Introduction to OpenStack Nabil Abdennadher, HES-SO What is - - PowerPoint PPT Presentation

introduction to openstack
SMART_READER_LITE
LIVE PREVIEW

Introduction to OpenStack Nabil Abdennadher, HES-SO What is - - PowerPoint PPT Presentation

Aug 21, 2023 181 likes •748 views

Introduction to OpenStack Nabil Abdennadher, HES-SO What is OpenStack ? Free and open-source cloud-computing software platform. Provides services for managing a Cloud environment on the fly. Consists of a group of interrelated

slide-1
SLIDE 1

Introduction to OpenStack

Nabil Abdennadher, HES-SO

slide-2
SLIDE 2

2

  • Free and open-source cloud-computing software platform.
  • Provides services for managing a Cloud environment on the fly.
  • Consists of a group of interrelated projects that control pools of

processing, storage, networking resources, authentication, storage, etc.

  • Initially designed to provide services for an IaaS
  • Today, OpenStack provides “high level” services

What is OpenStack ?

slide-3
SLIDE 3

3

  • OpenStack (architecture, projects, services)
  • A use-case: hepiaCloud. Learned lessons
  • OpenStack client
  • OpenStack SDK

Plan

slide-4
SLIDE 4

A bit of OpenStack history

4

  • 2005-2010: Rackspace develops their cloud solution
  • March 2010 - decides to open source it
  • May 2010 - NASA open sources its Nebula platform
  • June 2010 - NASA and Rackspace join hands to create OpenStack
  • July 2010 - Inaugural design summit in Austin convened with 25+

partners

  • August 2011: Canonical backs OpenStack
  • Oct 2011 - DELL adopts OpenStack
  • 2012 - AT&T, HP, VMWare, Intel, NEC joins OpenStack
  • Sep 2012 - OpenStack foundation formally launched
slide-5
SLIDE 5

5

OpenStack releases

https://releases.openstack.org/

slide-6
SLIDE 6

OpenStack forum

6

  • OpenStack foundation serves more than 60,000 Individual Members

from over 180 countries around the world.

slide-7
SLIDE 7

Cloud Infrastructures, based

  • n OpenStack

7

slide-8
SLIDE 8

8

Basic services

slide-9
SLIDE 9

9

Identity service : Keystone

  • Keystone: provides identity services for OpenStack.
  • A

central list

  • f

users/permissions mapped against OpenStack services.

  • Keystone is organized as a group of internal services exposed on one
  • r many endpoints.
  • The Identity service generates authentication tokens that permit

access to the OpenStack services REST APIs.

slide-10
SLIDE 10

10

Identity service : Keystone

  • Clients obtain this token and the URL endpoints for other service APIs

by supplying their valid credentials to Keystone.

  • Each time you make a REST API request to an OpenStack service,

you supply your authentication token in the X-Auth-Token request header.

slide-11
SLIDE 11

11

  • Glance: provides image services to OpenStack.
  • "images" refers to images of hard disks. Used as templates for

deploying new VMs.

Image Service: Glance

slide-12
SLIDE 12
  • A client: any application that makes use of a Glance

server.

  • REST API: Glance functionalities are exposed via

REST.

  • Database Abstraction Layer (DAL): an application

programming interface (API) that unifies the communication between Glance and databases.

  • Glance

Domain Controller: middleware that implements the main Glance functionalities such as authorization, notifications, policies, database connections.

  • Glance Store: used to organise interactions between

Glance and various data stores.

  • Registry Layer: optional layer that is used to organise

secure communication between the domain and the DAL by using a separate service.

Image Service: Glance

https://docs.openstack.org/glance/pi ke/contributor/architecture.html

slide-13
SLIDE 13

13

  • OpenStack compute (nova): Manages the lifecycle of compute

instances in an OpenStack environment. Responsibilities include spawning, scheduling and decommissioning of virtual machines on demand.

  • Tools using nova:
  • Horizon
  • OpenStack Client: Official CLI for OpenStack Projects. It includes not just

nova commands but also commands for most

  • f

the projects in OpenStack.

Compute service: OpenStack compute (nova)

slide-14
SLIDE 14

14

  • Networking service (Neutron): provides the networking capability

for OpenStack. Enables Network-Connectivity-as-a-Service for other OpenStack services.

  • OpenStack Networking enables projects to create virtual network

topologies which may include services such firewalls, load balancers and Virtual Private Network (VPN).

  • Networking provides networks, subnets, and routers as object

abstractions.

Networking service: Neutron

slide-15
SLIDE 15

15

Networking service: Neutron

slide-16
SLIDE 16

16

  • Networking Option 1: Provider networks
  • The provider networks option deploys the OpenStack Networking service in the simplest

way possible with primarily layer-2 (bridging/switching) services and VLAN segmentation of networks.

  • It bridges virtual networks to physical networks and relies on physical network

infrastructure for layer-3 (routing) services.

  • A DHCP service provides IP address information to instances.
  • Networking Option 2: Self-service networks
  • The self-service networks option augments the provider networks option with layer-3

(routing) services that enable self-service networks using

  • verlay

segmentation methods such as VXLAN.

  • Essentially, it routes virtual networks to physical networks using NAT.
  • This option provides the foundation for advanced services such as LBaaS and FWaaS.

Networking service: Neutron

slide-17
SLIDE 17

17

Dashboard: Horizon

  • Horizon: The front
  • ffice of OpenStack.
  • The only native

graphical interface to OpenStack.

slide-18
SLIDE 18

18

Storage services: Swift &Cinder

  • Cinder: block storage component, analogous to the traditional access on

a disk drive.

  • Swift: storage system for objects and files.
  • Users refer to a unique file identifiers: OpenStack decides where to

store/back-up etc.

slide-19
SLIDE 19

Object storage

19

  • Data kept on object storage devices are accessed directly through APIs or

http/https.

  • Data : photos, videos, and log files.
  • The object store guarantees that the data will not be lost.
  • Object storage data can be replicated across different data centers and
  • ffer simple web services interfaces for access.
  • … Anyone who’s stored a picture on FB has used object storage.
slide-20
SLIDE 20

Object Data contains three things …

20

  • The data itself: the data can be anything you want to store.
  • Metadata: the metadata is defined by the user; it contains

contextual information: what data should be used for, its confidentiality, etc.

  • A globally unique identifier: the identifier is an address

given to the object in order for the object to be found over a distributed system. This way, it’s possible to find the data without having to know the physical location of the data.

slide-21
SLIDE 21

When to use the block storage (Cinder) ?

21

  • When Strong consistency is needed:
  • real-time systems such as transactional databases that are constantly

being written to.

  • a read request must return the most updated version of the data.
  • When scalability is no an issue
  • When scalability becomes more difficult within a geographically distributed

system.

slide-22
SLIDE 22

When to use Object storage (Swift) ?

22

  • Solving the increasing problem of data growth
  • Solving the provisioning management issues: Web content, data

backup, and archives are good use cases

  • metadata functionality, facilitate this ease of use.
  • Resiliency
  • at least three copies of every file are stored
  • The distributed storage design for high availability allows less-expensive

commodity hardware to be used

  • àThe data protection is built into the object architecture
  • The downside is that there is no guarantee that a read request returns the

most recent version of the data.

slide-23
SLIDE 23

Swift resources

23

slide-24
SLIDE 24

24

  • Controller node runs:
  • Identity service (Keystone)
  • Compute management (nova)
  • Networking (Neutron)
  • Image Service (Glance)
  • Dashboard (Horizon).
  • Supporting services: SQL database, message queue, and Network Time

Protocol (NTP).

Controller Node

slide-25
SLIDE 25

25

  • Compute node(s)
  • Runs the hypervisor portion of Compute that operates instances. By

default, Compute uses the KVM hypervisor.

  • Runs a Networking service agent that connects instances to virtual

networks and provides firewalling services to instances via security groups.

Compute nodes

slide-26
SLIDE 26

26

  • Block Storage nodes
  • The optional Block Storage node contains the disks that the Block Storage

and Shared File System services provision for instances.

  • We can have more than one block storage node.
  • Object Storage nodes
  • Contain the disks that the Object Storage service uses for storing

accounts, containers, and objects.

  • Object Storage requires two nodes. We can deploy more than two object

storage nodes.

Storage nodes (optional)

slide-27
SLIDE 27

27

Hardware requirements

https://docs.openstack.org/neutron/lates t/install/overview.html

slide-28
SLIDE 28

28

https://docs.openstack.org/newton/install-guide- ubuntu/overview.html

slide-29
SLIDE 29

2019: There are 63 projects

29 https://governance.openstack.org/tc/reference/projects/

slide-30
SLIDE 30

30

  • Compute
  • Hardware Lifecycle
  • Storage
  • Networking
  • Shared Services
  • Orchestration
  • Workload Provisioning
  • Application Lifecycle
  • API Proxies
  • Web Frontend

Additional services

https://www.openstack.org/software/project- navigator/openstack-components#openstack-services

slide-31
SLIDE 31

31

  • trove: database service: provides cloud provisioning functionality for

database engines.

  • magnum: Container Infrastructure Management service. OpenStack

API service making container orchestration engines (COE) such as Docker Swarm, Kubernetes and Mesos available as first class resources in OpenStack

  • Ironic: Bare metal service. Collection of components that provides

support to manage and provision physical machines.

Additional services

slide-32
SLIDE 32

32

  • heat: Orchestration service
  • manila: Shared File Systems service (manila): provides coordinated

access to shared or distributed file systems.

  • aodh: Telemetry Alarming services (aodh): trigger alarms when the

collected metering or event data break the defined rules.

  • ceilometer: Telemetry data Collection service: provide the following

functions:

  • Efficiently polls metering data related to OpenStack services.
  • Collects event and metering data by monitoring notifications sent

from services.

  • Publishes collected data to various targets including data stores and

message queues.

Additional services

slide-33
SLIDE 33

Not all services are equally used or deployed!

33

slide-34
SLIDE 34

34

slide-35
SLIDE 35

35

  • OpenStack
  • A use-case: hepiaCloud. Learned lessons
  • OpenStack client
  • OpenStack API SDK

Plan

slide-36
SLIDE 36

hepiaCloud

36

  • Based on OpenStack (Newton)
  • Hypervisor: Linux-KVM
  • Heterogeneous resources
  • 8 servers: 128 GB RAM, 24 vCPU
  • 1 server : 504 GB RAM, 112 vCPU
  • 1 server : 504 GB RAM, 128 vCPU
  • 30 desktops: 32 GB RAM, 4 vCPU
  • hepiaCloud provides
  • 552 vCPU
  • ~2.1 TB of RAM
  • ~20 To of HDD
  • Instances are in a private network
slide-37
SLIDE 37

hepiaCloud

37

10 servers GbE network GbE network GbE network 15 desktops 15 desktops GbE network (a vlan through hepia’s network) BXXX (IT centre) A401 A425 Internet

slide-38
SLIDE 38

hepiaCloud architecture

hepiacloud .hesge.ch

slide-39
SLIDE 39

hepiaCloud architecture

slide-40
SLIDE 40

40

  • Network : 192.168.0.0/22
  • 192.168.0.1 – 192.168.0.254 : hypervisors (physical servers)
  • 192.168.1.0 – 192.168.3.254 : floating IP addresses

The network

slide-41
SLIDE 41

41

Configuring floating IP addresses

slide-42
SLIDE 42

42

  • ssh –i key.pem –p 10XXX ubuntu hepiacloud@hesge.ch

To access hepiaCloud instances

slide-43
SLIDE 43

43

  • The hardware requirements announced by OpenStack for the controller

node are under-estimated.

  • To build a stable IaaS based on OpenStack, we need more than six
  • months. OpenStack is developed and released around 6-month cycles!
  • OpenStack projects offer modularity, but make IaaS installation and

maintenance more complicated.

  • With its 60 projects (services), OpenStack is more than an IaaS

Learned lessons

slide-44
SLIDE 44

44

  • OpenStack (architecture, projects, services)
  • A use-case: hepiaCloud. Learned lessons
  • OpenStack client
  • OpenStack SDK

Plan

slide-45
SLIDE 45

45

  • Deploy the distributed Festival Search Engine

(FSE) on SwitchEngine and AWS

Exercise 1

slide-46
SLIDE 46

OpenStack client

46

  • OpenStackClient is a command-line client for OpenStack that brings the

command set for Compute, Identity, Image, Object Storage and Block Storage APIs together in a single shell with a uniform command structure.

slide-47
SLIDE 47

OpenStack Client

47

  • To install OpenStack Client: sudo pip install openstacksdk
  • Syntax: openstack command-name option…
  • penstack help
  • penstack command-name - help
  • Documentation is available on:
  • https://docs.openstack.org/python-openstackclient/latest/index.html
slide-48
SLIDE 48

Examples: Manage instances …

48

  • penstack server list : shows the ID, name, status, private and public

IP addresses for all instances in the project to which you belong

  • penstack server create
  • -flavor m1.medium --image <IMAGE_ID>
  • -key-name <KEYNAME>
  • -user-data <USER_DATA_FILE>
  • -security-group <SECGROUP_NAME>
  • -nic net-id= NETWORK_ID
  • -meta KEY= <VALUE>
  • -availability-zone nova:<ZONE-NAME>

INSTANCE_NAME

slide-49
SLIDE 49

Examples: Manage floating IP addresses

49

  • penstack floating ip list : list of floating IP addresses
  • penstack floating ip create ext-net: create a floating IP address
  • ext-net: Network to allocate floating IP from
  • penstack server add floating ip Instance-Name Floating-IP : assign a

floating IP to an instance

  • penstack server remove floating ip Instance-Name Floating-IP:

remove (disassociate) a floating IP from an instance.

  • penstack floating ip delete Floating-IP
slide-50
SLIDE 50

50

  • OpenStack (architecture, projects, services)
  • A use-case: hepiaCloud. Learned lessons
  • OpenStack client
  • OpenStack SDK

Plan

slide-51
SLIDE 51

51

  • To install: sudo pip install openstacksdk
  • Exercise 3 : Use OpenStack SDK to deploy the Festival Search

Engine application on SwitchEngine

OpenStack SDK

slide-52
SLIDE 52

52

conn = connection.Connection(**{ 'auth_url':auth_url, 'project_name':project_name, 'username':username, 'password':password, 'user_domain_name': 'default', 'project_domain_name': 'default', 'region_name': region

OpenStack SDK – Connect to OpenStack

slide-53
SLIDE 53

53

server = conn.compute.create_server ( name=name, image_id=image.id, flavor_id=flavor.id, networks=[{"uuid": network.id}], key_name=keypair.name, user_data=b64encode(userdata))

OpenStack SDK: Create an instance

slide-54
SLIDE 54

54

server = conn.compute.create_server ( name=name, image_id=image.id, flavor_id=flavor.id, networks=[{"uuid": network.id}], key_name=keypair.name, user_data=b64encode(userdata))

OpenStack SDK: Create an instance

slide-55
SLIDE 55

55

  • network_id = conn.network.find_network(public_network).id
  • floating_ip = conn.network.create_ip (floating_network_id=network_id)
  • floating_ip = conn.network.get_ip (floating_ip)
  • conn.network.add_ip_to_port(instance_port, floating_ip)

OpenStack SDK: Floating IP management

slide-56
SLIDE 56

56

  • conn.compute.delete_server(instance)

OpenStack SDK: Floating IP management