Openstack
Cloud computing with Openstack
• SWITCH role in Openstack and Cloud Computing • What is Virtualization ?
• Why is Cloud computing more than Virtualization ? • How Openstack implements Cloud Computing ?
• Openstack public cloud with two regions in Switzerland –https://www.switch.ch/engines/
• SWITCHengines provides compute and storage services to Swiss academics. Users of participating institutions
have on-demand access to create and manage virtual machines and storage.
• Two Regions – Zurich
– Lausanne
• SWITCHengines has been in “public beta” and “internal production” since December 2014
• Productive service since January 2016
• Several SWITCH services run on it (SWITCHdrive, SWITCHfilesender, SWITCHtube)
• Over 630 individual users and around 40 research projects online
• Around 700 VMs running on the cloud right now (2200 cores, 4900 GB RAM, 400 TB of storage allocated)
• Key idea: Hypervisor and virtual machines – Commodity technology today
– Typically GUI driven – Scale-UP approach
– Operators manage each Hypervisor independently • Well known Hypervisors, and date of birth
– VMWare 2001 – Xen 2003
– Virtualbox 2007 – KVM 2007
• How to manage a datacenter with many hypervisors ? – Most of the management is by hand with GUI/WEB based tools • What happens if I lose a physical host ?
– Hypervisors are built with a lot of redundancy to prevent failures
– All the hypervisors in a legacy datacenter are Pets, you really have to make sure they are healthy
• How to manage multi-tenant use cases ? – Not all the VMs belong to the same project
Virtualization – Reference Network
Da tace nte r Sw itch• Network configuration can become complex and hard to manage by hand
• In case of multi-tenancy VLAN coordination needed by network-admin and
• Needs redundancy for hypervisors hardware • Needs redundancy for networking hardware • A lot of manual configuration
• No standard strategy for multi-tenancy
• AWS: Started in March 2006 (10 years ago) • Openstack: Started in 2010
• In a Public cloud the services are offered to anyone over the Internet.
– Operators and users of the cloud are usually in different domains • In a Private cloud the access is restricted to some users
for private use
– Operators and users of the cloud are usually from the same company
• It is design to fail
– Hardware is divided in two main categories, Pets and Cattle – You will need to introduce redundancy only for your Pets
– Cattle are allowed to fail
• API based Control Plane
– The configuration of new VMs is done interacting with a Controller – API interfaces make possible to automate the configuration.
– Requests for new virtual machines are processed by a controller that will schedule the machine to right hypervisor.
• It is a change regarding Uptime responsibility.
• Hypervisors can fail, this means that VMs should be disposable.
• Developers are required to design the application in a way that a server can be lost.
• The application should exploit the new abstractions provided by the cloud.
• Scale-up mindset
– Make a server redundant and powefull
Web Application Example: Legacy
Web Application Example: Cloud
vm01 vm02 vm03 LBaaS
FloatingIP
DBaaS Object Storage
• Scale-out mindset • VMs are disposable
• Database is provided by the Cloud Infrastructure • Object Storage is
persistent
Autoscaling VMs on load
Hostname
• API can be accessed via CLI, Web based interface, and libraries are provided to implement own tools
openstack server create --flavor c1.micro \ --image “Ubuntu 14.04” \
--nic net-id=private \ myVMname
• The best hypervisor is selected automatically – User starting a VM do not know how many hypervisors • Multi-tenancy is by default
– Each user have visibility only of his own VMs
– VMs from the same user will appear on the same network
• To make scale-out possible, a cloud computing provides the following abstractions:
• Web Services
– FloatingIPs and LBaaS • Databases
– DBaaS : the user receives the endpoint and credentials
– Real DB is managed by Cloud Ops in multi master replication
• Scalable
• Access natively via HTTP • Replication of objects
New abstraction: Object Storage
Server
File System File System
File System File System File System
Server
Object storage
• Quickly move an IP address to another instance or to another service. The backend is independent.
New abstraction: floating IP
• Main components
– Keystone: authentication and authorization – Nova: Virtual Machine orchestrator
– Cinder: Volume manager – Glance: Image manager – Neutron: Network controller • The openstack big tent
– Horizon – Heat – Trove
• Keystone provides a token based authorization to the Openstack API services.
• export OS_USERNAME=saverio.proto@switch.ch • export OS_PASSWORD=<secret>
• export OS_TENANT_NAME=saverio.proto@switch.ch
• export OS_AUTH_URL=https://keystone.cloud.switch.ch:5000/v2.0 • export OS_REGION_NAME=LS
• Keystone publishes a catalog of the current API endpoint
• Cloud Federation is possible with keystone – However requires Keystone V3 API
– Federation enables Cloud Bursting
• Keystone development is today very active – Token structures changed
Glance
macsp:~ proto$ openstack image list
+---+---+---+ | ID | Name | Status | +---+---+---+ | 382099dd-61b5-4866-9956-bc68abb417dd | RStudio Appliance (SWITCHengines) | active | | 8bc628a2-a54c-4ee4-bda5-3325a1d12cb0 | Ubuntu Trusty 14.04 (SWITCHengines) | active | | a4e35b28-b1fe-40a0-ba33-f23f0a9a7440 | CentOS 7.1 (SWITCHengines) | active | | 1102bb9c-0256-4a4f-a104-f57c9715ae1b | Debian Wheezy 7.8 (SWITCHengines) | active | | 31a9beca-acc5-43de-9e52-01256ef211d3 | Fedora release 20 (SWITCHengines) | active |
• Cinder is the volume manager in Openstack
• Because we said that VMs are disposable, we have two kind of volumes
– Ephemeral volumes – Persistent volumes • Ephemeral volumes
– Controlled directly by Nova, the disk of the VMs is destroyed when the VM is destroyed. Created when we boot from image.
• Persistent
– Is a volume independent from a VM. You can attach the volume to
• VMs from the same project appear on the same network regardless of the hypervisor where they are scheduled • Hypervisors are running OpenVSWITCH
• An Overlay network is built among the Hypervisors – Different tunnels are possible (VXLAN, GRE)
• Nova is a cloud computing fabric controller
• It is software layer that hides to the user the hypervisor technology chosen to implement the cloud.
• The cloud can use even different hypervisor technology at the same time.
• Supports KVM, XEN, VMWare, Hyper-V, Bare-metal,
Nova API
KVM hypervisor VM NOVA API VM VM VM VM XEN hypervisor User• User requests a VM to Nova
• http://docs.openstack.org/liberty/networking-guide/scenario-classic-ovs.html
• Openstack is a great Open Source software ecosystem – It makes possible to anyone to deploy a cloud
• Application should be designed to exploit the new abstractions
– Cloud Native Applications
• Cloud design with Pets and Cattles reduces infrastructure costs
• ATLAS Experiment at CERN, UNIBE is using SWITCHengines 24/7 with 300 Cores
• ATLAS Instances on SWITCHengines – 8cores
– 16GB RAM – 20 GB Disk