Intro to Cloudstack

Sebastien GoasguenJuly 10th, Ecole des Mines de Nantes,

France

Info

• Apache incubator project• http://www.cloudstack.org• #cloudstack on irc.freenode.net• @cloudstack on Twitter• http://cloudstack.org/discuss/mailing-lists.html

Welcoming contributions and feedback, Join the fun !

A Very Flexible IaaS PlatformCompute Hypervisor

Storage Block & Object

Network Network & Network Services

Primary Storage Secondary Storage

http://www.slideshare.net/cloudstack/cloudstack-architecture

TerminologyZone: Availability zone, aka Regions. Could be worldwide. Different data centersPods: Racks or aisles in a data centerClusters: Group of machines with a common type of HypervisorHost: A Single serverPrimary Storage: Shared storage across a clusterSecondary Storage: Shared storage in a single Zone

Storage

• Primary Storage:– Anything that can be mounted on the node of a cluster. – Cluster LVM…iSCSI…– Holds disk images of running VMs

• Secondary Storage:– Available across the zone– Holds snapshots and templates (image repo)– Can use Openstack swift or any object store (Gluster FS…)

• Can use NFS for both to start

Router

L3 Core Switch

Access Layer

Switches

………… …

Availability Zone

Servers

CloudStack Mgmt Server Cluster

Secondary Storage

Pod 1 Pod 2 Pod 3 Pod N

MySQL

Load Balancer

Operations Admin and Cloud API

Users

Physical Network

Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking

Cloud Interactions

CloudStackCloudStack

Cloud user{API client (Fog/etc)}

End User UI

End User UI

Admin UI

Admin UI

MySQLMySQL

CloudStackCloudStackClustered

CloudStackManagement

Server

ClusteredCloudStack

ManagementServer

Domain Admin

UI

Domain Admin

UI

CS Admin & End-user API

Cloud user{ec2 API client }

ec2 API

Monitoring CS API vSphere ClusterPrimaryStorage

vcentervcenter

Cluster Mgmt

XS ClusterPrimaryStorage

vCenter API

XAPI

KVM ClusterPrimaryStorageJSON

OVM Cluster PrimaryStorage

XenApi

NetConf

Nitro APIJuniper SRX

Netscaler

Console Proxy VMConsole

Proxy VMConsole Proxy VMConsole

Proxy VM

JSON

Cloud user

HTTPSAjax Console

Ajax Console

VNC

Sec. StorageVM

Sec. StorageVM

NFS Server

NFSSec. Storage

VMSec. Storage

VM

HTTP (Template Download)

HTTP (Template Copy)

HTTP (Swift)

NFS

Router VMRouter VMRouter VMRouter VM

Router VMRouter VM

JSON

{Proxied} SSH

http://www.slideshare.net/cloudstack/cloudstack-architecture

Inside a Management Server

APIServlet

APIServlet

AsyncJob

Queue

Mgr

AsyncJob

Queue

Mgr

CloudStackAPI

ServicesAPI

ServicesAPI

Commands

Responses

cmd.execute()

KernelKernel

PluginsPluginsPluginsPlugins

PluginsPlugins

Message Bus

Agent Manager

Resources

Resources

AgentAPI(Cmds)

HypervisorNativeAPIs

LocalOrRemote

NetworkDeviceAPI

MySQLMySQL

http://www.slideshare.net/cloudstack/cloudstack-architecture

• Tomcat application• Async jobs, ESB, REST API

Layer-2 Guest Virtual Network

Public Network/Internet

Guest Virtual Network 10.1.1.1/8VLAN 100

Gateway address 10.1.1.1

DHCP, DNSNATLoad BalancingVPN

Public IP 65.37.141.11

10.1.1.1Guest VM 1Guest VM 1

10.1.1.3Guest VM 2Guest VM 2

10.1.1.4Guest VM 3Guest VM 3

10.1.1.5Guest VM 4Guest VM 4

CSVirtual Router

CSVirtual Router

Public Network/Internet

Guest Virtual Network 10.1.1.1/8VLAN 100

Private IP10.1.1.112

DHCP, DNS

Public IP 65.37.141.112

10.1.1.1Guest VM 1Guest VM 1

10.1.1.3Guest VM 2Guest VM 2

10.1.1.4Guest VM 3Guest VM 3

10.1.1.5Guest VM 4Guest VM 4

NetScalerLoad

Blancer

NetScalerLoad

Blancer

Private IP10.1.1.111

Public IP 65.37.141.111

Juniper SRX

Firewall

Juniper SRX

Firewall

CS Virtual Router provides Network Services External Devices provide Network ServicesNetwork Hardware exposing API can be controlled

CSVirtual Router

CSVirtual Router

Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking

Other Topologies

Guest Virtual Network 10.1.1.0/24VLAN 100

Gateway address 10.1.1.1

10.1.1.1Guest VM 1Guest VM 1

10.1.1.3Guest VM 2Guest VM 2

10.1.1.4Guest VM 3Guest VM 3

10.1.1.5Guest VM 4Guest VM 4

Guest Virtual Network 10.1.1.0/24VLAN 100

DHCP, DNSUser-data

10.1.1.1Guest VM 1Guest VM 1

10.1.1.3Guest VM 2Guest VM 2

10.1.1.4Guest VM 3Guest VM 3

10.1.1.5Guest VM 4Guest VM 4

No services [Static Ips] Dedicated VLAN with DHCP and DNSUser can request specific IP[s] for NIC

CSVirtual Router

CSVirtual Router

Core switch

Gateway address 10.1.1.1

Core switch

Slide from Chiradeep Vittal, http://www.slideshare.net/cloudstack/cloudstack-networking

A customizable GUIhttp://docs.cloudstack.org/CloudStack_Documentation/Custom

izing_the_CloudStack_UI

A very extensive APIhttp://download.cloud.com/releases/3.0.3/api_3.0.3/TOC_Root

_Admin.html

Making API calls

def make_request(requests, secretKey): request = zip(requests.keys(), requests.values()) request.sort(key=lambda x: str.lower(x[0]))

requestUrl = "&".join(["=".join([r[0], urllib.quote_plus(str(r[1]))]) for r in request]) hashStr = "&".join(["=".join([str.lower(r[0]), str.lower(urllib.quote_plus(str(r[1]))).replace("+", "%20")]) for r in request]) sig = urllib.quote_plus(base64.encodestring(hmac.new(secretKey, hashStr, hashlib.sha1).digest()).strip()) print "Signature: %s"%sig requestUrl += "&signature=%s"%sig print requestUrl

if __name__ == '__main__': requests = { "apiKey": "BRZ5j4E8O4di2MZWnQsYBLThCrTGO-LGeZaMjsnvelkHuY5P8FdTnluNZTDQhCUy-wqeJzk8EAc_NbcZxTF_FA", "response" : "json", "command" : "listZones" } secretKey = "bFlx2llt3OmM4AiHzfwV1ZbuJ5tsv6hAx6IeM32CkM-obCA77BRwBr3_yQ0bO1-kdZyfD3-lY6khsXCx18n3Mw" make_request(requests, secretKey)

Can be authenticated or not.HTTP call.User Keys can be generated via the GUIBase url: http://<manager-host>:8080/client/api?….

EC2 compatibility via Cloudbridge

• Significant development work happening to make Cloudstack highly compatible with EC2 API.

• http://wiki.cloudstack.org/display/RelOps/EC2+API+support+in+CloudStack

• Euca tools, boto etc…should work with cloudstack.

• Lots of potential for contributions…

Note: System VMs

• When a Zone is enabled some system VMs get started:– Router for instances– Proxy for console access– Manage secondary storage

• Different from Opennebula and Nimbus, needs to get used to.

• 3 IP addresses need to be reserved for those.

Note: Highly Scalable• See:– http://www.slideshare.net/cloudstack/scalability-

12819428– From Alex Huang. 10k “resources” managed per

Mgt server. 30k resources with 30k VM in simulation.

• Management server can be setup in a multi-node configuration with a load-balancer and replicated MySQL.

Note: DevCloud• A Virtual box appliance packaged to provide a

working Cloudstack environment.• Available since last week , from Edison Su• Aimed at developers but has other use cases:– Xen PV hosts gives nested virtualization– Local EC2 Cloud on your laptop– Networking experiments ?

• http://wiki.cloudstack.org/display/comm/DevCloud

Note: VM Placement• Scheduling of VMs• Stack them, spread them, random…• Configurable