Nested CloudStack with VMware
-
Upload
shapeblue -
Category
Technology
-
view
220 -
download
5
Transcript of Nested CloudStack with VMware
![Page 1: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/1.jpg)
Nested CloudStack with VMwarePaul Angus
Cloud Architect ShapeBlue
Twitter: @CloudyAngus
![Page 2: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/2.jpg)
@shapeblue #ccceu14
Why – not just a science project
How
What (you can do with it)
Next steps
Nested CloudStack with VMware
![Page 3: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/3.jpg)
@shapeblue #ccceu14
Cloud Architect with ShapeBlue
Specialise in….
Designing and deploying enterprise and public clouds
Involved with CloudStack before donation to Apache
Designed Clouds Orange, TomTom, PaddyPower, Ascenty, BSkyB
CloudStack Committer
About Me
![Page 4: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/4.jpg)
@shapeblue #ccceu14
“ShapeBlue are expert builders of public & private clouds. They are the leading global
Apache CloudStack integrator & consultancy”
About ShapeBlue
![Page 5: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/5.jpg)
![Page 6: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/6.jpg)
@shapeblue #ccceu14
Nested CloudStack with VMware
Why?
![Page 7: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/7.jpg)
@shapeblue #ccceu14
CEO
Why
“Building CloudStack environments using CloudStack?Are you just having fun?”
![Page 8: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/8.jpg)
@shapeblue #ccceu14
Why
Talented Cloud Architect
“If we can automate the building of environments including the networking, and generate any topology we want quickly, we can achieve the tasks that I’ve highlighted in these slides that I have with me, just in case you asked.”
“Building CloudStack environments using CloudStack?Are you just having fun?”
![Page 9: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/9.jpg)
@shapeblue #ccceu14
Why
CEO“That would be excellent.Go ahead.Oh, and here’s a pay rise”
building of environments including the networking, and generate any topology we want quickly, we can achieve the tasks that I’ve highlighted in these slides that I have with me, just in case you asked.”
![Page 10: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/10.jpg)
@shapeblue #ccceu14
Client:
“We have a large global multi-zone public deployment, which we need toupgrade. Upgrade requires all virtual routers to be restarted. Virtual routerrestarts need to be done in phases (due to time zones). We need to knowwhat the users will experience while CloudStack has been upgraded butthe virtual routers have not be restarted. We also want to know if thelatency between some zones will be an issue during the upgrade.
No, we don’t have a couple of dozen hosts that you can use”
Why?
![Page 11: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/11.jpg)
@shapeblue #ccceu14
Test/Dev
Need to be able to create full environments to test:
CloudStack release candidates
CloudStack features
ShapeBlue patches
Why
![Page 12: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/12.jpg)
@shapeblue #ccceu14
Training
Bootcamp runs in Virtualbox – limited by amount of RAM and cores in laptops
We can’t use KVM or ESXi hosts because no HVM support for guests.
Why?
![Page 13: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/13.jpg)
@shapeblue #ccceu14
Client Demos
Need to create demo environments to show features
Why?
![Page 14: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/14.jpg)
@shapeblue #ccceu14
Nested CloudStack with VMware
How
![Page 15: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/15.jpg)
@shapeblue #ccceu14
Nested virtualisation has been possible in ESXi since 4.1 with some hacking (editing /etc/vmware/config and changing the CPU IDs) if the CPU supported VT-x or AMD-V
Since 5.1 nested virtualisation more powerful with the introduction of support for 2nd generation hardware virtualisation within processors. Extended Page Tables (EPT) from Intel (Nehalem onwards) or Rapid Virtualization (RV) from AMD (0x10 Barcelona onwards)
Still not supported for production loads
Nested Hypervisors
![Page 16: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/16.jpg)
@shapeblue #ccceu14
Nested Hypervisors
Enabling nested virtualisation in CloudStack enables the hardware virtualisation feature.
![Page 17: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/17.jpg)
@shapeblue #ccceu14
Trunking VLANs no problem with vSwitches/bridges on any hypervisor
Portgroup/vSwitch need to be set to promiscuous mode to nest network interfaces.
To create a hypervisor VM purely in CloudStack we need to add a network interface which can use a range of VLANs for the guest VLANs
But within CloudStack you can only map one VLAN to any network
Networking
![Page 18: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/18.jpg)
@shapeblue #ccceu14
On an ESXi host, using VLANID 4095 tells the host to trunk all VLANs through the port group.
Networking
![Page 19: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/19.jpg)
@shapeblue #ccceu14
Trunked Guest port group can share vSwitch with other traffic or be on a dedicated vSwitch
Guest Networks
![Page 20: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/20.jpg)
@shapeblue #ccceu14
Create a shared network on VLAN 4095
Shared Guest Networks
![Page 21: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/21.jpg)
@shapeblue #ccceu14
Each CloudStack zone has a range of guest VLANs.
The range will be created within the nested CloudStack.May need to avoid overlapping VLANs.
Isolation of Shared Networks
vSwitch0
VLANs 100-150
Top Secret Data
VLAN
150
SwitchESXi host
VLANs 100-150
vSwitch0
ESXi host
VLANs 120-200
![Page 22: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/22.jpg)
@shapeblue #ccceu14
Either physically separate the vSwitch
Or do not connect an uplink to the vSwitch
Isolation of Shared Networks
vSwitch1
vSwitch0
VLANs 100-150
Top Secret Data
VLAN 150
SwitchESXi host
VLANs 151-200
![Page 23: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/23.jpg)
@shapeblue #ccceu14
If isolation required:
Create additional vSwitch
Create additional physical guest network mapped to this vSwitch
Multiple guest networks means network offerings must be tagged.
If no isolation:
‘Usual’ guest networking vSwitch OK.
Isolation
![Page 24: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/24.jpg)
@shapeblue #ccceu14
Hypervisor Instance
Guest Traffic- Shared (trunked) network
Public Traffic- Shared network
Management Traffic- Isolated network
Building Environments
![Page 25: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/25.jpg)
@shapeblue #ccceu14
Simple CloudStackarchitecture
Building Environments
Host1
Host2
ACSMan
With NFS MySQL
Isolated Network Dynamic VLAN per tenant
Public Network (Shared) Fixed VLAN (no DHCP)
Gu
est N
etw
ork
(Sh
are
d) T
runke
d
![Page 26: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/26.jpg)
@shapeblue #ccceu14
Nested CloudStack with VMware
What(you can do with it)
![Page 27: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/27.jpg)
@shapeblue #ccceu14
Any hypervisor
Multiple management servers
MySQL master/slave, Galera clusters etc
Separate NFS inc.NetApp ONTAP Edge
Software load balancers
Virtual appliances
Object Storage for sec storage
User portals
Other Infrastructure Components
![Page 28: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/28.jpg)
@shapeblue #ccceu14
Create bare VM / hosts from templates
Install Ansible on guest instance
Git clone mega-playbook
Update hosts and group_vars
Push application
stack to VMs
Building Environments
![Page 29: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/29.jpg)
@shapeblue #ccceu14
Hypervisor Builds ESXi – multiple templates as cold standby
XenServer – deployed from template:
Reset installation_uuid, state.db and control_domain_uuid
Recreate network interfaces and storage devices
KVM – Base OS then push cloudstack-agent
Windows vCenter - multiple templates as cold standby
Building Environments
![Page 30: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/30.jpg)
@shapeblue #ccceu14
Easy to build up complex environments
Building Environments
Host1
Host2
ACSMan1
MySQL
Master
Isolated Network Dynamic VLAN per tenant
Public Network (Shared) Fixed VLAN (no DHCP)
Gu
est N
etw
ork
(Sh
are
d) T
runke
d
NFS
MySQL
Slave
ACSMan1
NetScaler
NetScaler
CSForge
Server
![Page 31: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/31.jpg)
@shapeblue #ccceu14
3 zones
2 geographic locations
Upgrade done, then tests run for a week. Then VRs restarted
Client Test Environment
CCP3.0.7B
MySQL
CPBM 2.2
MySQL
ESXi 1a
ESXi 1b
ESXi 1cvCenter
Appliance
ESXi 2a
ESXi 2b
ESXi 2cvCenter
ApplianceZone 1 (local)
Zone 2 (local)
Zone 3 (remote)
NFS
NFS
VPN VPN
ESXi 2a
ESXi 2b
ESXi 2cvCenter
Appliance
NFS
![Page 32: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/32.jpg)
@shapeblue #ccceu14
Test Dev
Automate the building of entire environments to test releases, features and patches against.
Client Demos
Need to create demo environments to show features
What you can do with it
![Page 33: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/33.jpg)
@shapeblue #ccceu14
Training
Hosted training in environments containing all hypervisors with a full infrastructure.
What you can do with it
![Page 34: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/34.jpg)
@shapeblue #ccceu14
Nested CloudStack with VMware
Next Steps
![Page 35: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/35.jpg)
@shapeblue #ccceu14
Next steps: Automated build of Windows VMs
Bootstrapped build of ESXi hosts.
Using AWS module to provision VMs
CloudStack module
Dynamic inventories
Nested CloudStack with VMware
![Page 36: Nested CloudStack with VMware](https://reader031.fdocuments.net/reader031/viewer/2022020207/55a283621a28ab541d8b4602/html5/thumbnails/36.jpg)
Nested CloudStack with VMwarePaul Angus
Cloud Architect ShapeBlue
Twitter: @CloudyAngus