OpenStack Cloud Infrastructure

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

OpenStack Cloud Infrastructure

Sonit TayalProduct ManagerSolaris Core TechnologiesJune, 2016

Building Secure, Multi-tenant private clouds


Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

37/15/2016

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 4


OpenStack Overview

• Open source cloud software

– Generic solution for IaaS, PaaS and SaaS

–Modular architecture• Web portal for cloud admins and self-service users

• Cloud services exposed through APIs

• CLI, Python libraries, ...

• Combines compute, network andstorage resources– Self-service dashboard

– Services exposed through REST APIs

What is OpenStack?

Single Management Pane

VM VM VM

Virtualized Data Center Resources

5


OpenStack Services

Component Description Component Description

Nova Compute virtualization Glance Image management and deployment

Cinder Block storage Swift Object storage

Neutron Software defined networking Heat Application and VM orchestration

Keystone Authentication between cloud services Murano Application catalog

Horizon Web based dashboard Trove Database as a Service

Overview of Core Components

6


Oracle OpenStack for Oracle Solaris

HorizonCentralized Cloud Management

Zones and Kernel ZonesZero Overhead container and

Type 2 hypervisor

Nova / IronicSelf-Service Compute

and Bare Metal

Built into the Infrastructure

7

Elastic vSwitch and Open vSwitch

Application defined SDN and interoperability

NeutronSoftware Defined

Networking

ZFS File systemBuilt in compression,

encryption and deduplication

Cinder/SwiftCloud Scale storage

Unified ArchivesFast, flexible cloning and

disaster recovery

Heat/GlanceMurano/Trove

Platform as a Service


Simplify DevOps: Self-Service Provisioning of 12c PDBs through MuranoOpenStack Murano: Oracle 12c PDB Connector Application

Create an App Environment

Add PDB(s) Deploy

Horizon

Environment

SQL> create table …

Database Ready for

use


Enterprise Database as a Service with Trove

9

• Provision and manage database instances in the cloud

– Supports MySQL and other open source databases

–Working on single instance Oracle DB 11g/12c Trove support

• Integrated into OpenStack Horizon dashboard for self-service DB creation and management

ClusteredDatabase

Single InstanceDatabases


Motivation

• Reduce Deployment Time and Efforts

• Standardization and reduction of Complexity

• Support Flexible use of Resources

• Enable Self-Service LifeCycle Management

• Allow one Management Tool for Multiple Clouds

• Customer Requests

–OpenStack, IaaS, Oracle DB/DBaaS, Converged Infrastructure

OpenStack DBaaS ProjectSolaris

10


Converged Infrastructure

• Grouping multiple information technology componentsinto a single, optimized computing package

• Components may include

–Networking Equipment

– Servers

– Data-Storage Devices

– Software for IT infrastructure Management,Automation and Orchestration

Source: https://en.wikipedia.org/wiki/Converged_infrastructure

11


Converged Infrastructure with Oracle Solaris

12

Schematic with various node types


CI

CI Hardware InfrastructureDesign Decisions

Server• SPARC Server • x86 Server

Storage•NAS• SAN

Network• 10 GbE• Infiniband

10

20

30

40

Storage

Cloud mgntpackage

Reserved for

Expansion

Compute

Patch Panel

Network

EmptyPatch PanelPatch PanelPatch Panel

Empty

13


Services on each node

14


Architecture of a private cloud

• Network

– Single or multi-tenant cloud?

– Performance vs ease of setup?

• Storage– HA requirement?

– Storage performance vs cost?

15

The choices


Network Options


Flat network

• All devices are part of the same broadcast domain

• Reduces cost, maintenance and administration

• no redundancy or network isolation

18

For single-tenant simple clouds


Virtualized networks – VLAN and VXLAN

• Tagged VLAN

+ Encapsulation for overlay networks at layer-2

+ Excellent network performance

- Requires configuration of switches

• VXLAN

+ Encapsulation for overlay networks at layer-3

+ Easy to deploy - no need to configure switches

- Performance can be limited

19

For multi-tenancy


Storage Options


ZFS: Best Enterprise Cloud Storage for OpenStack

22

Component Advantage

Block Storage (Cinder) Both Solaris ZFS and ZFSSA support for Cinder block storage

Object Storage (Swift) Both Solaris ZFS and ZFSSA scale up for Swift object storage and are best solutions for NFS (Manila) due to NFSv4 and ACLs

Image Management (Glance)

VM images can be cloned and archived. Data can be archived with Swift and Oracle HSM integration.

ZFS Compression Reduce your cloud storage footprint 5-10X with ZFS compression

ZFS Data Security Encrypt multitenant cloud data or lock down tenant data with read-only file systems

ZFS Redundancy Protect cloud data storage with ZFS checksums and redundancy


Shared storage

+ Instance recovery with migration and evacuation

+ Operationally simple – “stateless”

+ Highly scalable

- Heavy I/O usage on some instances can affect instances on other nodes

23

Outside of the compute nodes


Local storage

+ I/O usage on one node doesn’t affect instances on other nodes

+ Direct access- better storage performance

+ Cost effective

- No instance recovery in case a compute node fails

24

Disks on the compute node


Cloud Architecture Options


Multitenant Cloud Architecture

26

Multi-node architecture with shared storage

Highly scalable

Highly Available

High isolation of cloud and control logic from outside


Multitenant Cloud Architecture

27

Multi-node architecture with local storage

Cost effective

Good storage performance


Single tenant Cloud Architecture

28

Multi-node architecture with shared storage

Best network performance

Highly Available


Single tenant Cloud Architecture

29

Multi-node architecture with local storage

Low cost

Good storage performance


Summary of all options

30


• Multitenant architecture provides better security and isolation in a multi-tenant environment but has a lower network performance and is more expensive to implement

• A cloud setup using iSCSI as storage and VLAN as l2 network, has low storage performance, lower reliability but better network performance, as compared to a setup using FC SAN and VXLAN.

31

Summary of all options


High Availabilty

• Services or HA Zones

– Zone Cluster

– Failover Cluster

–Mixed

Management Nodes

Management Node

L3 Node Zone

Util Zone

Management Node

L3 Node Zone

Util Zone

Oracle Solaris Cluster

Failover Cluster

Failover Cluster

Failover Cluster

Failover Cluster

Failover Cluster

Ctrl Zone

Ctrl Zone


Network isolation

• 4 different networks

– Isolation

– Availability

• Redundancy by DLMP

• Only 2 cables to be plugged to the datacenter!

33

Complete 10 Gbps infrastructure in the rack


• Expansion via compute and storage racks

• Expansion via identical racks

Multi Rack Scaling

Start Rack

ComputeExpansion

ComputeExpansion

StorageExpansion

Start Rack

Rack 4 Rack 2 Rack 3

Stor-age

Com-pute

Net-work

Stor-age

Com-pute

Net-work

Stor-age

Com-pute

Net-work

Stor-age

Com-pute

Net-work

Stor-age

Com-pute

Net-work

Com-pute

Com-pute

Stor-age


Multi Rack

...

OpenStack Network

CloudNetwork

Compute Nodes

StorageNodes

VM

VM

StorageNetwork

CI Rack

...

OpenStack Network

CloudNetwork

Compute Nodes

StorageNodes

VM

VM

StorageNetwork

CI Rack

...

OpenStack Network

CloudNetwork

Compute Nodes

StorageNodes

VM

VM

StorageNetwork

CI Rack

OpenStack Network

Cloud Network

Storage NW

Management Nodes

Cloud Mgnt Pack

Corporate NW

...

Logical Network Architecture


Simple and Secure Converged Infrastructure

• Build a cloud with Oracle OpenStack for Oracle Solaris– Fully supported and single contact

– Virtualize the workload and control logic with zero overhead virtualization

• Zero Downtime hardware maintenance– Live migrate Kernel Zones between different physical hosts

• Security - isolate the Cloud– No direct access to infrastructure components and Control Logic from outside the coud

– Immutable systems and secure patching

• Optimized for Oracle Database Workload– Faster provisioning and self service deployment

– Dynamic SGA resizing

36


Best Platform for Database as a Service

• Software in Silicon Advantages

– Protect against memory corruption

– 10X better query throughput

– 3X better in-memory utilization

• Efficient, Fast and Secure

– Zero overhead virtualization

– Fast DB cloning with ZFS

– Dynamically change SGA

– Security and resource isolation for PDBs

• Recognized Oracle license boundary

37

Shared Infrastructure

PDB PDB PDBPDB


Converged Infrastructure Cloud

• Simplified support through end-to-end Oracle OpenStack solution

– Oracle Database

– Compute, Networking and Storage

• Enterprise class DBaaS

• Zero overhead virtualization

• 3-20X less storage with ZFS compression

• 10X faster provisioning of DBs

• 5X faster deployment

• 168X faster update; no cloud outage

38

Oracle Solaris Compute

Oracle ZS3Storage


Oracle OpenStack for Oracle Solaris

Prevent attacks

Be more agile

Save money

39

The obvious choice for secure enterprise clouds

Your Enterprise Cloud

YOUR APP


References

• OpenStack Converged Infrastructure White Paper https://community.oracle.com/docs/DOC-1001147

• Setting up Oracle Solaris Cluster for OpenStack http://www.oracle.com/technetwork/server-storage/solaris-cluster/documentation/ha-for-openstack-cloud-2537455.pdf

More information

https://community.oracle.com/docs/DOC-1001147

http://www.oracle.com/technetwork/server-storage/solaris-cluster/documentation/ha-for-openstack-cloud-2537455.pdf


Questions?

• oracle.com/solaris

• @ORCL_Solaris

• facebook.com/oraclesolaris

• Oracle Solaris Insider

• blogs.oracle.com/solaris

• youtube.com/oraclesolaris

Learn More; Stay Connected

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 427/15/2016 Confidential - For Internal Use Only - v16-21


Simple, Secure and Compliant DevOpsFrom Development to Production

44

Securedeployment

YOUR APP

Set CompliancePolicy

Compliance Audit


OpenStack Kilo functionality

• OpenStack Kilo in Oracle Solaris 11.3 SRU

– Enhanced Cinder support• Remote SAN storage, Backup/Restore to Swift,

Volume Migration, Import/Export, NFS

– Enhanced Nova support• Secure live migration, evacuation, VM resize,

boot options, VM configuration with cloudbase-init

– Enhanced Neutron support• VPNaaS

– Automated upgrade from Juno

47

Technology

OpenStack Cloud Infrastructure