reimagining openstack* na 2016.pdfnova/cinder/glance api subset users & front end control plane...

1

Reimagining OpenStack*

Kristen Accardi

*Other names and brands may be claimed as the property of others.

2

"Evaluators of OpenStack believe that complexity and difficulty of deployment are decreasing, while users of OpenStack are more likely to rate that complexity and difficulty of deployment are increasing,"

--http://talligent.com/wp-content/uploads/2016/03/2016-State-of-OpenStack-Report.pdf

3

“Along with a lack of operational tools, other challenges identified in the OpenStack survey included security concerns. Just over one-quarter of respondents cited an inadequate security framework while 23 percent flagged the lack of operational tools as the biggest challenges posed by OpenStack.”

--http://talligent.com/wp-content/uploads/2016/03/2016-State-of-OpenStack-Report.pdf

4

“85% of users are currently paying for support. Maturation is not happening fast enough”

--http://talligent.com/wp-content/uploads/2016/03/2016-State-of-OpenStack-Report.pdf

5

6

Today, Intel is investing in and around OpenStack* to make it higher performing and easier to deploy

*Other names and brands may be claimed as the property of others.

7

The data speaks to a multi-modal future

8

If we created OpenStack*today, what would it look

like ?

*Other names and brands may be claimed as the property of others.

9

● Workload agnostic● Fully secure● Highly scalable● Continuous integration● Ease of deployment

10

ciao!(Cloud Integrated Advanced Orchestrator)

11

Nova/Magnum/Ironic/Neutron API’s Nova/Cinder/Glance API subset

Users & Front end

Control plane

Compute resources

Storage

Networking

Horizon WebUI

OpenStack CLI

ciao WebUI

ciaoCLIK

eystone (Identity Services)

Keystone

ciao controller

ciao scheduler

H/W

VM VM

H/W

Container

H/W

ContainerVM

H/W

Bare Metal App

ciao networking

ciao image (cephfs)

GlanceOS Disk Images

CinderUser Data

Disks

SwiftObject

StorageNova

NetworkingNeutron

Networking

NovaVM

Scheduling

Magnum Container

Scheduling

IronicBare Metal Scheduling

H/W

VM VM

H/W

VM

H/W

Bare Metal App

Container

Nova Nova+Magnum Ironic

OpenStack* ciao Architecture comparison

Ciao Launcher Ciao Launcher Ciao Launcher Ciao Launcher

ciao storage (ceph)

*Other names and brands may be claimed as the property of others.

12

13

Highly scalable Push/pull scheduler Fair scheduling (for now) Distributed decision making Asynchronous IPC Stateless components

Scheduler

Launcher Launcher

Controller

READYSTATS START/STOP

DELETE

STATS

START/STOPDELETE

14

Workload agnostic● All instances are equal● Hypervisor abstraction● L2 connectivity

Launcher

qemu Docker

CtrVM

Tenant bridge

Launcher

qemu Docker

Ctr

Tenant bridge

Launcher

qemu

TenantCNCI

Docker*

NetworkingNode

ComputeNode

ComputeNode

GRE Tunnel

*Other names and brands may be claimed as the property of others.

15

Architected for security● SSNTP (TLS) internally● HTTPS externally● Enforced tenant segregation

Scheduler

Controller

Launcher LauncherLauncher

Launcher

UICLI

KeystoneSSNTPHTTPS

16

17

Ceph/Cephfs Cluster

Controller

Scheduler

Image Service

Node Node

Cephx

Persistent data & image storage via Ceph/Cephfs

18

Continuous deployment / continuous integration

● Designed for update● Updating is not the exception● Stateless components● Golang static binaries

19

Ease of deployment● Minimal/zero config● Certificates generated and deployed

in/from one central place● SSNTP certificates information● Simple protocol to propagate cluster

configuration

Scheduler Configurationbackend

Launcher

CONNECTCONNECTED[configuration]

ControllerCONFIGURE[configuration]

CONFIGURE[configuration]

20

Simple and integrated

● Simple scheduling● Simple networking● Simple topology● Simple asynchronous IPC

Implements Integrates with

Nova Keystone

Nova-Network+ Ceph/Cephfs

Magnum

Kuryr

Horizon

Cinder

Glance

21

Contributing to ciao

● 100% Go● Simple, minimal processes● Open communication● Unique opportunity to influence the cloud ecosystem

22

Next steps

● Storage: Image and Block storage ● OpenStack compatibility (APIs)● Bare metal support● Networking (public IP support, Performance, multiple CNCIs, security groups, tunnel

encryption, OVS)● HA/Resilience● Scheduling improvements (capability based, affinity, estimations...)● Distributed Tracing● Benchmark/performance characterization

23

ciao: Getting involved

Start Here! https://clearlinux.org/ciao

Check us out on github! https://github.com/01org/ciao https://github.com/01org/ciao-webui IRC: #ciao-project on Freenode Mailing list: https://lists.clearlinux.org/mailman/listinfo/ciao-devel

24

Legal notices and disclaimersIntel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at intel.com, or from the OEM or retailer.

No computer system can be absolutely secure.

Tests document performance of components on a particular test, in specific systems. Differences in hardware, software, or configuration will affect actual performance. Consult other sources of information to evaluate performance as you consider your purchase. For more complete information about performance and benchmark results, visit http://www.intel.com/performance.

Intel, the Intel logo and others are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.

© 2016 Intel Corporation.