IntroductionNick Jones

Senior Cloud Systems Engineer at DataCentred

1

Agenda

• Introduction to OpenStack

• What does it do

• Project history

• Who uses it

• OpenStack Components

• Core components

2

Agenda, cont.

• OpenStack Architecture

• How everything fits together

• Installation

• Tools to deploy OpenStack

• Operation and Maintenance

• Care and feeding of an OpenStack installation

3

What is OpenStack?"OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface."

-- https://www.openstack.org/software/

4

Project History• July 2010, privately developed by RackSpace and NASA

• October 2010, first release - 'Austin'

• February 2011, 'Bexar', April 2011, 'Cactus' - 6-month development cycle starts

• April 2014, Icehouse - still security supported

• October 2014, Juno - current Production release

• April 2015, Kilo - under development5

Who uses OpenStack• CERN - LHC, 4000+ physical hosts

• WalMart - entire US production traffic

• BMW

• eBay

• Disney

• Comcast

6

OpenStack Components

1

1 Thanks to Sean Dague - https://dague.net

7

Identity Service - Keystone• Centralized policies across users and systems

• Create users and tenants with appropriate permissions

• Integrate into existing directory services (LDAP)

• Maintains catalogue of services

8

Image Service - Glance• Operating System images

• Snapshots

• Supports many formats - RAW, qcow2 (QEMU / KVM), VMDK (VMware), OVF, etc.

9

Compute Service - Nova• Effectively the 'brain' of an OpenStack installation

• Manage virtualised hardware resources

• Can also provide software-defined networking

• Supports many different hypervisors - KVM, Xen, VMware ESXi, Hyper-V...

10

Networking Service - Neutron• Software-defined networking component

• Users define their own virtual networks

• Manages IP address assignment

• Floating IP addresses

• Supports different back-ends - OpenvSwitch, VMware NSX, Cisco UCS, Midokura....

11

Block Storage Service - Cinder• Persistent block storage to compute instances

• Support for various back-ends - Ceph, NetApp, Nexenta, SolidFire...

12

Other key services• Horizon - web UI / dashboard

• Ceilometer - monitoring and metering / billing

• Swift - object and block storage

• Ceph - alternative for object and block storage

13

Choice!

14

Supporting Services• Presentation - Apache, nginx

• Loadbalancing - keepalived, haproxy

• Messaging - RabbitMQ

• State - MySQL / MariaDB

15

Infrastructure

16

Virtual machine creation

17

Physical deployment

18

Scale-out architecture

19

Network

20

Network, continued

21

Installation• Manual installations untenable for any serious deployment

• Use configuration management and orchestration

• Puppet

22

Deployment with Puppet• Programmatically define server and service configuration

• Relationships between services

• Driven by data

• Describe and document infrastructure

• Scalable

23

Puppet, continued• OpenStack official Puppet modules

• Neutron = 8422 LOC

• Nova = 6678 LOC

• Glance = 3336 LOC

• Cinder = 6379 LOC

• Keystone = 4020 LOC

24

2478 LOC to deploy OpenStack

25

Foreman• Lifecycle management

• Physical and virtual

• External node classification (ENC) for Puppet - control node, network node, compute node

26

Operation and Maintenance

27

Monitoringcollectd, graphite, Grafana

28

Monitoring, continued• ELK stack

• Elasticsearch, logstash, Kibana

• Riemann

• Icinga / Nagios

29

Development• Python

• Build staging and test - OpenStack-on-OpenStack

• Devstack

• Make use of tools such as Vagrant

30

PatchingGiftwrap - https://github.com/blueboxgroup/giftwrap

• Manage patches

• Security

• Features

• Fixes

• Resolve dependancies

31

Problems• Developer expertise

• Tackle features like onboarding

• Gaps in features

• Networking HA still a bit of a mess

• Incomplete IPv6 support

• Hypervisor scheduling

32

Problems, continued• Supporting services

• HA with RabbitMQ doesn't always work as expected

• Some services outside of 'core' less reliable

• Ceilometer in particular

• Horizon can be confusing and has some idiosyncrasies

• Nothing to stop you building your own alternative!

33

Questions?

34