WIXLIB

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoBuilding a private cloud with OpenStackLausanne Cloud Meetup 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackIntroduction Software for creating private and public clouds (Infrastructure-as-a-Service), released as Open Source (Apache license) Initiated by Rackspace and NASA in 2010 NASA contributes compute platform Nebula Rackspace contributes storage platform Cloud Files Today OpenStack Foundation is supported by 500companies Current Platinum members: AT&T Canonical (Ubuntu Linux) HP Enterprise IBM Intel Rackspace Red Hat SUSE "OpenStack is the Linux of cloud computing.”2Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackHistory 2010-07 Rackspace and NASA launchOpenStack Open Source cloud softwareinitiative 2012-12 HP Enterprise starts offering publiccloud service based on OpenStack 2013-03 IBM/Softlayer start offering public 2010-11 first release, Austin 2011-04 Canonical starts to distributeOpenStack in Ubuntu 11.04 2012-04 Rackspace starts offering publiccloud service based on OpenStackcloud service based on OpenStack 2013-07 Red Hat starts to offer commercialsupport for OpenStack 2014-09 Oracle starts to distributeOpenStack in Oracle Linux 2012-09 OpenStack Foundation is launchedas an independent body3Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStack and the competitionOpenStack vs. OpenNebula vs. Eucalyptus vs. CloudStackTop 10 contributing orgsfor OpenStack in 2015Q1by email domain9.6% gmail.com7.3% redhat.com5.0% ibm.com4.7% mirantis.com4.6% hp.com1.6% rackspace.com1.4% intel.com1.2% yahoo-inc.com1.1% doughellmann.com0.8% cisco.comSource: Qingye Jiang, Open Source IaaS Community Analysis, http://www.qyjohn.net/?p 38014Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackDeployment options Deploy your own private cloudPrivate cloud deployment options Many options available from do-it-yourself to remotely operated Use a public cloudPlanInstall /configureOperate /maintainDo-it-yourselfPlanInstall /configureOperate /maintainGet help with planningPlanInstall /configureOperate /maintainLet service provider plan and install,then hand over to own sysadminsPlanInstall /configureOperate /maintainRemotely operated cloud Rackspace Public Cloud (since2012-04) HP Enterprise (since 2012-12) IBM/Softlayer (since 2013-03) and many othersClient has responsibility / control Open Source nature ofOpenStack avoids vendor lock-in!5Service provider has responsibility / controlLausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackUsers Among the most notable users of OpenStack AT&T Bloomberg CERN Cisco Webex Disney Fidelity Swisscom Walmart6Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackMain components OpenStack components are developed in Networking — Neutrontheir own sub-projects called programs Dashboard — Horizon Compute — Nova Identity (authentication and authorization) —Keystone Storage Object storage — Swift Block storage — Cinder7Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackIntegrated programs and incubation programsCompute (Nova)Networking (Neutron)Object store (Swift)Block storage (Cinder)Integrated programsStorageCoreImage service (Glance)Identity (Keystone)Dashboard (Horizon)Shared servicesMetering service (Ceilometer)Orchestration service (Heat)Database service (Trove)Incubation programsData processing (Savanna)Queue service (Marconi)Bare metal (Ironic)8Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackNot all projects are created equalWhatis yourismostfavoriteOpenStackproject?Whatis 6ResponsesResponses3198Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-1732(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStack / Amazon Web Services translation chartGeneric termOpenStack termAWS termCompute serviceNovaEC2 (includes compute service)Object storageSwiftS3Block storageCinderElastic Block Store (EBS)Image serviceGlanceAmazon Machine Image (AMI)Virtual machineInstanceInstanceVirtual diskVolumeVolumeFirewall configurationSecurity groupSecurity groupFixed IP addressFloating IP addressElastic IP address10Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackCompute — Nova Manages virtual machines in computeservers Receives requests from users Relies on hypervisors to implement the virtualmachines Can make use of KVM, Xen, ESX, Hyper-V, Creates / starts / stops / releases virtualmachines Determines on which server to create a VMrequested by a user (scheduling)Source: Dell, e-cactus-kvm-v-xenserver-v-esx.aspx11Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackBlock Storage — Cinder Service for offering virtual disks (volumes) thatcan be attached to virtual machines. The operating system in the VM sees a blockdevice and puts a file system on it. Functions: Create volume Create volume from snapshot Create volume from VM image Save volume in VM image Attach / detach volume to / from VM Create / delete snapshot Can use different storage technologiesunderneath Local disks SAN (Fiber Channel, iSCSI) NAS (NFS, CIFS)12Source: Rackspace, http://www.rackspace.com/knowledge Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackObject Storage — Swift Service for storing “objects" Files without structure Directories are not files Distributed architecture Deployed on a cluster of servers Three server roles Proxy server: Receives user requests andcoordinates storage servers. Storage servers: Offer disk space. Three typesof storage servers: Account server: Stores user accounts Container server: Stores containers Object server: Stores objects Consistency server: Responsible for looking forand finding errors (hardware or software failures)and correcting them.Source: Creationline http://www.creationline.com/lab/77213Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackLogical deployment topologyControl ing(Neutron)Image(Glance)Cloud control(Nova)Block meter)Compute clusterStorage cluster (block and object store)Compute nodeCompute nodeCompute nodeStorage nodeStorage nodeStorage nodeCompute nodeCompute nodeCompute nodeStorage nodeStorage nodeStorage nodeHeavy CPU and RAMHeavy disk and I/OBased on: Mirantis – OpenStack Overview and History, 2014Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStack architectureBeginning (2011)Source: Ken Pepple, ack-nova-architecture/15Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStack architectureTwo years later (2013)Source: OpenStack Grizzly logical architecture16Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStack architectureToday (2016)Source: OpenStack Liberty logical architecture, /get started logical architecture.html17Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackRelease schedule OpenStack is developed andreleased around 6-month cycles. Every 6 months a new release Each release gets security updatesfor only 12 months, then it isdeclared end-of-life Much shorter support timespan thanLinux distributions (3 - 10 years).Hard to keep up!18Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoOpenStackAutomated installation options Red Hat RDO — Install proof of concept on single node, extend to more nodes later TripleO — Deploy a production cloud TryStack — Play with OpenStack in a sandbox. Sandbox is provided as a cloud service Ubuntu OpenStack Autopilot — Canonical OpenStack installer for production and test environments BootStack — Installation service by Canonical SUSE SUSE OpenStack Cloud Admin Mirantis Fuel — Deployment and management tool for OpenStack Rackspace Openstack-Ansible — Ansible scripts and extensions for deploying production clouds 19Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoHEIG-Cloud Goal: Deploy a private OpenStack cloud at HEIG-VD for research and teaching Want to run clusters for Big Data analysis (Hadoop, Spark) Want to deploy a private PaaS (CloudFoundry) Hardware: 13 Dell PowerEdge servers Had previously installed Havanna In August 2015 started to install Kilo20Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoHEIG-CloudDeployment architectureCloud total: 168 VCPUsDell PowerEdge2 CPU socketsw/ 4 cores944 GB RAM16 T diskCloud administration96 GB RAM4 T diskCompute Compute Compute Compute Compute Compute StorageDell PowerEdgeStorageNetControllerworkingCompute Compute Compute2 CPU socketsw/ 12 cores256 GB RAMIntranetInternetInternal usersExternal users4 T disk21Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoConfiguration managementMachine life cycleIntroduction When the number of managedmachines exceeds a handful,manual configuration becomestoo cumbersome.BuildEntropy Configuration management toolsCleanautomate the installation andconfiguration of erverServerServerLausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoConfiguration managementTools Some popular configuration management tools: CFEngine Started in 1993 by Mark Burgess at Oslo University CFEngine 3 released 2009 Puppet Started in 2005 by Luke Kanies Written in Ruby, uses Ruby domain-specific language Chef Started in 2009 by Adam Jacob and people from Amazon Written in Ruby and Erlang, uses Ruby domain-specific language Ansible Started in 2012 by Michael DeHaan Written in Python23Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD

HEIG-VD IICT Dr. Marcel Graf, Bruno Brito CarvalhoConfiguration managementClient-server architecture (for example Puppet)ServerPuppetmasterPuppet has aclient-server architecture:Puppet agent clientPuppetmaster serverSystemadministratorPuppet protocolServerServerServerServerPuppet agentPuppet agentPuppet agentPuppet agentLoad balancerWeb serverApplicationserverDatabaseManaged machines must be prepared by installing Puppet agent.24Lausanne Cloud Meetup Building a private cloud with OpenStack 2016-03-17(C) 2016 HEIG-VD