delivering iaas for the greek academic and research community
DESCRIPTION
Delivering IaaS for the Greek Academic and Research Community. Vangelis Koukis [email protected] Technical Coordinator, okeanos Project. Outline. okeanos ? Rationale Design Platform Features Internals Opensource Upcoming. What is okeanos?. ‘ okeanos’ is Greek for ‘ ocean’. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/1.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 1
[email protected]| 20111130
Delivering IaaS for the GreekAcademic and Research Community
Vangelis Koukis [email protected] Coordinator, okeanos Project
![Page 2: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/2.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 2
[email protected]| 20111130
Outline okeanos ? Rationale Design Platform Features Internals Opensource Upcoming
![Page 3: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/3.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 3
[email protected]| 20111130
What is okeanos?
‘okeanos’ is Greek for ‘ocean’.
Oceans capture, store and deliverenergy, oxygen and life around the planet.
![Page 6: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/6.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 6
[email protected]| 20111130
Compute
Network
Storage
Security
Virtual Machines
Virtual Ethernets
Virtual Disks
Virtual Firewalls
![Page 10: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/10.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 10
[email protected]| 20111130
okeanos service
Goal: Production-quality IaaS
Working Alpha: from July 2011 / 350 VMs / 200 alpha users
Target group: GRNET’s customers direct: IT depts of connected institutions
indirect: university students, researchers in academia
Users manage resources over a simple, elegant UI, or
a REST API, for full programmatic control
![Page 12: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/12.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 12
[email protected]| 20111130
How it all started
Need for easy, secure access to GRNET’s datacenters User friendliness, simplicity
Scalable to the thousands #VMs, TBs, users (Pithos: 10k)
running within GRNET’s AAI Federation Resell or build your own?
![Page 13: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/13.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 13
[email protected]| 20111130
Build on commercial IaaS?
Commercial IaaS Amazon EC2 not an end-user service
Need to develop custom UI, AAI layers
Vendor lock-in
Unsuitable for IT depts• persistent, long-term servers, custom networking requirements
Gain know-how, build on own IaaS reuse
for own services
![Page 14: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/14.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 14
[email protected]| 20111130
What about opensource?
Eucalyptus, OpenNebula, OpenStack Need a mature opensource core to build around Maturity, production-readiness?
proven in production environments, predictable
Extensibility? Flexibility? Upgradeability, maintainability?
![Page 16: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/16.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 16
[email protected]| 20111130
okeanos design decisions
Reuse existing components
Build on Google Ganeti
target commodity hardware
release to the community as opensource
![Page 17: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/17.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 17
[email protected]| 20111130
okeanos design principles
No need to make the world No need to support everything
Service developed and maintained by 10-15 people
Start from the architecture… …then discover, combine, reuse the right components
And for everything that’s not already available Do it yourself!
![Page 19: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/19.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 19
[email protected]| 20111130
Jigsaw puzzle
Synnefo custom cloud management software to power okeanos
Google Ganeti backend VM cluster management: physical nodes, VMs, migrations
OpenStack Compute API v1.1 with custom extensions whenever necessary
Then everything comes together UI, Networking, Images, Storage, Monitoring, Identity
management, Accounting, Billing, Clients, Helpdesk
![Page 20: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/20.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 20
[email protected]| 20111130
Why Ganeti?
No need to reinvent the wheel Scalable, proven software infrastructure
Built with reliability and redundancy in mind
Combines open components (KVM, LVM, DRBD)
Well-maintained, readable code
VM cluster management in production is
serious business reliable VM control, VM migrations, resource allocation
handling node downtime, software upgrades
![Page 21: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/21.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 21
[email protected]| 20111130
Why Ganeti?
GRNET already had long experience with Ganeti provides 280 VMs to NOCs through the ViMa service
involved in development, contributing patches upstream
Build on existing know-how for okeanos Common backend, common fixes
reuse of experience and operational procedures
simplified, less error-prone deployment
![Page 23: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/23.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 23
[email protected]| 20111130
Software Stack
Multiple users,multiple resources
Multiple VMson cluster
SingleVM
Synnefo
Ganeti
KVM
REST API
![Page 24: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/24.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 24
[email protected]| 20111130
Platform Designuser@home admin@home
Web Client CLI Client Web Client 2
GRNETdatacenter
Deb
ian
VirtualHardware
OpenStack Compute API v1.1
Direct Outof Band Access
Synnefo cloud management software
Google Ganeti
KVM
GRNET Proprietary
![Page 26: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/26.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 26
[email protected]| 20111130
Virtual Machine Actions
My_Windows_desktop
Shutdown
Reboot
Start Console
Destroy
![Page 27: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/27.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 27
[email protected]| 20111130
IaaS – Compute (1)
Virtual Machines powered by KVM
• Linux and Windows guests, on Debian hosts
Google Ganeti for VM cluster management
accessible by the end-user over the Web or
programmatically (OpenStack Compute v1.1)
![Page 28: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/28.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 28
[email protected]| 20111130
IaaS – Compute (2)
User has full control over own VMs Create
• Select # CPUs, RAM, System Disk
• OS selection from pre-defined Images
• popular Linux distros (Fedora, Debian, Ubuntu)
• Windows Server 2008 R2
Start, Shutdown, Reboot, Destroy
Out-of-Band console over VNC for troubleshooting
![Page 29: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/29.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 29
[email protected]| 20111130
IaaS – Compute (3)
REST API for VM management OpenStack Compute v1.1 compatible
3rd party tools and client libraries
custom extensions for yet-unsupported functionality
Python & Django implementation
Full-featured UI in JS/jQuery UI is just another API client
All UI operations happen over the API
![Page 30: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/30.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 30
[email protected]| 20111130
IaaS – Network (Virtual Ethernets)
Internet
Private Network 1
Private Network 2
Private Network 3
![Page 31: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/31.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 31
[email protected]| 20111130
IaaS – Network - Functionality
Dual IPv4/IPv6 connectivity for each VM Easy, platform-provided firewalling
Array of pre-configured firewall profiles
Or roll-your-own firewall inside VM
Multiple private, virtual L2 networks Construct arbitrary network topologies
e.g., deploy VMs in multi-tier configurations
Exported all the way to the API and the UI
![Page 33: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/33.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 33
[email protected]| 20111130
Spawn
Snapshot
Images
Ubuntumy own Ubuntu
![Page 34: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/34.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 34
[email protected]| 20111130
Clone
Snapshot
Images Storage
Ubuntu rootUbuntu + packages
![Page 35: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/35.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 35
[email protected]| 20111130
Images – Golden Image
golden Debian
![Page 36: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/36.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 36
[email protected]| 20111130
IaaS – Storage
![Page 37: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/37.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 37
[email protected]| 20111130
RADOS
Object Storage nodes
IaaS – Storage
Maps
Volume Composer
object I/O Monitor nodes
Storage
![Page 38: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/38.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 38
[email protected]| 20111130
IaaS – Storage (1)
First-phase deployment Pre-defined images of common OSs
Redundant storage based on DRBD
VMs survive node downtime or failure
Currently under testing Reliable distributed storage over RADOS
Combined with custom software for snapshotting, cloning
Dynamic virtual storage volumes
![Page 39: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/39.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 39
[email protected]| 20111130
IaaS – Storage (2)
Multi-tier storage architecture Dedicated Storage Nodes (SSD, SAS, and SATA storage)
OSDs for RADOS
Custom storage layer manages snapshots, creates clones over RADOS
OS Images held as snapshots
VMs created as clones of snapshots
![Page 40: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/40.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 40
[email protected]| 20111130
Custom Images: snf-image
Untrusted images Host cannot touch user-provided data
Resize fs, change hostname, change passwords, inject files
Split design snf-image-host
snf-image-helper
All customization in helper VM
![Page 41: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/41.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 41
[email protected]| 20111130
OpenStack Object Storage API
Block storage
Content-based addressing for blocks
Every file is a collection of blocks
Web-based, command-line, and native clients
Synchronization, deduplication
Goal Image registry on Pithos+, common RADOS-based backend
![Page 43: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/43.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 43
[email protected]| 20111130
GanetiMaster
Queue
Deployment
DB
Ganeti node
KVM …
Web Server REST API
Logic RAPI
SQL
snf-gnt-eventd
snf-gnt-hook
snf-dispatcher
API Server
api aai
SQLui
![Page 45: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/45.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 45
[email protected]| 20111130
./kamaki$ ipython
In [1]: from kamaki.client import ClientIn [2]: c = Client('http://localhost:8000/api/v1.1', "1234527db2…")In [3]: c.list_flavors()…In [4]: i = c.list_images()In [5]: i[5]{u'created': u'2011-06-09T00:00:00+00:00', u'id': 7, u'metadata': {u'values': {u'OS': u'windows',
u'size': u'11000'}}, u'name': u'Windows', u'progress': 100, u'status': u'ACTIVE', u'updated': u'2011-09-12T14:47:12+00:00'}In [6]: c.create_server('mywin1', 3, 5)
![Page 46: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/46.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 46
[email protected]| 20111130
./kamaki$ ./kamakiUsage: kamaki <group> <command> [options]… --api=API API can be either openstack or synnefo --url=URL API URL --token=TOKEN use token TOKEN…
Commands: flavor info get flavor details flavor list list flavors… image create create image image delete delete image
$ ./kamaki server shutdown 101 --url=http://localhost:8000/api/v1.1--token=1234527db2…
![Page 47: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/47.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 47
[email protected]| 20111130
More interaction Identity Management
Provides the user base for okeanos
Once authenticated, the user retrieves an
auth token for programmatic access
Pithos+ storage service Aim is to provide the Image service for okeanos
Sharing a common storage backend on RADOS
Aquarium Common crediting and billing infrastructure
![Page 49: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/49.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 49
[email protected]| 20111130
Upcoming goals
short-term: Synnefo v0.8 user-visible storage backends
VMs with RADOS-based storage
Custom Image registry, custom Image deployment
medium-term Dynamic disks, clonable / snapshottable / attachable disks
integration with Pithos+, single user base
Beta when datacenter is fully populated
![Page 51: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/51.jpg)
![Page 52: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/52.jpg)
![Page 53: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/53.jpg)
![Page 54: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/54.jpg)
![Page 55: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/55.jpg)
![Page 56: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/56.jpg)
![Page 57: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/57.jpg)
![Page 58: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/58.jpg)
![Page 59: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/59.jpg)
![Page 60: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/60.jpg)
![Page 61: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/61.jpg)
![Page 62: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/62.jpg)
![Page 63: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/63.jpg)
![Page 64: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/64.jpg)
![Page 65: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/65.jpg)
![Page 66: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/66.jpg)
![Page 67: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/67.jpg)
![Page 68: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/68.jpg)
![Page 69: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/69.jpg)
![Page 70: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/70.jpg)
![Page 71: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/71.jpg)
![Page 72: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/72.jpg)
![Page 73: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/73.jpg)
![Page 74: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/74.jpg)
![Page 76: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/76.jpg)
Greek Research and Technology Network IEEE CloudCom 2011 77
[email protected]| 20111130
Opensource Synnefo
https://code.grnet.gr/projects/synnefo
Pithos+ https://code.grnet.gr/projects/pithos
Ganeti https://code.google.com/p/ganeti
snf-image https://code.grnet.gr/projects/snf-image
kamaki https://code.grnet.gr/projects/kamaki
vncauthproxy https://code.grnet.gr/projects/vncauthproxy
![Page 77: Delivering IaaS for the Greek Academic and Research Community](https://reader035.vdocuments.us/reader035/viewer/2022070407/56814320550346895daf8772/html5/thumbnails/77.jpg)
https://okeanos.grnet.gr