Dag Sonstebo

Forseti

Consulting

Ltd

AUTOMATING CLOUDSTACK AND

HYPERVISOR INSTALLATION

AND CONFIGURATION

Cloud and vir tual ization technical architect with background in the banking and service provider industry.

Special ize and great interest in: Virtualisation - VMware vSphere, Citrix XenServer, KVM, Hyper -V.

Cloud orchestration – vCloud, OpenStack, CloudStack.

LinkedIn: https://www.l inkedin.com/in/dagsonstebo

Blog: https://dsonstebo.wordpress.com

Github: https://github.com/dagsonstebo

Contact: dag@forseticonsult ing.co.uk

The small print… Any opinion or view expressed are my own and do not in any way reflect the

opinions or views of my present or previous employers or clients.

ABOUT ME

Why consider private cloud?

What are your options?

CloudStack History

What is it and how does work?

Automation and builds: Zero touch hypervisor builds

Automated CloudStack builds

CloudStack demo

Q&A

OVERVIEW

Why consider private / hybrid cloud options?

Choices:

Do nothing – stick with traditional IT:

Danger of shadow IT.

Lack of automation and orchestration means increased turnaround time.

Going fully public comes at a cost:

AWS: Windows t2.medum @ 2vCPU + 4GB RAM costs ~£500 / year

RackSpace: General purpose Windows @ 4GB RAM costs ~£1000 / year

Azure: A2 Windows @ 2vCPU + 3.5GB RAM costs ~£660 / year

Building own private clouds gives the benefit of quick self service,

automation and multi-tenancy within your own data centre.

PRIVATE CLOUDS

What are your choices?

VMware vCloud

OpenStack

CloudStack

Microsoft

A long list of others:

Flexiant

Eucalyptus

Joyent

OpenNebula

Nimbus

Abiquo

Etc….

Or – build your own……

BUILDING YOUR OWN CLOUD

Launched in May 2010 as Vmops, rebranded to Cloud.com.

Acquired by Citr ix in July 2011. Donated to the Apache Sof tware Foundation in April 2012 and continue being developed as an open source Apache Sof tware Foundation project on the Apache License v2.

Citr ix maintain their own commercial fork from the the open source project, and have rebranded this Citr ix CloudPlatform.

Citr ix also developed the proprietary CloudPortal Business Manager to provide a commercial front end for automated provisioning, bi l l ing, metering and user management.

Version at t ime of writ ing: Apache CloudStack 4.4.2 development version

Apache CloudStack 4.3.2 production version.

Citrix CloudPlatform 4.5.

CLOUDSTACK – A BACKGROUND

The list is long… http://cloudstack.apache.org/users.html

CLOUDSTACK USERS

WHAT ARE OUR BUILDING BLOCKS?

Cloud Components

Self service front end

Cloud orchestration:

Resource management

back end

Hypervisor backend

Storage: hypervisor

storage and object stores

Data center network

Reporting / billing /

chargeback

Features:

•User friendly web GUI to manage IaaS resources on demand

•Native API with optional compatibility with Amazon EC2 / S3 API

•Automatic management and orchestration of all hypervisor resources, storage and networking

•Full multi tenancy segregation

•User / domain / project management and accounting / billing

•Single management role (compared to OpenStack which need 8-10 service to deliver the same functionality)

Hypervisors:

•Citrix XenServer 5.x + 6.x as well as Xen Project

•VMware ESXi 5.0, 5.1, 5.5

•KVM

•W2K12 Hyper-V

•LXC (experimental)

•Bare metal

Storage:

•NFS

•iSCSI

•FC

•VMFS (vSphere)

•SMB/CIFS (Hyper-V)

CLOUDSTACK – FEATURES

Network segregation and SDN technologies:

•Basic L3 networks

•VLANs

•VXLANS

•Nicira NVP

•Midonet

•OVS – Open vSwitch

End user network offerings:

•Basic networking with security groups (similar to Amazon EC2), provides guest isolation on L3 networks hosted on single flat L2 network.

•Advanced networking providing L2 tenant isolation using VLANs and SDN.

•Per client routing, DHCP, DNS, VPN, firewall, NAT, port forwarding, VPC

•Loadbalancer and firewall integration with physical F5 / Netscaler / Juniper SRX

CLOUDSTACK – FEATURES

CloudStack management server(s)

MySQL server(s)

Hypervisors

Storage:

Primary storage for hypervisor clusters

Secondary storage for ISOs, templates and snapshots.

Networking:

Physical data centre networking

Logical traffic types across physical networks

HIGH LEVEL CLOUDSTACK BUILDING

BLOCKS

Clusters:

•XenServer pools

•ESXi clusters

•Sets of KVM hosts

•Hyper-V clusters

•Primary storage: NFS / iSCSI / FC SAN / SMB-CIFS (Hyper-V) / VMFS (vSphere)

Pods:

•A rack or row of racks including one or more clusters

Availability zones:

•Typically single data center or part of DC

•Contains one or more pods and zone wide secondary storage

Regions:

•Collection of one or more AZ’s in close proximity managed by one or more management servers

CLOUDSTACK HIERARCHY

Image courtesy of Apache.org

Virtual routers:

Handles routing for guest networks, routes between guest isolated

network and public network.

DHCP and DNS

VPN, firewall, NATing, and port forwarding

Secondary storage VM:

Handles export and import of templates, ISOs and snapshots

Console proxy VM:

Provides console access to guest VMs.

CLOUDSTACK SYSTEM VMS

Physical networks:

• Basic zone networking

• Advanced zone networking

Traffic types (tags):

• Guest: isolated VLAN or SDN networks.

• Management traffic

• Public: internet or internal intranet.

• Storage

Connecting to private LAN networks

• Client networks can be connected directly to e.g. enterprise LAN networks.

CLOUDSTACK NETWORKS

NETWORK OVERVIEW (ADVANCED ZONE)

What we’ll cover:

Automating hypervisor builds

Automating CloudStack build

Other things to consider:

Storage

Data centre networking and associated cost

Hardware choice – branded vs. white label kit

BUILDING HYPERVISORS AND

APACHE CLOUDSTACK

Why automate? CD install ….

Fast and consistent builds.

Quick RTO in DR / BCM scenarios

Compensates for less technical teams with little time and bandwidth

Zero touch builds – why? Minimal input to build cuts out error prone operations

Advance preparation

CMDB / inventory DB / source control CI integration

Scripting for hypervisors: XenServer: relatively easy to create scripted installs due to full bash shell

ESXi: tricky due to low functionality ash shell

KVM: Linux build

Hyper-V: SCCM

AUTOMATING YOUR HYPERVISOR BUILD

Prerequisites: PXE: DHCP + TFTP/FTP/HTTP infrastructure

Fully dynamic build scripts

Per host answer files

How do you detect individual hosts? Known MAC addresses supplied by vendor prior to delivery allows for true

zero touch builds.

PXE menu host selection allows for single touch builds.

Puppet Razor was developed to do builds based on policies around hardware detection.

Some examples: https://github.com/dagsonstebo/Citrix -Xenserver-6.2-zero-touch-build-

scripts

https://github.com/dagsonstebo/VMware-ESXi-5.5-zero-touch-build-scripts

ZERO TOUCH BUILDS

ZERO TOUCH BUILDS PROCESS

# # ##############################

# Gen er a l set t in g s

C F G _ H OS T N A M E ="xs62cn 1 .my lab . loc a l " ;

C F G _ I P = "192 .168 .0 .30" ;

C F G _ N E T M A S K="255 .255 .255 .0" ;

C F G _ DG = " 192.168 .0 .1" ;

C F G _ DN S 1 ="192 .168 .0 . 2" ;

C F G_ DN S 2 ="192.168 .0 . 3" ;

C F G _ S E A RC H DOM A I N ="my la b . lo ca l " ;

C F G _ N T P 1="n tp . c is . s t r a t h . ac .u k " ;

C F G _ PA S SWOR D="Pa sswo r d1 23" ;

C F G _ S E RV E R ROL E ="P OOL M AS T ER " ;

C F G _ P OOL N A M E ="XS62Po o l1" ;

C F G _ P OOL M A S T E R ="192.168 .0 .30" ;

C F G_ P OOL M AS TE RP WD="Pa sswo r d1 23" ;

C F G _ DOM 0 M E M ="" ;

C F G _ I N I T IA L NIC ="et h0" ;

C F G _ E DI T I ON=" f r ee" ;

C F G _ L I C E N SE S RV=" " ;

C F G _ L I C E N SE P OR T="" ;

# # ##############################

HOST ANSWER FILE EXAMPLE

# C l o u d S t a c k exa m p l e

C F G _ N W 1 _NA M E ="c lo u d- p r i va te" ;

C F G _ N W 1 _D E S C ="C lo ud p r i va te n et wo r k " ;

C F G _ N W 1 _T Y P E="b on d " ;

C F G _ N W 1 _NI CA ="et h0" ;

C F G _ N W 1 _NI C B="eth 1" ;

C F G _ N W 1 _BO ND M O D E ="a c t i ve - ba c ku p" ;

C F G _ N W 1 _M T U="" ;

C F G _ N W 1 _V L AN="0" ;

C F G _ N W 1 _I F="n o ne " ;

C F G _ N W 2 _NA M E ="c lo u d- p ub l i c " ;

C F G _ N W 2 _D E S C ="C lo ud p u b l i c n et wo r k " ;

C F G _ N W 2 _T Y P E="b on d " ;

C F G _ N W 2 _NI CA ="et h2" ;

C F G _ N W 2 _NI C B="eth 3" ;

C F G _ N W 2 _BO ND M O D E ="a c t i ve - ba c ku p" ;

C F G _ N W 2 _M T U="" ;

C F G _ N W 2 _V L AN="0" ;

C F G _ N W 2 _I F="n o ne " ;

C F G _ N W 2 _I F IP ="n on e" ;

… … … .

ZERO TOUCH BUILDS

Hypervisors

Storage:

Primary storage for hypervisor clusters

Secondary storage for ISOs, templates and snapshots.

Networking:

Physical data centre networking

Logical traffic types across physical networks

CloudStack management server(s)

MySQL server(s)

CLOUDSTACK BUILD RECAP

Install documentation:

Apache documentation

http://docs.cloudstack.apache.org/projects/cloudstack -

installation/en/latest/installation.html

Citrix documentation

http://support.citrix.com/proddocs/topic/cloudplatform/clst -

wrapper.html

Manual builds are straight forward - Linux.

Automated builds ensure quick repeatable install.

INSTALLING CLOUDSTACK

Management / MySQL server prerequisites:

•64-bit CentOS/RHEL 6.3+ or Ubuntu 12.04 preferred, 4 GB of memory, CPU cores according to load, 250 GB of local disk minimum,500 GB recommended.

Configuration of RPM / DEB repositories.

Installation using yum / apt-get.

MySQL

•Can be installed on the same node as CloudStack management, or running separately.

•Configuration of CloudStack DB

Prepare the system VM template on secondary storage

HIGH LEVEL BUILD STEPS

Using Ansible: https://github.com/dagsonstebo/CloudStack-Ansible-Playbook

All CloudStack installation steps in one Ansible playbook: –tags=base: NTP, Selinux, CloudStack and EPEL yum repos

–tags=mysql: all MySQL and DB installation and configuration steps

–tags=csmanagement: installs and configures base CloudStack build

INSTALLING CLOUDSTACK USING

ANSIBLE

Base install is now complete – but needs configuration:

Regions, zones, pods and clusters

Primary and secondary storage

Network model – including network segregation mechanism

Public, private and guest network IP ranges, as well as VLAN / SDN ranges

How?

Manually through the CloudStack GUI

Using CloudMonkey

Or again using Ansible – the following utilises CloudMonkey under the bonnet: https://github.com/dagsonstebo/CloudStack -Ansible-Playbook/blob/master/cloudmonkey.yml

CLOUDSTACK CONFIGURATION

COMPLETED CLOUDSTACK INSTALL AND

CONFIGURATION

Expansion to further regions, zones, pods and clusters

Add portal:

Commercial offerings, e.g. Citrix CloudPlatform Business manager

or you write your own…

Configure reporting and billing

Increase resilience:

Add additional management servers

Configure MySQL master/slave or MySQL / Galera cluster

Integrate hardware load balancers:

Netscalers

Juniper SRX

F5

CLOUDSTACK – NEXT STEPS

CLOUDSTACK DEMO

Q&A….

QUESTIONS

Apache CloudStack site:http://docs.cloudstack.apache.org/en/master/

Citrix CloudPlatform:http://www.citrix.com/products/cloudplatform/tech-info.html

My blog: https://dsonstebo.wordpress.com

My Github repo: https://github.com/dagsonstebo

Contact: dag@forseticonsulting.co.uk

MORE INFORMATION