OpenStack

An Overview

09/05/2014

Bruno Grazioli

2

What is OpenStack?

OpenStack is open source softw�are to build private and public clouds

Initiated by Rackspace Cloud and NASA in 2010

Thee firrst core modules �ere called Compute (Nova) and Object Storage (S�iftw)

Since its founding, it has seen �ide industry endorsement and no� numbers more than 100 supporting companies. Including many of the industry's largest organizations.

Current platinum members include IBM, AT&T, Canonical, HP, Nebula, Rackspace, Red Hat, and SUSE

3

OpenStack Icehouse statistics

4

OpenStack is growing

One of the most exciting things about OpenStack is that it continues to gro� dramatically and quickly, oftwen �ith t�o or more releases per year

As a result, much of the information publicly available on the technology is out of date

Thee User Survey Statistics November 2013 received nearly t�ice as many ans�ers as the previous round (performed in April 2013 �ith 414 responses) and 387 deployments compared to 187.

5

Evolution of OpenStack

Each release has incorporated ne� functionality, added documentation, and improved the ease of deployment

Austin release consisted only of t�o core projects: OpenStack Compute (Nova) and OpenStack Object Storage (S�iftw)

Bexar complemented these �ith an Image Service (Glance)

Essex release added t�o more cores (Keystone and Horizon)

Folsom added Neutron (initially called Quaantum) and Cinder cores

Havana added Ceilometer and Heat cores

6

Current release – Icehouse

Icehouse release consists of ten core projects

Compute (Nova) - Object Storage (S�iftw)

Block Storage (Cinder) - Net�orking (Neutron)

Dashboard (Horizon) - Identity Service (Keystone)

Orchestration (Heat) - Telemetry (Ceilometer)

Image Service (Glance) - Database Service (Trove)

Ne� capabilities under development for Juno and beyond

Bare Metal (Ironic)

Quaeue Service (Marconi)

Data Processing (Savannah)

7

OpenStack Archtecture

8

Nova

OpenStack Compute (Nova) controls the cloud computing fabric (the core component of an infrastructure service).

Writteen in Python, it creates an abstraction layer for virtualizing commodity server resources such as CPU, RAM, net�ork adapters, and hard drives, �ith functions to improve utilization and automation.

Its live VM management has functions to launch, resize, suspend, stop, and reboot through integration �ith a set of supported hypervisors.

When the images are running, it is possible to store and manage firles programmatically through an application programming interface (API).

9

Neutron

Net�orking (Neutron), formerly called Quaantum is an OpenStack project focused on delivering net�orking as a service.

It is designed to address defirciencies in “baked-in” net�orking technology found in cloud environments, as �ell as the lack of tenant control (in multi-tenant environments) over the net�ork topology and addressing, �hich makes it hard to deploy advanced net�orking services.

Thee massive scale of high-density, multi-tenancy cloud environments is putteing enormous strain on net�orks.

Theey are simply struggling to keep up �ith the explosive, dynamic nature of these virtualized environments.

Neutron provides a �ay for organizations to relieve the stress on the net�ork in cloud environments to make it easier to deliver net�orking as a service in the cloud.

10

Neutron

Includes the capability to manage LANs �ith capabilities for virtual LAN (VLAN), Dynamic Host Confirguration Protocol, and Internet Protocol version 6.

Users can defirne net�orks, subnets, and routers to confirgure their internal topology, and then allocate IP addresses and VLANs to these net�orks.

Floating IP addresses allo� users to assign (and reassign) firxed external IP addresses to the VMs

Supports many diffeerents net�orking confirgurations

Enables VMs to talk to each other on private net�ork

Some VMs can be externally accessible

11

Keystone

Keystone is an OpenStack project that provides Identity, Token, Catalog and Policy services for use specifircally by projects in the OpenStack family.

OpenStack Identity Management (Keystone) manages a directory of users as �ell as a catalog of OpenStack services they can access.

Its purpose is to expose a central authentication mechanism across all OpenStack components.

Is the identity service used by OpenStack for authentication and high-level authorization.

It currently supports token-based authentication and user-service authorization.

12

Swift

OpenStack Object Storage (S�iftw) is based on the Rackspace Cloud Files product and is a redundant storage system ideal for scale-out storage.

OpenStack ensures data replication and distribution across the devices in its pool, so users can employ commodity hard disks and servers rather than more expensive equipment.

In the event of a component failure, OpenStack is able to replenish the content from other active systems to ne� cluster members.

Access to the OpenStack S�iftw object storage system is through a REST API, �hich is similar to the Amazon.com S3 API.

Theis means that applications that are currently using S3 can use OpenStack S�iftw �ithout major re-factoring of the application code and application

13

Cinder

OpenStack Block Storage (Cinder) manages block-level storage that compute instances use.

Block storage lends itself �ell to scenarios �ith strict performance constraints, such as databases and firle systems.

Cloud users can manage their storage requirements through the dashboard.

Thee system provides interfaces to create, atteach, and detach block devices from/to servers. It is also possible to back up Cinder volumes by using the snapshot capability.

14

Glance

OpenStack Image Service (Glance) provides support for VM images, specifircally the system disks to be used in launching VM instances.

In addition to discovery, registration, and activation services, it has capabilities for snapshots and backups.

Users can provide both private and public images to the service in a variety of formats, VDI (VirtualBox), VMDK (VM�are), qco�2 (Qemu/Kernel-based Virtual Machine).

Functions exist to register ne� virtual disk images, query for information on publicly available disk images, and stream virtual disk images.

15

Horizon

Thee dashboard is an extensible �eb app that allo�s cloud administrators and users to control their compute, storage and net�orking resources

Is the graphical UI that administrators can most easily use to manage all the projects

Provides administrators and users a graphical interface to access, provision and automate cloud-based resources

As a cloud administrator, the dashboard provides an overall vie� of the size and state of your cloud.

You can create users and projects, assign users to projects and set limits on the resources for those projects.

16

Ceilometer

Thee Ceilometer project �as started in 2012 �ith one simple goal in mind: to provide an infrastructure to collect any information needed regarding OpenStack projects.

Is a mechanism for centralized collection of metering and monitoring data.

It delivers a single point of contact for billing systems to obtain all the usage information they need across the suite of OpenStack components.

Has diffeerent types of metering.

Cumulative - Increasing over time (instance hours)

Gauge - Discrete items (flooating IPs, image uploads) and flouctuating values (disk I/O)

Delta - Changing over time (band�idth)

17

Heat

Is a template-based orchestration engine for OpenStack.

It allo�s developers to defirne application deployment patteerns that orchestrate composite cloud applications in a RESTful API.

Thee templates can accommodate most OpenStack resource types (for example, Nova instances and flooating IP address ranges, Cinder volumes, Keystone users).

Theere are also capabilities for advanced functionality, including high availability, auto-scaling, and nested stacks.

18

Trove

Trove is Database as a Service for OpenStack.

A ne� capability included in the integrated release allo�s users to manage relational database services in an OpenStack environment.

It's designed to run entirely on OpenStack, �ith the goal of allo�ing users to quickly and easily utilize the features of a relational database �ithout the burden of handling complex administrative tasks.

Cloud users and database administrators can provision and manage multiple database instances as needed.

19

Lauching a VM - Video

htteps://���.youtube.com/�atch?v=KBP1t1daSj8&feature=youtu.be

20

Attaching a Volume - Video

htteps://���.youtube.com/�atch?v=�_9GuLejub8&feature=youtu.be

21

How to use the APIs

An Application Programming Interface (API) offeers a �ay to use the capabilities of a service by using predefirned functions.

Each core project �ill expose one or more HTTP/RESTful interfaces for the purpose interacting �ith the outside �orld

You can access the APIs �riting automation scripts in Python

To use the APIs �ith Python you can install each tool using the pip on command line:

pip install python-keystoneclient

Aftwer that you can source your openrc

When the openrc firle has been sourced, Python can retrieve the credentials from the enviroment

22

How to use the APIs

You can extract this information and get credentials to the authetication

Example of authentication a ne� nova client and list the instances:

23

How to use the APIs

Booting a ne� instance

Example of creation of a ne� instance:

24

Lauching a new Instance - Video

htteps://���.youtube.com/�atch?v=2jAgtjtNO0M&feature=youtu.be

25

What is new in Icehouse?

OpenStack Icehouse has nearly 350 ne� features to support softw�are development, managing data and application infrastructure at scale.

Trove

User/Schema management

Users can do CRUD management on MYSQL Users and Schemas through the Trove API

Flavor / Cinder Volume resizes

Resize up/down the flavor that defines the Trove instance

Resize up the optional Cinder Volume size if the datastore requires a larger volume

26

What is new in Icehouse?

Nova

New support for rolling upgrades minimizes the impact to running workloads during the upgrade process.

Notifications are now generated upon the creation and deletion of keypairs.

The Compute API now exposes the hypervisor IP address, allowing it to be retrieved by administrators using the nova hypervisor-show command.

Horizon

Now supports 16 languages including German, Hindi and Serbian.

Additional improvements to the general user interface and experience were also implemented

27

What is new in Icehouse?

Glance

The calculation of storage quotas has been improved.

Ceilometer

Alarming improvements

time-constrained alarms, providing flexibility to set the bar higher or lower depending on time of day or day of the week.

Telemetry features improved access to metering data used for automated actions or billing purposes.

Cinder

Ability to change the type of an existing volume (retype)

Ceilometer notifications on attach/dettach

28

What is new in Icehouse?

Keystone

Ne� v3 API Features

POST /v3/users/{user_id}/pass�ord allo�s API users to update their o�n pass�ords

/v3/regions provides a public interface for describing multi-region deployments

GET v3/auth/token?nocatalog allo�s API users to opt-out of receiving the service catalog �hen performing online token validation

Neutron

Icehouse focused on stability Neutron codebase

Many of the existing plugins and drivers were revised to address know performance and stability issues

29

Enough for this time