Upload
ahmad-tfaily
View
39
Download
0
Embed Size (px)
Citation preview
OpenStack Ahmad TfailyJalal Mostafa
Agenda1.Before Openstack2.Profile of Openstack3.OpenStack Architecture and Components4.OpenStack, SDN & NFV in Telco Environments5.CERN Cloud Architecture6.China Mobile7.AT&T
2
CONVENTIONAL DATA CENTRE❖ Known for having a lot of hardware that is, by current standards at least, grossly underutilized
❖ All the hardware and their software are usually managed with relatively little automation.
❖ Very hard to find the right balance between capacity and utilization
❖ Variety of Applications
3
Manual Intervention❖Problem: Network Integration, Monitoring, Setting up high
availability and Billing❖Not hard to automate❖Existing automation frameworks like Puppet, Chef, JuJu, Crowbar
or Ansible are sufficient to automate the whole process❖Virtualization:
• Deploying a new system is fairly easy via provisioning a new VM• Yet, many things need to be done manually
4
Advantages of Automation
❖Cloud provider’s task: provide customers with resources and ensure it is enough any time
❖Cloud provider adds more resources when needed❖Automation can facilitate flexibility of the new resources in
terms of network integration, monitoring, etc…❖Users can start and stop VM in clicks
5
Automation❖Authorization Scheme: that matches clients’ requirements
e.g. managers stop/start VM while Administrators can add/remove VMs
❖Image Management: upon creating new VMs, clouds need pre-made images so that users do not have to install OSs by themselves
❖Resources Management e.g. processing power, storage, and network
❖Existing cloud solutions: OpenNebula by NASA, OpenQRM, Eucalyptus and OpenStack
6
Profile OpenStack
7
Introduction
❖An open source cloud platform.
❖Controls large pools of compute, storage, and networking resources throughout a datacenter.
❖All managed by a dashboard that gives administrators control while empowering their users to provision resources through a web interface.
8
OpenStack History
9
OpenStack Architecture and Components OpenStack
10
OpenStack Architecture
11
OpenStack Releases
12
OpenStack Modules
13
Components of Release
14
Edition Release name
Release date component
1 Austin 21 October 2010 Nova, Swift
2 Bexar 3 February 2011 Nova, Glance, Swift
5 Essex 5 April 2012 Nova, Glance, Swift, Horizon, Keystone
6 Folsom 27 September 2012 Nova, Glance, Swift, Horizon, Keystone, Quantum, Cinder
7 Havana 17 October 2013 Nova, Glance, Swift, Horizon, Keystone, Neutron, Cinder, Heat, Ceilometer
Component of Release
15
Edition Release name
Release date
component
8 Icehouse 17 April 2014
Nova, Glance, Swift, Horizon, Keystone, Neutron, Cinder, Heat, Ceilometer, Trove
9 Juno 16 October 2014
Nova, Glance, Swift, Horizon, Keystone, Neutron, Cinder, Heat, Ceilometer, Trove, Sahara
14 Newton 6 October 2016
Nova, Glance, Swift, Horizon, Keystone, Neutron, Cinder, Heat, Ceilometer, Trove, Sahara, Ironic, Zaqar, Manila, Designate, Barbican, Searchlight, Magnum, aodh, cloudkitty, congress, freezer, mistral, monasca-api, monasca-log-api, murano, panko, senlin, solum, tacker, vitrage, watcher
High Level Architecture
16
OpenStack Components❖ Compute (Nova)
❖ Networking (Neutron)
❖ Block Storage (Cinder)
❖ Identity (Keystone)
❖ Image (Glance)
❖ Object Storage (Swift)
❖ Dashboard (Horizon)
❖ Orchestration (Heat)
❖ Workflow (Mistral)17
❖ Telemetry (Ceilometer)❖ Database (Trove)❖ Elastic Map Reduce (Sahara)❖ Bare Metal (Ironic)❖ Messaging (Zaqar)❖ Shared File System (Manila)❖ DNS (Designate)❖ Search (Searchlight)❖ Key Manager (Barbican)
Horizon
❖A dashboard provides administrators and users a graphical interface to access.
❖such as billing, monitoring, and additional management tools for
18
Nova❖Provides compute as a service
❖The main part of an IaaS system
❖It is designed to manage and automate pools of computer resources
❖Compute's architecture is designed to scale horizontally
19
Nova - Components
20
Nova - Components
❖nova-conductor: Provides database-access support for Compute nodes
❖nova-consoleauth: Handles console authentication❖nova-novncproxy: Provides a VNC proxy for browsers
21
Nova API❖nova-api is responsible to provide an API for users and services
to interact with NOVA
22
Nova-scheduler:
❖Using Filters dispatches requests for new virtual machines to the correct node.
23
Nova-compute
24
Keystone❖Keystone is the identity service used for Authentication❖Set of assigned user rights and privileges for performing a
specific set of operations❖A user token issued by Keystone includes a list of that user’s
roles. Services then determine how to interpret those roles
25
Keystone sequence diagram
26
Keystone: auth flow
27
Glance❖The Glance project provides services for discovering,
registering, and retrieving virtual machine images. ❖Glance has a RESTful API that allows querying of VM image
metadata as well as retrieval of the actual image.
28
Glance Architecture
29
Cinder
❖Architected to provide traditional block-level storage resources to other OpenStack services
❖Presents persistent block-level storage volumes for use with OpenStack Nova compute instances
❖Manages the creation, attaching and detaching of these volumes between a storage system and different host servers
30
Cinder Architecture
31
Cinder
32
Swift
❖ A distributed object storage system designed to scale from a single machine to thousands of servers
❖ optimized for multi-tenancy and high concurrency
❖ •ideal for backups, web and mobile content, and any other unstructured data that can grow without bound.
❖ Swift provides a simple, REST-based API
33
Swift Components
34
Swift Architecture
35
Ceilometer❖OpenStack Telemetry provides common infrastructure to collect
usage and performance measurements within an OpenStack cloud.
❖ Its primary initial targets are monitoring and metering❖collect data for other needs. ❖Ceilometer was promoted from incubation status to an
integrated component of OpenStack.
36
Ceilometer Workflow
37
❖Collect from OpenStack components❖Transform meters into other meters if necessary❖Publish meters to any destination (including Ceilometer itself)❖Store received meters and read them via the Ceilometer REST API
Ceilometer Architecture
38
Trove❖OpenStack Database as a Service ❖high performance ,scalable and reliable❖relational and non-relational database engines❖Trove was promoted from incubation status to an
integrated component of OpenStack.
39
Trove Architecture
40
Sahara❖OpenStack Hadoop as a Service ❖Aims to provide users with simple means to provision a Hadoop
cluster by specifying several parameters❖ Sahara was promoted from incubation status to an integrated
component of OpenStack.
41
Sahara Architecture
42
Manila❖OpenStack File Share Service❖Provides coordinated access to shared or distributed file
systems.❖Manila was officially denoted as an incubated OpenStack
program during the Juno release cycle.
43
Manila Architecture
44
Manila Workflow
45
Neutron❖Network as a Service (NaaS)❖Provides REST APIs to manage network connections for the
resources managed by other OpenStack Services ❖Complete control over the following network resources in
OpenStack(Networks, Ports and Subnets)❖Build complex network topologies❖Limited L3 functionality (IP tables rules at host level)
46
Neutron Architecture
47
Neutron Plug-Ins❖Modular Layer 2 (ML2)❖Linux Bridge❖Open vSwitch
48
Neutron Services❖Load Balancer as a Service (LBaaS)❖Virtual Private Network as a Service (VPNaaS)❖Firewall as a Service (FWaaS)
49
Neutron Components
50
Neutron Components❖Neutron Server
• Implement REST APIs • Enforce network model• Network, subnet, and port• IP addressing to each port (IPAM)
❖Plugin agent• Run on each compute node• Connect instances to network port
❖Queue• Enhance communication between each• components of neutron
❖Database• Persistent network model
51
Neutron Components❖DHCP Agent (*)
• In multi-host mode, run on each compute node• Start/stop dhcp server• Maintain dhcp configuration
❖L3 Agent (*)• To implement floating Ips and other L3 features,such as NAT• One per network
52
OpenStack Network ML2
53
OpenStack Network ML2
54
Example
55
OpenStack, SDN & NFV in Telco Environments OpenStack
56
Transformation of Carriers Business Model
❖Complex and expensive infrastructure• Challenging to operate and maintain• slow rolling out of new services
❖Cloud-based Model• Always-on services• Affordable• Reliable• First attempt: Cloud RAN
57
Production Ready: NFV with OpenStack
❖Deployed on cost effective Commercial Off-The-Shelf (COTS) hardware
❖Based on Open Source Software• Can be easily adapted to any customization• Community Driven
❖Standard APIs❖Software-managed High Availability (HA)❖AUtomated Deployment❖Virtualized Infrastructure
• Scalable• Upgradable• Optimizable• Modular• Customizable 58
Production Ready: NFV + SDN + OpenStackSoftware Defined ComponentsResilient and ReliableFlexible and ExtensionableOptimized for PerformanceSecure
59
Carrier Benefits❖Network Operations Benefits
• Ease of automation• Increased Deployment Agility• Visibility with monitoring and alerting• Reliable• Self Healing• Highly Available
❖Cost Benefits• Multi-tenant• Flexible
❖Secure at Each Layer of the stack
60
OPNFV + OpenStack❖OPNFV is a carrier-grade, integrated, open source platform for
NFV products and services• widespread collaboration across many telco• uses OpenStack as Virtualized Infrastructure Manager
❖Telco running NFV implementations includes AT&T, China Mobile, Orange, SK Telecom and Telecom Italia
61
OPNFV + OpenStack
62
OPNFV + OpenStack“We are fully committed to open networking and open source including our work with OPNFV and OpenStack” - Alex Zhang, Principal Architect, China Mobile
“To keep up with the exponential growth of its network, AT&T is deeply committed to using open source networking technologies in our software-centric network. As we work to virtualize more of our network and implement a common infrastructure for VNFs, OpenStack and OPNFV will become important parts of our technology stack” - Margaret Chiosi, Distinguished Technical Architect, AT&T
63
Case Study: vCPE❖vCPE: Virtual Customer-
Premises Equipment❖Existing Solution:
• Edge networking devices are standalone nodes
• Provide advanced services (QoS, Dynamic Routing, NAT…)
• Complex software, prone to failure• Cheap Hardware, prone to failure• Cannot be easily Upgraded or
serviced
64
Case Study: vCPE❖ Apply SDN, NFV and OpenStack
to the network❖Move Control Plane to core
network❖Keep Data Plane at customer
premises with additional microservices
❖Benefits• Reduce CAPEX and OPEX• Improve service agility• Deliver personalized services• Transition to SaaS-based business
model• Improve customer experience
65
CERN Cloud Architecture OpenStack
66
What is CERN?❖European Organization for Nuclear Research❖Founded in 1954
• 21 state member• other countries contribute to experiments
❖Situated in the Swiss-French border❖Do fundamental research
67
CERN’s Large Hadron Collider❖Biggest machine in the world❖27km Tall - 175m
underground❖Accelerate 2 particle beams
traveling near speed of light❖Beams collide in 4 different
points of detectors❖Detectors are 100 MP digital
cameras 14000000 times in a second
❖Generates 25 PetaBytes per year
• Estimated 400 PB / year by 202368
CERN Data Centers❖2 Data Centers; one in Geneva and another in Budapest❖Data Centers are managed by OpenStack❖190k+ cores on 5000+ compute nodes running KVM and
Hyper-V❖16000+ VMs❖~160 PetaBytes stored at CERN❖June-August 2016: recorded > 0.5 PB ❖2400+ Images, 2000+ Users, 2500+ Projects
69
❖CERN deployed OpenStack in 2013❖Nova, Keystone, Glance, Heat, Horizon, Ceilometer, Rally❖26 Nova cells
• Single endpoint to users• Scale transparently between Data Centres• Availability and Resilience• Isolate different use-cases
❖HA only in the top cell❖2 Ceph instances
• A free-software storage platform, implements object storage on a single distributed computer cluster
OpenStack at CERN
70
OpenStack at CERN
71
Nova Deployment at CERN
72
Nova - Cell Scheduling❖ Different Cells has different hardware, configuration, hardware,
Hypervisor type❖Cell Scheduling is the process to schedule operations according
to cell capabilities e.g. hardware, availability❖Schedulers filters to use these capabilities❖It enables mapping projects to cells and restrict cell usage
according to project type
73
Nova-Network? in CERN❖CERN uses Nova-Network instead of Neutron
• An OpenStack networking module before Neutron• Deprecated• Better than Neutron in some use cases• Planned to migrate to Neutron
❖ Migration to Neutron, No Use of:• SDN or tunneling• Only provider networks• Flat networking. VMs directly connected to the real network• Floating IPs• DHCP or DNS Neutron services. Already have infrastructure
74
Keystone in CERN❖Two different keystone
infrastructure• Exposed to users• Dedicated to Ceilometer
❖Keystone nodes are VMs❖Integrated with Active
Directory❖Project lifecycle
• ~200 arrivals/departures / month
• Users subscribe to the cloud service
• Limited Quota of personal projects
• Shared projects created by request
75
Glance in CERN❖Uses Ceph backend in Geneva❖Glance Nodes are VMs❖Two sets of nodes: Exposed to user and Ceilometer❖No Glance image cache
76
Cinder in CERN❖Ceph and NetApp backends❖Extended list of available volume types (QoS, Backend,
Location)❖Cinder nodes are VMs
77
Ceilometer in CERN
78
China Mobile OpenStack
79
Who is China Mobile?❖One of the world’s largest telecommunication service providers
• Huge network scale• Huger customer base • Large market value
❖At end of 2014• 800M+ subscribers• 2.2M+ base stations• Covered more than 99% of the population of PRC
80
NovoNet❖Vision for the next-
generation network by 2020❖High-quality intelligent
network❖Based SDN and NFV
81
NovoNet❖Firstly deploy in Cloud Data
Centers and Packet Transport Networks (PTN)
❖Using OpenStack and OpenDayLight
❖Goal: Build out several enterprise service offerings under NovoDC including a virtual private cloud
82
NovoNet
83
AT&T OpenStack
84
Who is AT&T?❖American multinational telecommunications❖Already handling 114 PB a day of data❖By 2020, At&T network is expected to jump 10 folds❖Global Customers
85
AT&T Future Network❖Move 75 percent of its network infrastructure to the cloud❖Make greater use of software-defined networking (SDN) with
OpenDaylight and Open vSwitch❖Goal: Reduce deployment times for cloud "zones" from months
to days❖Use OpenStack tools to develop an end-user "resource
manager"❖Working on AT&T Integrated Cloud (AIC)
• 74 AIC zones in 2015• 105 AIC zones in 2016• 1000+in 2020• All running OpenStack
86
References❖http://openstack.org
• Tokyo Summit 2015 https://www.openstack.org/summit/tokyo-2015/• Austin Summit 2016 https://www.openstack.org/summit/austin-2016/• Barcelona Summit 2016
• https://wiki.openstack.org/❖http://linux.com
• Linux Foundation Blog https://www.linux.com/blog/learn/chapter/openstack/essentials-openstack-administration-part-1-cloud-fundamentals
❖https://www.opnfv.org/❖https://www.sdxcentral.com/cloud/open-source/definitions/❖https://www.opendaylight.org/news/user-story/2015/11/china-m
obile-builds-next-generation-network-opendaylight❖http://about.att.com/innovationblog/openstack_superuser
87