Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Build cloud like Rackspace with OpenStack Ansible

1,825 views

Published on

Build cloud like Rackspace with OpenStack Ansible Workshop in 2nd Cloud OpenStack-Container Conference and Workshop 2016 at Grand Postal Building, Bangrak, Bangkok on September 22-23, 2016

Published in: Technology

Build cloud like Rackspace with OpenStack Ansible

  1. 1. Build Cloud like Rackspace with OpenStack Ansible Jirayut Nimsaeng DevOps & Cloud Architect 2nd Cloud OpenStack-Container Conference and Workshop 2016 Grand Postal Building, Bangrak, Bangkok | September 22-23, 2016
  2. 2. What is OpenStack ● Open source software for creating private and public clouds ● Coordinated collection of software from a few dozen related projects
  3. 3. What is OpenStack
  4. 4. OpenStack Core Services
  5. 5. OpenStack Optional Services
  6. 6. OpenStack Release Cycle
  7. 7. Why OpenStack?
  8. 8. Maturity
  9. 9. High Availability and Scalability
  10. 10. Cost saving http://www.slideshare.net/randybias/openstack-architected-like-aws-and-gcp
  11. 11. Automation Infrastructure
  12. 12. OpenStack Core Services
  13. 13. Overview
  14. 14. OpenStack Dashboard (Horizon) ● A graphical interface to OpenStack services ● Develop on Django web application that is Python
  15. 15. Play with Horizon
  16. 16. OpenStack Image Service (Glance) ● Managed pre-built OS images ● Accepts API requests for disk or server images ● Images can have metadata definitions ● Supports the storage of disk or server images on various repository types
  17. 17. Play with Glance
  18. 18. OpenStack Networking (Neutron) ● Provide networks and connectivity for instances ● Create and attach interfaces devices ● Plug-ins use to accommodate different networking equipment and software ● It is Software Defined Networking or SDN ● And provided functionality to do Network Function Virtualization or NFV
  19. 19. Traditional Switch Topology
  20. 20. Data Plane and Control Plane
  21. 21. Neutron Components
  22. 22. Play with Neutron
  23. 23. Security Groups ● Named collection of network access rules to limit the types of traffic that have access to instance ● You can assign one or more security groups to instance ● Basically it is iptables ● Any incoming traffic that is not matched by a rule is denied access by default ● What you can configure are ○ Source of traffic ○ Protocol ○ Destination port ● Rules are automatically enforced as soon as you create or modify
  24. 24. Play with Security Groups
  25. 25. Key Pairs ● SSH keys ● Provides SSH access to the instances ● Image must has cloud-init package ● Key pair is belongs to an individual user, not to a project
  26. 26. Play with Key Pairs
  27. 27. OpenStack Compute (Nova) ● Virtualization ● Start and Stop VMs ● Keep track of all running VMs to do load balancing ● Report back to the cloud VM states
  28. 28. Nova Hypervisors Supported ● KVM ● LXC ● Qemu ● VMWare vSphere ● Xen ● IBM PowerVM ● Microsoft Hyper-V
  29. 29. Play with Nova
  30. 30. Floating IP ● An IP address that a project can associate with a VM
  31. 31. Play with Floating IP
  32. 32. OpenStack Block Storage (Cinder) ● Adds persistent storage to a virtual machine ● Managing volumes, volume snapshots and volume types ● Interacts with Nova to provide volumes for instances
  33. 33. Storage types
  34. 34. Play with Cinder
  35. 35. OpenStack Identity (Keystone) ● Provides a single point of integration for managing ○ Authentication ○ Authorization ○ Catalog of services ● Can integrate with external user management systems such as LDAP
  36. 36. Service Catalog ● Users and services can locate other services by using the service catalog ● A service catalog is a collection of available services ● Each service can have one or many endpoints ● Endpoint has three types ○ admin ○ internal ○ public
  37. 37. OpenStack Keystone API V2
  38. 38. OpenStack Keystone API V3
  39. 39. OpenStack Identity Design
  40. 40. Domains
  41. 41. Groups
  42. 42. OpenStack and Active Directory
  43. 43. OpenStack Policy
  44. 44. OpenStack policy.json
  45. 45. Play with Keystone
  46. 46. Summary
  47. 47. OpenStack Optional Services
  48. 48. OpenStack Object Storage (Swift) ● Multi-tenant object storage system ● Highly scalable ● Can manage large amounts of unstructured data ● Low cost ● Interact with RESTful HTTP API
  49. 49. Play with Swift
  50. 50. OpenStack Telemetry (Ceilometer) ● Collect data, store in database and provide API service ● Uses an agent-based architecture ● Still need to use command for almost features
  51. 51. Play with Ceilometer
  52. 52. OpenStack Bare-Metal Provisioning (Ironic) ● Provides physical hardware as opposed to virtual machines ● Configure via PXE or IPMI ● Make it easy to provision physical servers like a virtual machines in a cloud
  53. 53. OpenStack Orchestration (Heat) ● Tool for orchestrating cloud ● Automated configures and deploys resources in stacks ● Defined with templates. Heat Orchestration Template (HOT) or Cloud Formation
  54. 54. Heat Orchestration Template
  55. 55. And many more...
  56. 56. OpenStack Distributed Storage
  57. 57. Distributed Storage Solution
  58. 58. What is Ceph? ● Distributed storage platform ● Software-defined Storage ● Maintain by Red Hat (that acquired InkTank) ● Support Block, Object, File
  59. 59. Why Ceph? ● Enterprise Class ● Data Protection with Replication ● Self-healing ● No RAID needed ● Flexibility and Scalability (to exabyte!!) ● Performance (with RADOS) ● Lower cost (free and open source) ● Fully-tested with OpenStack
  60. 60. Way to deploy OpenStack
  61. 61. Vendor lock-in
  62. 62. No vendor lock-in
  63. 63. Why OpenStack Ansible?
  64. 64. Use and maintain by Rackspace and Big Tent
  65. 65. Because it is Ansible ● Agentless architecture ● No centralized server ● Human readable ● Open Source ● Highly flexible and configurable ● Idempotent
  66. 66. Infrastructure as a Code
  67. 67. Comply Security Technical Implementation Guide http://docs.openstack.org/developer/openstack-ansible-security/auto_controls-all.html
  68. 68. Best way to learn how OpenStack working
  69. 69. OpenStack Ansible (OSA)
  70. 70. OpenStack Ansible (OSA) ● OSA uses Ansible to automate deploy OpenStack environment on Ubuntu Linux ● OSA deploy OpenStack components into Linux container (LXC) for isolation and ease of maintenance
  71. 71. Ansible ● Ansible provides an automation platform to simplify system and application deployment ● Ansible manages systems using Secure Shell (SSH) ● Ansible uses playbooks written in the YAML language for orchestration ● Ansible host types ○ Deployment host ○ Target hosts
  72. 72. YAML
  73. 73. Linux Containers (LXC) ● Containers provide operating-system level virtualization ● No overhead and complexity of virtual machines ● Access to the same kernel, devices and file systems ● It is Linux kernel namespaces
  74. 74. Software requirements ● Ubuntu 16.04 LTS or Ubuntu 14.04 LTS ● Secure Shell (SSH) client and server that supports public key authentication ● Network Time Protocol (NTP) client for time synchronization ● Python 2.7.x must be on the hosts ● en_US.UTF-8 as locale
  75. 75. Hardware requirements ● CPU support hardware-assisted virtualization extensions ● Disk for install OS should be SSD and doing RAID1 ● Network recommended 10 Gigabit Ethernet with bonded LACP network interfaces ● Enable jumbo frames ● Switch L3 for VLAN and support LACP
  76. 76. OpenStack Ansible Architecture
  77. 77. Infrastructure services ● MariaDB/Galera ● RabbitMQ ● MemcacheD ● Repository ● Load Balancer ● Utility Container ● Log Aggregation Host ● Unbound DNS Container
  78. 78. OpenStack Services supported Enabled by default ● Cinder ● Nova ● Horizon ● Keystone ● Glance ● Neutron ● Heat Not enabled by default ● Swift ● Ironic ● Aodh, Ceilometer, Gnocchi ● Magnum ● Sahara ● Aodh ● Ceilometer ● Gnocchi
  79. 79. Networking ● OSA uses Linux bridges to provide layer 2 connectivity between interfaces and containers
  80. 80. OpenStack Ansible Network
  81. 81. OSA Network on Compute Host
  82. 82. VXLAN and VLAN
  83. 83. Cinder
  84. 84. Glance
  85. 85. Ephemeral storage
  86. 86. Storage choice ● LVM ● iSCSI ● Ceph ● SANs
  87. 87. Swift
  88. 88. How to Deploy with OpenStack Ansible
  89. 89. OpenStack Ansible Deploy Steps
  90. 90. Q/A
  91. 91. Backup Slides
  92. 92. OpenStack CLI
  93. 93. Automated configure commands
  94. 94. Some tips
  95. 95. Caching
  96. 96. OpenStack Network
  97. 97. OpenStack Network ● Single Flat Network ● Multiple Flat Networks ● Mixed Flat + Private Networks ● Single Provider Router ● Per-Tenant Router
  98. 98. OpenStack Network
  99. 99. VLANs or VXLANs?
  100. 100. VLANs Network Traffic Flow

×