Mirantis Openstack DC 140918115540 Phpapp02

OpenStack
Overview
Paul Roberts
CONFIDENTIAL MIRANTIS
Principal Solutions Architect,

Mirantis
IRANTIS
2012
PAGE 1

MM
IRANTIS
2013
Who am I?
Network security startup
Acquired by MCI in 2005
Sun Microsystems Alumni
Hosted many internal services such as Shared
Shell
Carpathia Hosting
Cloud Architect with >48PB under management
Coraid
Principal Architect enabling customers to
simplify their complex storage architectures
Mirantis
Helping customers design fully operationalized
and automated clouds
MIRANTIS 2012
PAGE 2
Meetup Goals
Understand current OpenStack trends
Understand OpenStack purpose and use cases
Understand the OpenStack ecosystem
Definition
History
Programs (previously called Projects)
Understand OpenStack architecture

Logical architecture
Provision virtual machine (VM) request flow
Components details
IRANTIS
2012

MM
IRANTIS
2013
PAGE 3
What is Cloud?
Cloud compu?ng has transformed the way storage,

networking, and compute services are delivered.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 4
Traditional Public Cloud is Not Cheap

The public cloud is phenomenal if you need its
elas?city, but if you dont if you do a consistent
amount of workload its far, far beUer to go in-
house. Eric Frenkiel, MemSQL/Wired
[Things] that need really high performance, in terms
of [input and output] and reading and wri?ng to
memory really belong on bare-metal servers or
private setups. John Engates, CTO Rackspace/
Wired
Versus what wed get on the cloud, [private hos?ng
is] somewhere between 70 and 100 ?mes cheaper.
John Hall, CTO Tradesy/Wired
IRANTIS
2012

MM
IRANTIS
2013
PAGE 5
OpenStack Mindshare
MIRANTIS 2012
PAGE 6
Cloud Job Trends
MIRANTIS 2012
PAGE 7
However, AWS still run-away winner
IRANTIS
2012

MM
IRANTIS
2013
PAGE 8
Oh, Docker.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 9
In the end Developers Win.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 10
What is OpenStack?
As described by Wikipedia:
OpenStack is a cloud computing

project aimed at providing an
infrastructure as a service (IaaS).
IRANTIS
2012

MM
IRANTIS
2013
PAGE 11
What is OpenStack?
As described by the OpenStack Foundation:
Aims to produce the ubiquitous Open

Source Cloud Computing platform that
will meet the needs of public and
private clouds regardless of size, by
being simple to implement and
massively scalable.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 12
Cloud Exposed Capabilities (SPI Model)

Software as a Service
(SaaS):
browser or thin client
access
Platform as a Service
(PaaS):
remote login, to install
applications
Infrastructure as a
Service (IaaS):
Provision CPU, RAM, VM
Data Center (Hardware, Servers, Networking)
IRANTIS
2012

MM
IRANTIS
2013
PAGE 13
OpenStack Capabilities
Virtual machines (VMs) on demand
provisioning
snapshotting
Networks
Storage for VMs and arbitrary files
Multi-tenancy
quotas for different projects, users
user can be associated with multiple projects
IRANTIS
2012

MM
IRANTIS
2013
PAGE 14
OpenStack History
* Pre-July 2010 is predicated by Rackspace Cloud Files project (Swih), NASA Nebula project (Nova)
Date
Rel
Programs
Type
Note
Jul 2010
N/A
PoC
* Rackspace Hos?ng & NASA joint

launch
Oct 2010
Feb 2011
Aus4n
Bexar
Nova, Swih
Nova, Glance, Swih
PoC
PoC
Apr 2011
Cactus
Nova, Glance, Swih
Sep 2011
Diablo
Nova, Glance, Swih
Apr 2012
Sep 2012
Apr 2013
Oct 2013
Apr 2014

** 6 month development cycle
PoC
starts
1st produc?on release (Cactus) at
Prod
Internap (10/27)
Common web UI and shared

authen?ca?on mechanism added
Nova, Glance, Swih, Horizon, Keystone,
OpenStack Founda?on
Folsom
Prod
Quantum, Cinder
Established
Ceilometer and Heat incuba?on
Grizzly
Prod
Quantum, Cinder
projects added
Havana
Prod Quantum is renamed to Neutron
Neutron, Cinder, Heat, Ceilometer
Limited upgrade path from Grizzly
Icehouse Neutron, Cinder, Heat, Ceilometer, Prod
is available
Trove, Savanna, Ironic, Marconi
Essex
Nova, Glance, Swih, Horizon, Keystone Prod
MIRANTIS 2012
PAGE 15
OpenStack Integrated Programs

Compute (Nova)
Networking (Neutron)
Object Store (Swift)
Block Storage (Cinder)
Image Service (Glance)
Identity (Keystone)
Dashboard (Horizon)
Telemetry Service (Ceilometer)
Orchestration Service (Heat)
Database Service (Trove)
IRANTIS
2012

MM
IRANTIS
2013
Storage
Core
Shared Services
PAGE 16
OpenStack Incubation Programs

Data Processing (Sahara)
Queue Service (Marconi)
Bare Metal (Ironic)
IRANTIS
2012

MM
IRANTIS
2013
PAGE 17
Each OpenStack Program

Is also a top-level OpenStack component
Has an elected Project Technical Lead (PTL)
Has separate developers and design teams
Has a well defined public API
With the exception of Horizon, which is the Web GUI, all other
projects have a RESTfull (JSON/HTTP) API
Common generic API/Infrastructure (Oslo)

Has a separate database and isolated persistent
layer
IRANTIS
2012

MM
IRANTIS
2013
PAGE 18
OpenStack Architecture: Begining (Cactus)
MIRANTIS 2012
PAGE 19
OpenStack Architecture: 2 years later
MIRANTIS 2012
PAGE 20
Communication Types
Heat
Every OpenStack service exposes access to

res6ul API via HTTP
Each ac>on treated as distributed transac>on,
state built as MQ messages
Each service updates its own DB with state
informa>on as ac>ons are performed
Heat API
UI: Horizon or CLI

Nova
HTTP
AMQP
SQL
3rd-party
Direct access calls, ex. Plugins,

NetApp, Nicira, etc.
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 21
Part 1 Recap
OpenStack open source software for building IaaS
OpenStack release cycle is every 6 months
OpenStack is an umbrella over multiple independent
programs (components)
All OpenStack components talk RESTful API
Most OpenStack components have dedicated DB
(SQL) and MQ (QP), some talk to 3rd party
components using their native APIs
IRANTIS
2012

MM
IRANTIS
2013
PAGE 22
Use case: Provision VM

Most common and complex process
Interacts with most of OpenStack components
IRANTIS
2012

MM
IRANTIS
2013
PAGE 23
Initial State
Assumes Project is created,

provisioning quota is available, user
has an access to Horizon/CLI
Cloud Operator, DevOp, etc.
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 24
Step 1: Request VM
User logs in to UI
Species VM params: name,
avor, keys, etc. and hits
"Create" buWon
Provisioning via UI/CLI

Cloud Operator, DevOp, etc.
UI: Horizon or CLI
Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 25
Step 2: Validate Auth Data
Horizon sends HTTP request to

Keystone. Auth info is specied in
HTTP headers.
UI: Horizon or CLI
Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 26
Step 2: Validate Auth Data - Success

Keystone sends temporary token back
to Horizon via HTTP.
UI: Horizon or CLI
Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 27
Step 3: Send API Request to Nova API

Horizon sends POST request to Nova
API (signed with given token).
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 28
Auth Token Usage

Neutron
IRANTIS
2012

MM
IRANTIS
2013
PAGE 29
Keystone Architecture
OpenStack
Services
Rule management
interface and rule-
based authoriza>on
Policy
Backend
Keystone API
Contains
temporary
tokens
Token
Backend
Contains domains,
projects, roles and
role assignments
Catalog
Backend
Contains
endpoint registry
Deploys with its own DB but

can also be subs>tuted with
LDAP or other EAS
Iden?ty
Backend
IRANTIS
2012

MM
IRANTIS
2013
Assignments
Backend
Contains users
and groups
Creden?als
Backend
Contains
creden>als, e.g.
EC2 tokens
PAGE 30
Nova API Characteristics

Exposes REST API via HTTP.
Provides system for managing multiple APIs on
different sub-domains.
EC2-compatiblestarting to be deprecated
Compute APIall innovation happens here
The only "allowed" way to interact with Nova.

StatelessHA-ready.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 31
Step 4: Validate API Token

Nova API sends HTTP request to
validate API token to Keystone.
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 32
Nova Database
In theory can be any relational database
Most of the deployments are done with MySQL or
PostgreSQL
Nova API talks to database via SQLAlchemy

(python ORM (Object Relational Mapper))
Database HA should be done via external tools:
Galera
Multi-Master replication Model for MySQL (MMM)
IRANTIS
2012

MM
IRANTIS
2013
PAGE 33
Step 6a: Publish Provisioning Request

Nova API makes rpc.cast to
Scheduler. It publishes a short
message to scheduler queue
with VM info.
Nova
Request has been validated, but no ac>on

has been taken yet, i.e. which host, IP
address, etc.
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 34
Step 7: Pick up Provisioning Request

Scheduler picks up the
message from MQ.
UI: Horizon or CLI
Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 35
Nova Scheduler
Nova Scheduler is a daemon, which
determines, on which compute host the
request should run.
Only provisioning time componentnot like VMwares Distributed Resource
Scheduler (DRS)
Typically co-located with the Cloud Controller
IRANTIS
2012

MM
IRANTIS
2013
PAGE 36
Step 8a: Schedule Provisioning

Scheduler fetches
informa>on about the whole
cluster from database,
lters, selects compute node
and updates DB with its ID
Nova
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 37
Nova Scheduler: Filtering

Anity, An>-anity,
etc.
Eliminate
inapplicable hosts
IRANTIS
2012

MM
IRANTIS
2013
PAGE 38
Nova Scheduler: Examples

Based on Host statically
configured properties
Based on Host resources

left
SimpleCIDRAffinityFilter
AvailabilityZoneFilter
CoreFilter,
AggregateCoreFilter
RamFilter,
AggregateRAMFilter
DiskFilter
Based on already running

individual VMs
SameHostFilter
DifferentHostFilter
Based on Host load
Collocate/Distribute group
of VMs
GroupAffinityFilter,
GroupAntiAffinityFilter
IoOpsFilter
NumInstancesFilter
Based on image used

ImagePropertiesFilter
Write your own

IRANTIS
2012

MM
IRANTIS
2013
PAGE 39
Step 8b: Provision Scheduled

Scheduler publishes message
to the compute queue (based
on host ID) to trigger VM
provisioning
Nova
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 40
Step 9a: Start VM Provisioning

Nova Compute gets
message from MQ
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 41
Nova Compute Drivers

PowerV
M
HyperV
Containe
r
VM
VM
Containe
r
VM
VM
Docker
Nova Compute
Allows mul>ple hypervisor types per

cloud. Libvirt / KVM is most commonly
used in deployment
libvirt
XenAPI
Maintained
by IBM
Maintained
by Microso_
VMWare
ESXi
XCP
Xen
LXC
Qemu
KVM
VM
VM
Contai
ner
VM
VM
VM
VM
Contai
ner
VM
VM
vSphere
VM
VM
VM
VM
Bare
Metal
Tilera
Maintained
by Citrix
PXE
Nai>ve support
comes in Icehouse
Somewhat
experimental
MIRANTIS 2012
PAGE 42
Step 9b: Start VM Provisioning
Nova Compute makes rpc.call to Nova

Conductor for informa>on on VM
from DB
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 43
Nova Conductor
controller node
nova-conductor
compute node
rpc.call()
nova-compute
DB
Eliminates remote DB access (security)

Horizontal scalability: spawn multiple worker threads operating in parallel (performance)
Hides DB implementation/schema from the Nova Compute (upgrades)
Possible offloading of long-running operations from other services, not just Nova Compute
Beneficial for operations that cross multiple compute nodes (migration, resizes)
IRANTIS
2012

MM
IRANTIS
2013
PAGE 44
Step 10: Configure Network

Nova Compute makes a call to
Neutron API to provision network
for the instance
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 45
Neutron
Provides a flexible API (POST / GET) for service
providers or their tenants to manage OpenStack
network topologies.
Create networks, associate VMs, set routers, etc.
Presents a logical API and a corresponding plugin architecture that separates the description of
network connectivity from its implementation.
One can still choose to stay with nova-network
(Essex approach) or to go with Neutron.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 46
Neutron Architecture
Horizon
Neutron CLI
Nova
Neutron
Optional depending
on plugin.
Neutron
Metadata Agent
Neutron Server
Neutron
Plugin
Neutron DHCP
Agent
Neutron DB
L3&DHCP Agents
Scheduler
Optional
Queue
Neutron L2 Agent
Neutron L3 Agent
Other Network
Services
IRANTIS
2012

MM
IRANTIS
2013
FWaaS, VPNaaS,
LBaaS, etc.
HTTP
AMQP
SQL
3rd-party
SDN
Controller, etc.
Local
vSwitches
Runs on each
Compute Node.
Optional depending
on plugin.
Optional depending
on plugin.
PAGE 47
Step 10: Configure Network (Continued)

Neutron congures IP, gateway, DNS
name, L2 connec>vity, etc.
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 48
Step 11: Request Volume

It is assumed a volume is already
created. Nova Compute contacts
Cinder to get volume data. Can
also aWach volumes a_er VM is
built.
Nova
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 49
Open Stack Storage Concepts

Ephemeral storage:
Persists until VM is terminated

Accessible from within VM as local file system
Used to run operating system and/or scratch space
Managed by Nova
Block storage:
Persists until specifically deleted by user

Accessible from within VM as a block device (e.g. /dev/vdc)
Used to add additional persistent storage to VM and/or run operating system
Managed by Cinder
Object storage:
Persists until specifically deleted by user

Accessible from anywhere
Used to add store files, including VM images
Managed by Swift
IRANTIS
2012

MM
IRANTIS
2013
PAGE 50
Cinder Resources
Volumes:
Persistent R/W Block Storage devices

Can be attached to VMs as secondary storage
Can be root store to boot VMs
Can be attached only to one instance at a time
Keep their state independent of instances
Snapshots:
Read-only point in time copy of a volume
Can then be used to create a new instance
Backups:
An archived copy of a volume
IRANTIS
2012

MM
IRANTIS
2013
PAGE 51
Cinder Architecture
Horizon
Cinder
Cinder CLI
Nova
HTTP
AMQP
SQL
3rd-party
Cinder API
Cinder Volume
Scheduler
Backend
Storage
Devices
Queue
Cinder Backup
Object Storage
Cinder DB
IRANTIS
2012

MM
IRANTIS
2013
PAGE 52
Cinder Volume Driver
iSCSI:
Dell EqualLogic
NetApp
EMC VMAX/VNX
HP 3PAR (StoreServ)
Hitach HDS
Huawei T/Dorad/HVS
HP 3PAR (StoreServ)
IBM Storwize family/SVC/XIV
HP / Lefthand SAN (StoreVirtual)
VMware VMDK
Huawei T/Dorado/HVS
IBM Storwize family/SVC/XIV
NFS
LVM (Reference Implementation)
Nexenta
Nexenta
NetApp
NetApp
VMware VMDK
SolidFire
Zadara
VMware VMDK
XenAPI Storage Manager
Windows Server 2012
Zadara
GlusterFS NFS (volumes as sparse files)
IBM General Parallel File System (GPFS) (volumes as sparse

files):
GPFS NSD
RADOS Block Devices (RBD):
IRANTIS
2012

MM
IRANTIS
2013
VMware VMDK
Scale Out File System (SOFS) (volumes as sparse files):
Coraid
Ceph
Shared SAS:
ATA over Ethernet (AoE):
NFS (volumes as sparse files):
Fibre Channel:
Scality
VirtIO (Local raw storage) (volumes as sparse files)
PAGE 53
Cinder Backup Drivers

Swift
Ceph
IBM Tivoli Storage Manager (TSM)
IRANTIS
2012

MM
IRANTIS
2013
PAGE 54
Step 11: Request volume (Continued)

Nova Compute sets up the
host mount if needed &
instructs the Hypervisor to use
vol. as a new block device
Nova
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 55
Step 12: Request VM Image from Glance

Nova Compute requests VM image
from Glance via Image ID
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 56
Glance
"The Glance project provides services

for discovering, registering, and
retrieving virtual machine images."
IRANTIS
2012

MM
IRANTIS
2013
PAGE 57
Glance Summary
Images-as-a-Service.
Can use multiple back-ends for image storage.
Can store the same image in multiple locations.
Supports multiple image formats.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 58
Glance Architecture
Horizon
Glance CLI
Nova
HTTP
AMQP
SQL
3rd-party
Swift
Glance
Glance API
Store Adapter
File System
Amazon S3
HTTP
Glance Registry
GridFS
Sheepdog
Glance DB
Ceph (RBD)
Cinder
IRANTIS
2012

MM
IRANTIS
2013
PAGE 59
Step 13: Get Image URI from Glance

If image with given image ID
can be found - return URI
HTTP Get URI
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 60
Step 14: Direct Image File Copy
Nova Compute can download

image using URI, given by Glance,
directly from Swift
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 61
Step 14 alternative: Image Copy through Glance
To leverage Glance Server caching mechanism

and addi>onal access restric>on, the Image copy
can go through Glance
UI: Horizon or CLI

Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 62
Step 15: Start VM Rendering via Hypervisor

Nova Compute creates a
command to Hypervisor and
delegates VM rendering to
Hypervisor.
Nova
In case of KVM / libvirtd this is a

single XML VM cong le
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 63
Step 16: VM is UP
Nova Compute sends a
message to Nova
Conductor to update DB
with VM state
Nova
UI: Horizon or CLI
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 64
Step 17: User is Happy

Horizon polls Nova API for
VM status and power
state, which is taken from
Database.
UI: Horizon or CLI
Nova
Keystone

KeystoneAPI

Compute NNode
ode
Compute
Nova API
Queue
Scheduler
Nova DB
Conductor
Cinder
Queue
Cinder DB
Cinder Vol
Block Storage
Node
Storage
nova-
compute
VM
Keystone DB
Hypervisor
Network
Glance
Glance API
Neutron
Cinder API
Neutron API
Scheduler
Scheduler
Cinder Backup
Plugin/Agent
Network Node
DHCP/IPAM
Router/GW
Glance
Registry
Neutron DB
Ceilometer
Ceilometer
Agent
API
Collector
MIRANTIS 2012
Glance DB
Queue
SwiG
Proxy Server
Object Store
PAGE 65
Recap:
Users log into Horizon and initiates VM creation
Keystone authorizes
Nova initiates provisioning and saves state to DB
Nova Scheduler finds appropriate host
Neutron configures networking
Cinder provides block device
Image URI is looked up through Glance
Image is retrieved via Swift
VM is rendered by Hypervisor
IRANTIS
2012

MM
IRANTIS
2013
PAGE 66
In the end Developers Win.
IRANTIS
2012

MM
IRANTIS
2013
PAGE 67
Special Offer for OpenStack DC Meetup

Sign up for any OpenStack class by Mirantis
in Washington, DC in 2014 and save 10% off the ticket price.
To redeem your discount, use the code DC_Meetup_2014
Course schedule in Washington, DC:
OpenStack Bootcamp with Exam (OS110)
Sep 30 Oct 3
OpenStack Bootcamp with Exam (OS110)
Nov 11 - 14
OpenStack Fundamentals (OS50)
Nov 17
OpenStack Bootcamp II (OS200)
Nov 18 - 20
For complete schedule, course description, and registration visit training.mirantis.com

IRANTIS
2012

MM
IRANTIS
2013
PAGE 68
Questions and Comments?

Paul Roberts
Twitter: pauljrob
proberts@mirantis.com
IRANTIS
2012

MM
IRANTIS
2013
PAGE 69

Mirantis Openstack DC 140918115540 Phpapp02

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Mirantis Openstack DC 140918115540 Phpapp02

Diunggah oleh

Hak Cipta:

Format Tersedia

OpenStack

Principal Solutions Architect,

Understand OpenStack architecture

Cloud compu?ng has transformed the way storage,

Traditional Public Cloud is Not Cheap

Cloud Job Trends

However, AWS still run-away winner

In the end Developers Win.

OpenStack is a cloud computing

Aims to produce the ubiquitous Open

Cloud Exposed Capabilities (SPI Model)

* Rackspace Hos?ng & NASA joint

Nova, Glance, Swih

Nova, Glance, Swih

Common web UI and shared

Nova, Glance, Swih, Horizon, Keystone Prod

OpenStack Integrated Programs

OpenStack Incubation Programs

Each OpenStack Program

Common generic API/Infrastructure (Oslo)

OpenStack Architecture: Begining (Cactus)

OpenStack Architecture: 2 years later

Every OpenStack service exposes access to

UI: Horizon or CLI

Direct access calls, ex. Plugins,

Use case: Provision VM

Assumes Project is created,

Cloud Operator, DevOp, etc.

UI: Horizon or CLI

Provisioning via UI/CLI

Step 2: Validate Auth Data

Horizon sends HTTP request to

Step 2: Validate Auth Data - Success

Step 3: Send API Request to Nova API

UI: Horizon or CLI

Auth Token Usage

Deploys with its own DB but

Nova API Characteristics

The only "allowed" way to interact with Nova.

Step 4: Validate API Token

UI: Horizon or CLI

Nova API talks to database via SQLAlchemy

Step 6a: Publish Provisioning Request

Request has been validated, but no ac>on

UI: Horizon or CLI

Step 7: Pick up Provisioning Request

UI: Horizon or CLI

Step 8a: Schedule Provisioning

UI: Horizon or CLI

Nova Scheduler: Filtering

Nova Scheduler: Examples

Based on Host resources

Based on already running

Based on Host load

Based on image used

Write your own

Step 8b: Provision Scheduled

UI: Horizon or CLI

Step 9a: Start VM Provisioning

UI: Horizon or CLI

Nova Compute Drivers

Allows mul>ple hypervisor types per

Step 9b: Start VM Provisioning