Upload
hp-helion
View
1.260
Download
1
Tags:
Embed Size (px)
DESCRIPTION
How do you design and deploy a hybrid cloud application service using Openstack, VMware Vcenter and HP Public Cloud Service? How do you automatically scale your multi-tier application to respond to peak demand? This presentation will focus on the architecture blueprint and best practices for designing a scalable hybrid cloud application service using Openstack API and HP Cloud technology components. It will also highlight the following aspects: -Application resource management -Orchestration of an application deployment on top of Openstack cloud -Performance and Security considerations
Citation preview
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Application Deployment in Hybrid Cloud Openstack Grizzly Summit, Portland
Pascal Joly - April 15th , 2012
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2
Agenda
•User story •Tooling and Deployment Architecture •Service Modeling with HP Cloud Service Automation •Interactions with Openstack Public Cloud •Best Practices: Performance, Flexing, Security •Future opportunities •Q&A
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3
Apache Load
balancer
Tomcat1
Tomcat2
MySQL DB
Initial deployment to private cloud
Peter in marketing needs to launch a new product sales campaign • Hot new company product
• Outside vendor app for demo and orders
• Expecting large customer response
• Needs it yesterday
He calls Stan in IT
Marketing App – private cloud
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4
Apache Load
balancer
Tomcat1
Tomcat2
MySQL DB
Tomcat3
HP Cloud Services
Bursting to public cloud
A few weeks go by, and Monitoring reports tell Stan that Peter’s new app is beginning to hit it’s thresholds • Customer demand is through the roof
• Web servers are becoming heavily loaded
• No in-house resources are available
Time to add capacity… NOW!
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5
Very Well but…
How do you make your solution reusable for another application? Other types of infrastructure? What about performance issues? How do you build a scalable solution? How do I manage the security of my application? How do I control my resource pool? When should I flex?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 6
Step by step initial deployment and bursting Application Delivery architecture: process flow
Private Cloud
Private Cloud Public Cloud
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7
Tool ecosystem interaction
Solution Architecture
Service portal
Orchestration engine
Software deployment
and configuration
Openstack Public Cloud
Hypervisor Private cloud
Monitoring
Service Design
CSA
CSA CSA SA Sitescope
Hp Software Components: •CSA: Cloud Service Automation •SA: Server Automation •Sitescope: agentless Monitoring
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8
HP CSA service design interface Application Delivery architecture: service modeling
Private Cloud Public Cloud
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 9
Deploy an Application component in the public cloud
Service execution
HPCS
Resource Offering Interface
Openstack Nova API
Resource offerings
HP CSA Service Design UI
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10
HPCS public cloud IaaS
Interaction with Openstack instance
• Regional Architecture • Designed with N+1 power redundancy made up of three independent power systems
• Contains a minimum of 3 physically separate availability zones (AZ)
• Each Availability zone …
• Is fed by two independent power feeds from separate substations
• Has a minimum of two network drops at separate ends of the facility
• Contains redundant power to each rack and diverse cabling to eliminate any single points of failure
• Compute: • Shared images, security groups, and floating IPs
• HA across availability zones and regions
• Security • Hardened with Fortify
• ssh key management
AZ1
AZ2 AZ3
AZ1
AZ2 AZ3
East West
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11
Lessons learned
Interaction with Openstack instance
Key storage and management Zone/region/geography selection (nova) Error checking and reporting (input properties vs. provider properties) Debugging using python Nova client nova boot novaserver7 --flavor 100 --image 1233 --key_name pj-2 --security_groups frontend
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12
Optimizing the application dynamic provisioning
Performance
Software def lib
Target VM
Deploy software policy to target
tomcat
Public cloud
Software def lib master satellite
tomcat tomcat
Deploy software policy to target
Target VM
Target VM
Public cloud
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13
Flexing
Quota and capacity allocation to control resources (by tenant) Manual vs. Scheduled vs. automated based on threshold Trigger threshold considerations: business driver and application health Change Management (approval/notification/CMDB)
When and How much?
load
time
threshold
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14
a Balancing Act…
Security
Data privacy concerns Application security Security rules to allow management and application flow across firewalls VPCs: create isolation within target public cloud.
Sw Lib App Tier
agent
satellite
Corporate fw Security groups
iptables
iptables monitoring
LB
Exec engine
DB
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 15
Opportunities with new Openstack projects
Provide additional security layer to isolate application tier within Public Cloud (VPC with “Openstack Networking”) Using Load Balancing as a service (Atlas) Ceilometer/Healthnmon: monitoring of target nodes
DB App Tier
myAppVPC myAppVPC IP subnet Openstack
public cloud
LBaaS
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16
For More Information
Attend other presentations during the week Stop by the Hp booth Learn more about HP Cloud Service Automation: http://en.wikipedia.org/wiki/HP_Cloud_Service_Automation_Software
http://www8.hp.com/us/en/software-solutions/software.html?compURI=1172051
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17
Any Questions?