performance-intensive and latency-sensitive applications. Dragonflow aims at solving the performance
Workday has built one of the largest OpenStack-based private clouds in the world, hosting a workload of over a million physical cores on over 16,000 compute nodes in 5 data centers for over ten years. However, there was a growing need for a newer, more maintainable deployment model that would closely follow the upstream community. We would like to share our new architecture and deployment approach as well as lessons learned from our experience.
We’ve converted many of our technologies in the process, from…
Migrating from Mitaka, to Victoria
Converting from OpenContrail, to pure L3 Calico with BGP on the host
Deploying with Chef, to deploying with Ansible
Building home-grown container images, to Kolla
Monitoring with Sensu and Wavefront, to Prometheus and Grafana
CI/CD in Jenkins, to Zuul
CentOS 7, to CentOS 8 Stream
We'll also talk about some internal tools we wrote that, while Workday-specific, may inspire you to see what value-add you can make for your customers.
Scaling OpenStack Networking Beyond 4000 Nodes with Dragonflow - Eshed Gal-Or...Cloud Native Day Tel Aviv
As OpenStack matures, more users move from “dipping a toe” to deploying at large scale, with 1000's of nodes.
OpenStack networking has long been a limiting factor in scaling beyond a few hundreds of nodes, forcing users to turn to cell splitting, or to complete offloading of the networking to the underlay systems and forfeit the overlay network altogether.
Dragonflow is a fully distributed, open source, SDN implementation of Neutron, that handles large scale deployments without splitting to cells.
In testing we've conducted, we were able to scale to 4000+ controllers (each controller is typically deployed on a compute node), while maintaining the same performance we had on a small 30 node environment.
Overview of OpenStack nova-networking evolution towards Neutron. Architecture overview of OVS plugin, ML2, and MidoNet Overlay product. Overview and example of Heat templates, along with automation of physical switches using Cumulus
Quantum - Virtual networks for Openstacksalv_orlando
An overview of Quantum, the soon-to-be default Openstack network service.
These slides introduce Quantum, its design goals, and discusses the API. It also tries to address how quantum relates to Software Defined Networking (SDN)
This presentation was shown at the OpenStack Online Meetup session on August 28, 2014. It is an update to the 2013 sessions, and adds content on Services Plugin, Modular plugins, as well as an Outlook to some Juno features like DVR, HA and IPv6 Support
Presentation given at the 2017 LinuxCon China
With the booming of Container technology, it brings obvious advantages for cloud: simple and faster deployment, portability and lightweight cost. But the networking challenges are significant. Users need to restructure their network and support container deployment with current cloud framework, like container and VMs.
In this presentation, we will introduce new container networking solution, which provides one management framework to work with different network componenets through Open/friendly modelling mechnism. iCAN can simplify network deployment and management with most orchestration systems and a variety of data plane components, and design extendsible architect to define and validate Service Level Agreement(SLA) for cloud native applications, which is important factor for enterprise to deliver successful and stable service via containers.
La apuesta de Telefónica por la cloud privadaLibreCon
Caso de éxito de Telefónica en su apuesta por la computación en la nube. Se ha hecho un despliegue de Cloud Privada en colaboración con Red Hat. Explicación de los desafíos y retos que se han abordado, cómo se han solventado, así como la solución tecnológica desplegada, y cómo esta ha ido madurando a lo largo del tiempo. Autor: Felipe Alfaro Solana (Technological Expert Telefonica I+D). Librecon.io
Similar to OpenStack cloud for ConoHa, Z.com and GMO AppsCloud in okinawa opendays 2015 1216-01 (20)
ConoHa cloud is based in OpenStack Juno. but the latest OpenStack is Ocata.
I released a MetaPackage that can easily install OpenStack Juno client in python 2.7 environment on ConoHa cloud (and Mikumo ConoHa) 4th birthdays.
2015 0228 OpenStack swift; GMO Internet ServicesNaoto Gohko
GMO Internet Inc., has been service provided by the quotient material made of the fact that OpenStack Swift the ConoHa VPS brand and GMO Apps Cloud. discussed the differences between the physical configuration of the OpenStack Swift at rackspace and ConoHa, was carried out optimization of the configuration.
In addition, you have an implementation that provided by Dual-head on multiple merchandise by invoking the swift-proxy for each service.
TechOYAJI 2014 tokyo summer LT; CentOS7 and RDO Icehouse OpenStackNaoto Gohko
CentOS7 is OSS of RHEL7. But we had problems RDO Icehouse OpenStack install with packstack.
This behavior is due to the version notation was introduced in CentOS7 called "7.0.1406". So far, in CentOS7, and we use the notation such as "6.5" treated as values in the decimal point, it was also similar even RHEL.
String introduced in CentOS7 called "7.0.1406" can not be treated as a number.
Confuse itself caused the puppet upstream community that said version number is difficult to make out CentOS7 development community.
JOSUG2014 OpenStack 4th birthday party in Japan; the way of OpenStack API DragonNaoto Gohko
JOSUG2014 OpenStack 4th birthday party in Japan
the way of OpenStack API Dragon.
we provide OpenStack API on "GMO Apps Cloud" known to be capable of providing efficient social Games.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
OpenStack cloud for ConoHa, Z.com and GMO AppsCloud in okinawa opendays 2015 1216-01
1. 1
Okinawa OpenDays 2015
(スペシャルトラック:事例 2015/12/16)
(in Okinawa OpenLab)
Naoto
Gohko
<naoto-‐gohko@gmo.jp>
IT
Architect
Enginner /
GMO
Internet
Inc.,
OpenStackのモデルの最適化と適用:
ConoHaとZ.comとGMOアプリクラウド
2. 2
šHistory of our services using OpenStack in GMO
Internet Inc.,
šNova-network model and Diablo: Onamae.com VPS
šQuantum overlay network: ConoHa Grizzly cluster
šHigh performance network: GMO AppsCloud(Havana)
šJuno ConoHa: Regison, Domain, DNS and SDS
šJuno GMO AppsCloud: Ironic and copy offload Cinder
šSwift cluster (shared from each OpenStack)
# Agenda
12. 12
Oname.com VPS(Diablo)
• Nova
Network:
– very
simple(LinuxBridge)
– Flat
networking
is
scalable.
• Only
1
NIC
per
VM.
• Only
1
Public
Network
IP
– MQ(rabbitmq)
dependency
is
little(sync.
API)
• More
scalable
than
Juno,
Kilo,
Liberty
and
Mitaka
• Cloud
?
– Only
virtulization management
èBut
There
is
no
added
value,
such
as
a
free
configuration
of
the
network
OpenStack service: Onamae.com VPS(Diablo)
13. 13
OpenStack service: Onamae.com VPS(Diablo) model
compute
vm
compute
NIC NIC
Vlan network
bridge
NIC
vlan vlan
tap
vNIC
Vlan network
16. 16
ConoHa(Grizzly)
• Quantam Network:
– It
was
using
the
initial
version
of
the
Open
vSwitch full
mesh
GRE-‐vlan overlay
network
with
LinuxBridge Hybrid
èBut
When
the
scale
becomes
large,
Localization
occurs
to
a
specific
node
of
the
communication
of
the
GRE-‐mesh-‐tunnel
(with
under
cloud
network(L2)
problems)
(Broadcast
storm?)
OpenStack service: ConoHa(Grizzly)
19. 19
GMO
AppsCloud(Havana)
• Service
XaaS model:
– KVM
compute
+
Private
VLAN
networks
+
Cinder
+
Swift
• Network:
– 10Gbps
wired(10GBase
SFP+)
• Network
model:
– IPv4
Flat-‐VLAN
+
Neutron
LinuxBridge(not
ML2)
+
Brocade
ADX
L4-‐LBaaS
original
driver
• Public
API
– Provided
the
public
API
• Ceilometer
• Glance
– Provided(GlusterFS)
• Cinder
– HP
3PAR(Active-‐Active
Multipath
original)
+
NetApp
• ObjectStorage
– Swift
cluster
• Bare-‐Metal
Compute
– Modifiyed cobbler
bare-‐metal
deploy
driver.
OpenStack service: GMO AppsCloud(Havana)
20. 20
OpenStack service: GMO AppsCloud(Havana) model
compute
vm
NIC
Vlan network
bridge
NIC
vlan
tap
vNIC
Vlan network
vNIC
bridge
vlan
tap
compute
NIC
bridge
NIC
vlan
bridge
vlan
public
network
Neutronだけどsimpleな
LinuxBridge model
(Context
Switchが少ない)
>>
Game配信など高速用途の
仮想化ネットワーク
それが、GMO
AppsCloud
22. 22
GMO AppsCloud(Havana) public API
Web
panel(httpd,
php)
API
wrapper
proxy
(httpd,
php
Framework:
fuel
php)
Havana
Nova
API
Customer
sys
API
Havana
Neutron API
Havana
Glance
API
OpenStack API
for input
validation
Customer DB
Havana
Keystone
API
OpenStack API
Havana
Cinder
API
Havana
Ceilometer
API
Endpoint
L7:reverse
proxy
Havana
Swift
Proxy
29. 29
š Multi Region
š SSD Only
š Scalability
š API
š Simple and competitive pricing
# Newly Released ConoHa
30. 30
In
ConoHa,
We
added
two
additional
features.
– Multi-‐location
region
– Domain
Structure:
Application
to
multi-‐location
region
structure
– 1
Domain
==
1
OEM
service
or
Product
service
– Domain
on
API
validation
wrapper
proxy
Multi-Location region and domain structures
31. 31
The meaning of the word
• Domain
• Keystone domain
• With v2 API service (our cloud)
• != DNS Domain
• Location
• Different geographic locations on the Earth
• US(San Jose), JP(Tokyo), SG(Singapore)
• Region
• OpenStack region
• Location != Region
• Can setup up multiple Region
in one Location
33. 33
CentOS 7.1 x86_64 Juno (RDO) Maria DB
Connect to Tokyo KeyStone from All regions.
Add each region endpoints to Tokyo KeyStone.
Did not need to modify OpenStack code.
š OS and OpenStack Versions
š Multi Region Setting
# Specs
34. 34
Tokyo Singapole
User/tenant User/tenant
API
Management
Keystone API
API
Management
Keystone APIAPI
Management
Keystone API
Token Token
Tokyo SanJoseSingapore
API
Management
Keystone API
API
Management
Keystone API
READ/WRITEREAD READ
TokenToken Token
Do not
create/delete
users
Do not
create/delete
users
Our Customer base
User administration
# User-registration is possible in Japan only
DB Replication DB Replication
User/tenant User/tenantUser/tenant
R/W R/W
35. 35
# Issues and Restrictions on Multi Region
š User-registration is possible in Japan only
š VPN performance issue
š Issues on replicating token table.
36. 36
API
Management
Keystone API
KeystoneDB
Nova
Neutron Glance
Cinder
OpenStack Cluster
Nova Get/token Glance Get/token
Neutron Get/token Cinder Get/tokenVM Create !
Nova user token:001
Neutron Token:002
Glance Token:003
Cinder Token:004
VM Create !
VM Create !
Nova user token:002
Neutron Token:003
Glance Token:004
Cinder Token:005
Nova user token:006
Neutron Token:007
Glance Token:008
Cinder Token:009
# Bloat access tokens
š Too many tokens will be created from each components.
37. 37
Setting example.conf
[keystone_authtoken]
token= 100 year expires token
[neutron_authtoken]
token= 100 year expires token
[glance_authtoken]
token= 100 year expires token
[cinder_authtoken]
token= 100 year expires token
# Issues on replicating token table.
š 100 year expires token
We fixed it so that any tokens can be used for each components.
40. 40
Swift cluster
GMO Internet, Inc.: VPS and Cloud services
Onamae.com VPS (2012/03) :
http://www.onamae-server.com/
Forcus: global IPs; provided by simple "nova-network"
tenten VPS (2012/12)
http://www.tenten.vn/
Share of OSS by Group companies in Vietnam
ConoHa VPS (2013/07) :
http://www.conoha.jp/
Forcus: Quantam(Neutron) overlay tenant network
GMO AppsCloud (2014/04) : http://cloud.gmo.jp/
OpenStack Havana based 1st region
Enterprise grade IaaS with block storage, object storage,
LBaaS and baremetal compute was provided
Onamae.com Cloud (2014/11)
http://www.onamae-cloud.com/
Forcus: Low price VM instances, baremetal compute and object storage
ConoHa Cloud (2015/05/18) http://www.conoha.jp/
Forcus: ML2 vxlan overlay, LBaaS, block storage, DNSaaS(Designate)
and original services by keystone auth
OpenStack Diablo
on CentOS 6.x
Nova
Keystone
Glance
Nova network
Shared codes
Quantam
OpenStack Glizzly
on Ubuntu 12.04
Nova
Keystone
Glance
OpenStack Havana
on CentOS 6.x
Keystone
Glance
Cinder
Swift
Swift
Shared cluster
Shared codes KeystoneGlance
Neutron
Nova Swift
Baremetal compute
Nova
Ceilometer
Baremetal compute
Neutron LBaaS
ovs + gre tunnel overlay
Ceilometer
Designate
SwiftOpenStack Juno
on CentOS 7.x
NovaKeystone
Glance
Cinder
Ceilometer
Neutron
LBaaS
GMO AppsCloud (2015/09/27) : http://cloud.gmo.jp/
2nd region by OpenStack Juno based
Enterprise grade IaaS with High IOPS Ironic Compute and Neutron LBaaS
Upgrade
Juno
GSLB
Swift
Keystone Glance
CinderCeilometer
Nova
Neutron
Ironic
LBaaS
41. 41
• The
cost
to
operate
Multi
version
Openstack have
increased
• It
is
difficult
to
upgrade
or
add
new
features
è Managing
multiple
sites
of
OpenStack is
a
headache.
What s the problems abount Multi-Cluster?
43. 43
ConoHa: based on OpenStack Juno (IaaS)
• Multiple region openstack cluster
• Tokyo / Singapore / San Jose
• ... and so on
• Full SSD storage
• Multiple keystone service domain support
• ConoHa and Next service (now in development) ... OEM etc.
• LB as a Service: LVS-DSR (original)
• DNS as a service : OpenStack Designate
• OpenStack API and additional RESTful API
• Multiple Languages web panel support
• Japanese, ConoHa, English,
Korean, Mandarin Chinese
44. 44
• Create
scope
in
the
domain
– Scoped
items
• Flavor
• Images
• Volume
type
– Shared
items
• Public
Networks
• Hypervisor
• Images
(Default
domain)
• Using
Keystone
API
v2.0
Motivation
45. 45
• We
use
and
customize
the
code
that
is
in
Juno
Keystone
v3
domain
– Enable
Domain
ID
for
Juno
Keystone
V2
API
• SaaS
implementation
with
python-‐keystoneclient
– Process
related
Domain
ID
and
Data
implementation
èDomain
ID
from
token
API
User:
POST
/v2.0/token
Admin(service):
GET
/v2.0/token/{id}
Juno Keystone V2 API : Does not support Domains
46. 46
Keystone:
wrapper
proxy
at
domain
specific
keystone
endpoint
Domains and user prefix namespace
Domain Product Prefix
name
space
gnc ConoHa gnc
zjp JP
OEM-‐1 zjp
zsg SG
OEM-‐
1
zsg
...
...
OEM-‐n ...
...
Exp) user: gnc0000348
Image name: gnc_centos7
47. 47
We
released
2nd service
on
same
Juno
infra.
(2015/10/20
~)
Adding domain(2nd): cloud.z.com
53. 53
Designate DNS: ConoHa cloud(Juno)
Client API
DNS
Identify
Endpoint
Storage
DB
OpenStack
Keystone
Backend
DB
RabbitMQ
Central
Components
of
the
DNS
and
GSLB(original) back-‐end
services
Application
of
Designate
DNS:
• DNS
as
a
service(tenant)
• Undercloud Infra-‐network
• No
Keystone
auth config
55. 55
Compute and Cinder(zfs): SSD
Toshiba
enterprise
SSD
• The
balance
of
cost
and
performance
we
have
taken.
• Excellent
IOPS
performance,
low
latency
Compute
local
SSD
The
benefits
of
SSD
of
Compute
of
local
storage
• The
provision
of
high-‐speed
storage
than
cinder
boot.
• It
is
easy
to
take
online
live
snapshot
of
vm instance.
• deployment
of
vm is
fast.
ConoHa:
Compute
option
was
modified:
• take
online
live
snapshot
of
vm instance.
http://toshiba.semicon-‐storage.com/jp/product/storage-‐
products/publicity/storage-‐20150914.html
57. 57
NetApp storage: GMO Appscloud(Juno)
If
you
are
using
the
same
Cluster
onTAPNetApp
a
Glance
and
Cinder
storage,
it
is
possible
to
offload
a
copy
of
the
inter-‐service
of
OpenStack as
the
processing
of
NetApp
side.
• Create
volume
from
glance
image
((glance
the
image
is
converted
(ex:
qcow2
to
raw)
required
that
does
not
cause
the
condition)
• Volume
QoS limit:
Important
function
of
multi-‐
tenant
storage
• Uppper IOPS-‐limit
by
volume
59. 59
Ironic with undercloud: GMO Appscloud(Juno)
For
Compute
server
deployment.
Kilo
Ironic
and
All-‐in-‐one
• Compute
server:
10G
boot
• Clout-‐init:
network
• Compute
setup:
Ansible
Under-‐cloud
Ironic(Kilo):
It
will
use
a
different
network
and
Ironic
Baremetal dhcp for
Service
baremetal compute
Ironic(Kilo).
(OOO
seed
server)
Trunk
allowed
vlan,
LACP
67. 67
swift
proxy
keystone
OpenStack Swift cluster (5 zones, 3 copy)
swift
proxy
keystone
LVS-‐DSrLVS-‐DSR HAProxy(SSL)HAProxy(SSL)
Xeon
E3-‐1230
3.3GHz
Memory
16GB
Xeon
E3-‐1230
3.3GHz
Memory
16GB
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB
swift
objects
swift
objects
Xeon
E3-‐1230
3.3GHz
swift
account
swift
container
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB,
SSD
x
2
swift
objects
swift
objects
Xeon
E3-‐1230
3.3GHz
swift
account
swift
container
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB,
SSD
x
2
swift
objects
swift
objects
Xeon
E3-‐1230
3.3GHz
swift
account
swift
container
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB,
SSD
x
2
swift
objects
swift
objects
Xeon
E3-‐1230
3.3GHz
swift
account
swift
container
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB,
SSD
x
2
swift
objects
swift
objects
Xeon
E3-‐1230
3.3GHz
swift
account
swift
container
Xeon
E5620
2.4GHz
x
2CPU
Memory
64GB,
SSD
x
2
68. 68
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
objects
swift
proxy keystone
Havana AppsCloud
swift
proxy keystone
Grizzly ConoHa
Havana
To
Juno
swift
account
swift
container
swift
account
swift
container
swift
account
swift
container
swift
account
swift
container
swift
account
swift
container
swift
proxy keystone
Juno ConoHa
swift
proxy keystone
Juno AppsCloud
Swift cluster: multi-‐‑‒auth and multi-‐‑‒endpoint
swift
proxy keystone
Juno Z.com
72. 72
Finally:
The
GMO
AppsCloud
in
Juno
OpenStack
it
was
released
on
10/27/2015.
• Deployment
of
SanDisk
Fusion
ioMemory by
Kilo
Ironic
on
Juno
OpenSack I
can
also.
• Compute
server
was
deployed
by
Kilo
Ironic
with
under-‐cloud
All-‐in-‐One
openstack.
Compute
server
configuration
was
deployed
by
Ansible.
• Cinder
and
Glance
was
proviedNetApp
copyoffload storage
mechanism.
• LbaaS is
Brocade
ADX
NAT
mode
original
driver.
• Linux
Bridge
Neutron
mode
is
best
performance
without
L3
switch
On
the
otherhand;
Juno
OpenStack ConoHareleased
on
05/18/2015.
• Designate
DNS
and
GSLB
service
was
started
on
ConoHa.
• Cinder
storage
is
SDS
provied NexentaStor zfs storage
for
single
volume
type.
• LBaaS is
LVS-‐DSR
original
driver.
• ovs-‐VXLAN
overlay
Neutron
mode
is
more
high
degree
of
freedom.
• And
Z.com OEM
openstack domain
was
living
together
in
ConoHa
74. 74
Develop OpenStack related tools
Tool that create Docker host.
Golang
Develop
Vagrant
provider
for
ConoHa.
Fix
a
problem
and pull
request.
Docker Machine
https://github.com/hironobu-‐s/vagrant-‐conoha
75. 75
CLI tool that handle ConoHa specific APIs
Golang
Develop plugin that enable to save media files
to Swift(Object Store)
Develop OpenStack related tools
https://github.com/hironobu-‐s/conoha-‐iso
https://wordpress.org/plugins/conoha-‐object-‐sync/