intro to openstack - wajug

Rackspace Technical Services

Introduction to OpenStack

April 10, 2023

WAJUG Meetup

About.me/kevjackson

RACKSPACE | www.rackspace.com

Kevin Jackson, Principal Architect@itarchitectkev

RACKSPACE® HOSTING | WWW.RACKSPACE.COM

OpenStack

OpenStack is open-source software used to build public, private and hybrid clouds

16,200 138

COMMUNITYSOFTWARE

Join our global community of technologists, developers, researchers, corporations and cloud computing experts.

OpenStack Software delivers a massively scalable cloud operating system.

COMPUTENETWORKING

STORAGEPEOPLE COUNTRIES

What is OpenStack?

The Mission

“To produce the ubiquitous Open Source Cloud Computing platform that will meet the needs of public and private clouds regardless of size, by being simple to implement and massively scalable.”

KEYSTONEIDENTITY

GLANCEIMAGE MANAGEMENT

NOVACOMPUTE LAYER

SWIFTOBJECT STORE

CINDERBLOCK STORAGE

NEUTRONNETWORKING

HORIZONDASHBOARD

CEILOMETERTELEMETRY

HEATOrchestration

NEUTRONLBaaS, VPNaaS, FWaaS

What is OpenStack?

What really is OpenStack?

OpenStack is like the Linux Kernel

What is Rackspace Private Cloud?

• Rackspace Private Cloud Software is powered by OpenStack, the same cloud platform we used to build the Rackspace public cloud. Because our Private Cloud Software is based on open-source technology, you don't have the risk of being locked into a proprietary platform.

RPC is the Distribution

InauguralDesignSummit in Austin

OpenStack Launch!

CloudFilesLaunches

May 2008

NASAwrites NovaController

First release

25+ partners

AustinSwift prod

Nova dev preview

35+ partners

First publicDesign Summit inSan Antonio

2009Mar 2006

RackspaceCloud Launches

Source: Randy Bias & Others

History Lesson

2nd Summit

Jan Feb Jul20

2nd release

3rd Summitin Santa Claraplus conference

Governance moves forwardwith project technical leads and policy board elections.

Decision to move to 6-month release cycle over 3-month

CactusNova for larger-

scale prod

Sept Oct

DiabloMajor stability release

First of 6-month releases

Rackspaceannounces plansto launchOpenStack Foundation

BexarNova for mid-sized prod

Glance added as core

Happy Birthday!

History Lesson

AT&T joinsOpenStack

Jan Feb May20

Created framework forFoundation

19 companiesannouncepublic support for Foundation

Drafting committeeformed - creatinglegal documents

EssexKeystone in core

Horizon in core

Aug Sep

BoardElections

HP Cloudlaunch

Framework &documents ratifiedby community

Inaugural OpenStackFoundation Boardmeeting

VMware, Intel & NECaccepted as Gold members

Foundation Launched!

FolsomCinder in core

Networking in core

History Lesson

GrizzlyCeilometer in incubation

HEAT in incubation

IcehouseHavanaCeilometer in integration

HEAT in integration

Summit inHong Kong

First Summit100% run andfunded by Foundation

Summit inParis

Summit inAtlanta

May Nov

Trove in Integration

Compute rolling upgrades

Block Storage migration

Federated Keystone

History Lesson

The OpenStack Programs

• OpenStack Compute (Nova) - integrated program since Austin release

• OpenStack Networking (Neutron) - integrated program since Folsom release

• OpenStack Object Storage (Swift) - integrated program since Austin release

• OpenStack Block Storage (Cinder) - integrated program since Folsom release

• OpenStack Identity (Keystone) - integrated program since Essex release

• OpenStack Image Service (Glance) - integrated program since Bexar release

• OpenStack Dashboard (Horizon) - integrated program since Essex release

• OpenStack Telemetry (Ceilometer) - integrated program since the Havana release

• OpenStack Orchestration (Heat) - integrated program since the Havana release

• OpenStack Database (Trove) - integrated program for Icehouse

• OpenStack Bare Metal (Ironic)

• OpenStack Queue Service (Marconi)

• OpenStack Data Processing (Hadoop) (Sahara)

Rackspace Private Cloud Architecture

• Rackspace Private Cloud (RPC) is OpenStack

• Easy to install

• Tested configurations

• Supported

• Community (Free)

• Fanatical Support (per node)

• Rackspace Private Cloud (Compute) is made up of

• 2 x Controllers (HA)

• N Computes (Hypervisors)

• N Cinder nodes (Block Storage)

• Rackspace Private Cloud (Object Storage)

• 2 x Identity

• Hardware Load Balancers

• N x Proxy

• N x Storage (With DAS/JBOD)

OpenStack Architecture

Hybrid Cloud: Dedicated to Cloud

Hybrid Cloud: Enterprise to Cloud

Hybrid Cloud: Multi-Cloud

Intro to Networking & SDN

Intro to Software Defined Networking

• OpenStack Networking: Neutron

• Networking Architecture for Rackspace Private Cloud

• Servers/Nodes

• Controller: Neutron API, Agents, Open vSwitch

• Computes: Agents and Open vSwitch

• Network Cards in each

• NIC for Host/Management

• Usually bonded into different switches for HA

• NIC for Neutron

• Usually bonded into different switches for HA

• Can be bonded for LACP

• Can have more than one NIC for different networks/speeds

Rackspace Private Cloud: Networking

Host or Management Network

• The Host Network is nothing more than the subnet the servers live on

• I.e. the OpenStack services run on this network

• Just like Apache or Bind would

• As a user of the private cloud, this is your address for the API / GUI

Provider Network

• This is the “Neutron” network

• Networks that go through these interfaces have been defined in OpenStack

• Neutron Provider Networks can be

• GRE Tunnels

• VLANs

• Flat Networking

• Can have multiple provider networks

• One for “Standard” traffic at 1G

• Another for “Fast” access at 10G

• When creating networks in Neutron, we can specify which NIC “bridge” to use for this purpose

Provider Network Type: GRE

• GRE Tunnel networks in Neutron form a mesh in OpenStack

• Each Compute and Controller will be able to send/receive packets over these networks

• Each GRE tunnel is given an ID

Provider Network Type: VLAN

• VLAN networks work as they would in a physical world

• Switch will have VLAN tags trunked on their ports

• An OpenStack user would create a Neutron network with a corresponding VLAN ID

• Providing all the switch ports have that VLAN ID, OpenStack Networking will work

Provider Network Type: Flat

• Flat Networking is the most basic

• It is analogous to Flat DHCP in “Nova Networking”

• A single flat structure with no network isolation

Physical Networking

Storage

OpenStack Block Storage

• OpenStack Block Storage

• Project Name Cinder

• Provides additional, usually resilient storage to instances

• Rackspace Private Cloud Supports

• Local Disk (LVM)

• EMC

• NetApp

• Solidfire (in your Datacentre)

• Can only attach a volume to one instance at a time

• Like a USB stick

• Typical Use Cases

• Tables for MySQL stored on Block Storage volumes

• Performance sensitive data

• Computes run SAS, use SSD-backed Block Storage

• Providing instances access to raw block storage

• Snapshots

• Backup and restore volumes of data

• Boot from Volume

• Ability to run image from block storage

• Good for the “Pets”

• Potentially less Orchestration

• Possibly Windows

• Volume is not deleted when an instance is terminated

What really is OpenStack?OpenStack Block Storage

• Rackspace recommends

• 1 core per 3TB capacity

• At least 6 SATA or SAS drives of at least 1TB capacity each.

• At least 2GB RAM, plus an additional 250MB RAM per TB of drive.

• RAID Controller with battery backup in RAID5 or RAID10 configuration.

Block Storage

OpenStack Object Storage

Object Storage: Swift

• API driven Object Storage

• Upload/Download via HTTP/HTTPS

• Highly Resilient Distributed Object Storage

• Data is written multiple times (default 3)

• Rings

• Account

• Container

• Object

• Location aware: Zones

• Disk Partition

• Disk

• Server

• Cabinet

• Datacentre

Highly Available Rackspace Private

HA and Non-HA in Private Cloud

Designing For Failure

• Your infrastructure must be HA

• Your apps running on your cloud should tolerate failure

• Automate everything

• Automate recovery

• Use load balancers

• Use message queues

• Put workloads suitable into the cloud

• Don’t expect “Live Migration”

• Live Migration is an Operations Function, not a design choice.

Designing For Failure

• In Rackspace Private Cloud

• Controllers are HA

• MySQL HA (Multi-Master)

• RabbitMQ Cluster

• APIs behind HA Proxy

• Keepalived for floating IPs

• Computes

• Individual scale out units

• Local storage

• Will fail at some point

Highly Available RPC: Keepalived

• Keepalived

• Uses Layer4 Load Balancing Module (IPVS)

• Uses VRRP (Virtual Redundancy Router Protocol)

• Uses multicast address 224.0.0.18 by default

• Specify VRID

• Must be unique on network

• Specify the Virtual IP (Floating IP)

• Watchdog monitors the keepalived processes

• Healthcheckers monitor health of service

• VIP Fails over when check of service fail

Highly Available RPC: Controllers

Highly Available RPC: MySQL + Keepalived

• MySQL

• Running Multi-Master

• Both nodes are able to handle “writes”

• In RPC we avoid conflict by using Keepalived

• Ensure we only write to a single node

• Multi-Master allows for automatic recovery

• No manual promotion of Slave to Master

• But we treat other “Master” as a “Slave”

Highly Available RPC: MySQL + Keepalived

Highly Available RPC: RabbitMQ + Keepalived

• RabbitMQ

• Running Cluster

• Rabbit 3.x

• Use Keepalived to write to a single RabbitMQ node

• Allow failover to other clustered node

• RabbitMQ failover is complex!

Highly Available RPC: RabbitMQ + Keepalived

Highly Available RPC: API HA Proxy Keepalived

• APIs

• Nova API

• Glance API

• Keystone API

• Neutron API

• Cinder API

• Horizon

• Utilise HA Proxy

• HA Proxy configured on each controller

• Each HA Proxy config knows about the other controller too

• Hit the HA Proxy controlled by Keepalived

• But that request is load balanced across both nodes (backend)

Highly Available RPC: API HA Proxy Keepalived

Highly Available RPC: Compute

• Non-HA

• Design for failure

• Evacuate and Live Migration

• DRBD block migration

• Shared storage

• KVM: Still a pause

• Good for Operations, not for reliance on HA

Highly Available RPC: Block Storage

• Cinder API

• HA

• Cinder Backends

• NetApp, EMC, etc. (Enterprise Storage)

• Assumed HA/Resilient

• LVM

• Utilise local disk/DAS/JBOD

• Deploy more than one in Private Cloud

• Computes mount volume from Cinder1

• Computes also mount volume from Cinder2

• Software RAID the two volumes

Rackspace Private Cloud Sandbox

RPC Sandbox

• If you are wanting hands on instance access

• http://www.rackspace.com/cloud/private

• Download Virtual Box or VMware OVA

• Also

• Vagrant (http://www.vagrantup.com/

• VirtualBox (http://www.virtualbox.org/)

• Git

• https://github.com/BigCloudSolutions/VagrantSwift

• https://github.com/OpenStackCookbook/OpenStackCookbook

Rackspace Private Cloud Installation

Install Rabbit MQ

Installation of Chef

Configuration of Chef Client

Fetch and Upload Cookbooks

Configuration of Environment

Bootstrapping Nodes

Chef Client

Testing Installation

Rackspace Private Cloud Ready

CHEF PREP INSTALL DONE

What really is OpenStack?RPC Installation Steps

Easy installation of RPC

• Head to http://www.rackspace.com/cloud/private

• Follow the instructions

• Scripts to install Chef

• Scripts to install Rackspace Private Cloud Cookbooks

$ mkdir -p /opt/chef-cookbooks

$ COOKBOOK_VERSION=v4.2.2$ apt-get install git -y$ git clone https://github.com/rcbops/chef-cookbooks.git /opt/chef-cookbooks$ pushd /opt/chef-cookbooks

$ git checkout ${COOKBOOK_VERSION}$ git submodule init$ git submodule sync$ git submodule update # Upload all of the RPCS Cookbooks$ knife cookbook upload -o /opt/chef-cookbooks/cookbooks -a$ popd

$ knife role from file /opt/chef-cookbooks/roles/*.rb

Fetch and upload Cookbooks

What really is OpenStack?Configuration of Environment

• Define our RPC OpenStack in a single JSON for Chef to use

• Define

• Nova Configuration (hypervisor, scheduler, etc)

• Networking

• Neutron (default type, vlans, etc)

• Glance

• Cinder

• MySQL

• Rabbit

• HA Details (VIPs to use)

• etc.

{ "name": ”rpcs", "description": "Environment for Rackspace Private Cloud", "cookbook_versions": { }, "json_class": "Chef::Environment", "chef_type": "environment", "default_attributes": { }, "override_attributes": { "monitoring": { "procmon_provider": "monit", "metric_provider": "collectd" }, "enable_monit": true, "osops_networks": { "management": "10.240.0.0/24", "swift": "10.240.0.0/24", "public": "10.240.0.0/24", "nova": "10.240.0.0/24" }, "rabbitmq": { "cluster": true, "erlang_cookie": "CookieContents" }, "nova": { "config": { "use_single_default_gateway": false, "ram_allocation_ratio": 1.0, "disk_allocation_ratio": 1.0, "cpu_allocation_ratio": 2.0, "resume_guests_state_on_host_boot": false }, "network": { "provider": "neutron" },

$ EDITOR=vi knife environment edit rpcs

$ knife environment from file rpcs.json

$ CONTROLLER1=10.240.0.1$ CONTROLLER2=10.240.0.2

$ COMPUTES=“10.240.0.3 10.240.0.4 10.240.0.5”

# Controllers (HA)$ knife bootstrap –E rpcs -r role[ha-controller1],role[single-network-node] ${CONTROLLER1}

$ knife bootstrap -E rpcs -r role[ha-controller2],role[single-network-node] ${CONTROLLER2}

# Computes$ for node in ${COMPUTES};do knife bootstrap -E rpcs-r role[single-compute] ${node}done

What really is OpenStack?Bootstrapping Nodes

• Bootstrapping configures and installs chef-client

• and conveniently allows us to set roles too

$ chef-client$ ssh ${CONTROLLER2} chef-client$ chef-client

What really is OpenStack?Make Controllers HA

• To make Controllers HA and utilising the VIPS and synchronise the data between the two:

• Run chef-client on Controller1

$ knife ssh “role:single-compute” “chef-client”

What really is OpenStack?Run Chef-Client on Computes

• Finally, run chef-client on remaining nodes (Our Compute Nodes)

$ nova-manage service list

$ . openrc$ nova service-list$ nova hypervisor-list

$ . openrc$ neutron agent-list

What really is OpenStack?Testing the Installation

• Check Compute

• Check Networking

$ ovs-vsctl show

$ route -n$ ssh ${CONTROLLER2} route -n

What really is OpenStack?Testing the Installation

• Check Open vSwitch

• Check HA / Keepalived

QUESTIONS?

RACKSPACE® HOSTING | © RACKSPACE US, INC. | RACKSPACE® AND FANATICAL SUPPORT® ARE SERVICE MARKS OF RACKSPACE US, INC. REGISTERED IN THE UNITED STATES AND OTHER COUNTRIES.

RACKSPACE® HOSTING | 5 MILLINGTON ROAD | HAYES, UNITED KINGDOM UB3 4AZ

UK SALES: +44 (0)20 8712 6507 | UK SUPPORT: 0800 988 0300 | WWW.RACKSPACE.CO.UK

intro to openstack - wajug

cloud rackspace

openstack programs rackspace

rackspace public cloud

core rackspace

rackspace hosting

rackspace private cloud

mekevjackson rackspace

mission rackspace

Software

hands-on workshop, openstack summit, austin€¦ · 1....

intro to openstack cinder and icehouse bound

vmware integrated openstack installation and … integrated...

using openstack to integrate non-openstack service · using...

eos integration into openstack manila · contribute to...

intro to openstack trove & database as a service (dbaas)

stack attack - vtluug intro to openstack.pdf · the...

intro openstack

openstack pakistan workshop (intro)

intro to openstack trove & database as a service (dbaas) &...

how to build your own openstack distro using puppet...

agenda - matrix 30122015/cloud intro - guy carmin.pdfwhy...

openstack intro iqbal dist - department of computer ... ·...

leading openstack to success red hat openstack...

brkdct-1253: introduction to...

intro to openstack - scott sanchez and niki acosta

introduction to openstack -...

openstack quantum intro (os meetup 3-26-12)

introducción a openstack...

contributing to openstack