openstack intro iqbal dist - Department of Computer ... · Building(acloud(with(...
Transcript of openstack intro iqbal dist - Department of Computer ... · Building(acloud(with(...
![Page 2: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/2.jpg)
About me … • EducaDon
– University of Toronto x 3 • B.Sc. Hons 2000 (SoOware Engineering, Economics, Math) • MSc 2004 • PhD 2008
• SoOware Engineer – Nortel – Motorola – CaseWare
• Researcher – Post-‐doc@MicrosoO Research Silicon Valley (2008-‐2010) – Research Staff Member@IBM T.J. Watson Research Center (2010-‐current)
![Page 3: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/3.jpg)
About me … • EducaDon
– University of Toronto x 3 • B.Sc. Hons 2000 (SoOware Engineering, Economics, Math) • MSc 2004 • PhD 2008
• SoOware Engineer – Nortel – Motorola – CaseWare
• Researcher – Post-‐doc@MicrosoO Research Silicon Valley (2008-‐2010) – Research Staff Member@IBM T.J. Watson Research Center (2010-‐current)
Disclaimer: All statements are my own and do not represent my employer
![Page 4: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/4.jpg)
INTRODUCTION TO OPENSTACK
![Page 5: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/5.jpg)
What is OpenStack?
• Open source Private Cloud soOware that gives you Infrastructure-‐as-‐a-‐service (IAAS)
• Base pla`orm offered by several public cloud vendors so that end users have a common UX, APIs, logical building blocks, etc.
• Community-‐driven, open cloud architecture
![Page 6: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/6.jpg)
Gecng hands-‐on with Openstack
• InteracDng with the cloud – Web-‐based GUI (Horizon) – CLI – Python client library (use virtualenv!) – REST interface
• Basic OperaDons – Images – Security Groups – Virtual Machines
![Page 7: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/7.jpg)
Source: hgp://docs.openstack.org/icehouse/training-‐guides/content/index.html
![Page 8: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/8.jpg)
BUILDING BLOCKS
![Page 9: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/9.jpg)
VirtualizaDon is Key Enabler • Compute VirtualizaDon – Virtual Machines (e.g. VMWare, kvm, xen) – OperaDng System level VirtualizaDon (e.g. Docker)
• Network VirtualizaDon – Virtual Switches (OpenVswitch, Linux Bridge) – Network namespaces – SoOware routers, tunnels, etc.
• Storage VirtualizaDon – iSCSI, NFS, LVM (Logical Volume Manager) – Object storage systems via overlays
![Page 10: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/10.jpg)
What is hard about building a cloud?
• TradiDonal Distributed Systems problems – Scalability – Fault tolerance Remember: If we have a complex management plane, need to scale/harden that too!
• Management funcDons – Take components OOS, enforce quotas, meter resource usage, isolaDon and mulD-‐tenancy support
• OperaDonal Visibility – A cloud is a service and not a product. Standards/tracking of upDme. Failures will happen -‐> MTTR
![Page 11: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/11.jpg)
Containers Primer • Basic idea: chroot jails – Changes apparent root directory for a process and its descendants
• Namespaces – Process namespaces enabling isolaDng groups of processes
– Network namespaces allow isolaDon of network stacks/network devices
• OS level support – Resource allocaDon to process groups via CGroups – Security/access control via AppArmour, SELinux
![Page 12: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/12.jpg)
Source: hgp://man7.org/linux/man-‐pages/man7/namespaces.7.html
![Page 13: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/13.jpg)
Enterprise Networking Review
• Network Interface Cards (NICs); servers typically have mulDple NICs; link aggregaDon is important in high value applicaDons (teaming, bonding, etc.)
• Ethernet is common; HPC systems uDlize technologies such as infiband and ROCE (RDMA over converged Ethernet)
• Switches vs. Routers – RouDng in soOware (e.g. Vyaga/Vyos); Devices that speak Openflow; SDN controllers
• VLANs essenDal to isolate traffic
![Page 14: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/14.jpg)
Virtual Networking Primer
• Virtual Switches (layer 2 switching) – Linux Bridge (brctl) – OpenVswitch (ovs)
• Tunnels: GRE, VXLAN • iptables provides fine-‐grained firewall control • Network namespaces can be used to encapsulate network services – DHCP, RouDng
![Page 15: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/15.jpg)
UNDER THE HOOD
![Page 16: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/16.jpg)
Core Openstack Components Source: hgp://docs.openstack.org/icehouse/training-‐guides/content/index.html
![Page 17: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/17.jpg)
ON THE HORIZON
![Page 18: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/18.jpg)
Microservices • Split monolithic applicaDons into many small services that speak HTTP or other lightweight messaging protocol
• Enable independent deployment, upgrade and scaling out of individual services
• Services can be implemented in different languages and even uDlize varying data Ders
• Fits agile development/squads model of development • RealisDcally, it requires automaDon support for deployment
• A new way of doing SOA or something more?
![Page 19: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/19.jpg)
Cluster compuDng • Clouds are too complicated to run for small, fast moving orgs; cluster management is perhaps simpler
• Typical soluDons forget about mulD tenancy • Scheduler, scaling/autoscaling and auto recovery are key services
• New players: Docker’s Swarm, Google’s Kubernetes, Mesos, CoreOS with fleet
• Excellent fit for microservices • Grid compuDng makes a come back?
![Page 20: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/20.jpg)
THANK YOU
@iqbalmohomed slowping.com
![Page 21: openstack intro iqbal dist - Department of Computer ... · Building(acloud(with( Openstack(Iqbal(Mohomed(iqbal@us.ibm.com(March(25’th(2015](https://reader034.fdocuments.net/reader034/viewer/2022042307/5ed375614bb814069d3561d2/html5/thumbnails/21.jpg)
Useful Tools • Vagrant
– A CLI to various hypervisors (e.g. Virtual Box, VMWare fusion). Not essenDal but makes development easier
• Devstack – Lets you run a basic version of Openstack on a single machine
– Used by many Openstack developers as it requires few resources, can stay current with the latest code, can have mulDple devstacks
• screen – Used by devstack to run the various Openstack processes