DevOps in a Public OpenStack Cloud - Hui Cheng

在这里写上你的标题
DevOps in OpenStack Public Cloud
副标题副标题副标题
副标题文字副标题文字
Presented at OpenStack Summit, Fall 2012, San Diego

Hui Cheng
freedomhui@gmail.com | freedomhui.com
Community Manager of COSUG
Technical Manager in Sina Corporation 作者名字/日期
2012/10/17

OpenStack Public Cloud
目录

00
00 写上你的文字你的文字
01
01
02
02
03
03

04

05

However They never tell you how to operate
their public cloud based on OpenStack!

Content
 SinaCloud Introduction
 Challenges to build a OpenStack Public Cloud
1. Network topology
2. Security Enhancement
3. Storage Solution
4. Identity Integration
5. Billing & Monitoring
6. Dashboard Improvement
 Operate an production OpenStack
7. Platform stack
8. Automated Deployment
9. Continuous Integration
10. Project Management
 StackLab: A community OpenStack Public Cloud
 Summary

Cloud Requirement
目录

00
Sina.com
01 • Largest infotainment web portal in China
01 • Provides various on-line services, like news,
02 Finance, video, email, blog hosting, etc.
02 • Needs unified infrastructure & app platform to
03 host heterogeneous services and apps.
03

Sina Weibo
04
• twitter-like microblog service
• 05
over 350m users, #1 SNS in China.
• huge influence on China's society
• Weibo Open Platform to build a social ecosystem through Open API and cloud
environmental.

We are building a reliable, scalable and secure cloud
platform to support our business and external customers.

目录
SinaCloud Portfolio
• First and most popular PaaS cloud
00 in China, launched in 2009
00 写上你的文字你的文字 • Support PHP, Python and Java
01 runtime.
01 • 250,000 developers, 380,000 apps
02 running on SAE.
02
03
03  First commercial cloud app
market in China.
04  SaaS cloud based on SAE tech.
 Design for the common users,
05
(Sina Cloud Market)
1-Click purchase and install apps.

 First OpenStack based public
IaaS cloud in China

目录
Sina OpenStack dev Team

00
01
01
02
02
03
03

04

05

More info: http://www.openstack.org/blog/2012/10/how-sina-contributes-to-openstack/

目录
Network Topology

00
00 写上你的文字你的文字 vs Quantum
Nova-network
01
01Multi Multi Flat, Tunneling SDN Sec Dashboard
02 host Talent FlatDHCP Group Support
02
Nova-Network
03
Quantum 03

04
 Nova-Network is simple, robust and reliable, except lack of some
05
advanced features.
 Quantum is not ready for production use, it’s OVS plugin has great
potential to be open-source NVP solution.
 I would suggestion to continue use nova-network for production
deployment until next release.

目录
Nova-Network

00
 Flat00 写上你的文字你的文字

01 Need external DHCP Server, and human intervention, not
01
flexible, hardly use in practical deployment.
 FlatDHCP
02
02
 Like Amazon EC2 networking(not VPC, VPC corresponds to
03 Quantum), VM get IP from single network pools.
03
 Simple, easy to hack.
 04
Widely used in public cloud, also preferred topology in many
scenarios.

05
VLAN
 A little complex, hardware configuration may be involved.
 Not suggest to use except strong requirement of tenant
isolation,

Network Topology —— Real User Case
Nova Network(FlatDHCP+Multi-host)

Capability:
• Accessibility of all VMs in the fixed IP
range
• VM is able to access public network
• VM can be accessible from public
network

Bonus:
• Totally distributed architecture avoid
single-point failure.
• Multiple gateway eliminates NAT
bottleneck
• High speed between OS regions

Drawback:
• Tenant isolation lessens
• Need security facility(SWS-filter) to
protect intranet

目录
Security Enhancement

00
 SWS Filter: a extension to security group in nova-network

01 Used to filter egress traffic from VM to internal network
 01
Define whose traffic could be able to reach which internal
02 network IP/segment.
02
03
03

04

05

目录
Storage Solution

00
 00
Object写上你的文字你的文字 we choose Swift
Storage: Definitely
01
 Block Storage

01Cinder is not Amazon EBS, just a framework to include
02 multiple open-source/commercial storage solution.
02
 Nova-volume/Cinder(iSCSI) is not applicable to public cloud.
03 Sheepdog/Gluster/Ceph plugins need time to be stable.

03
 Island: Local Storage Volume plugin for Cinder is
04
coming.
High performance local storage
05


 Incremental & independent snapshot
 Snapshot store in swift

目录
Identify Integration: Keystone

00 AWS-like Multi-region support

01
01 Dashboard
02
02
Keystone
Select Region
Keystone
Nova Beijing Shanghai Nova
03
03
Swift Glance
04
Glance
Swift
05
MySQL

Kanyun: Monitoring system
目录

00 Worker Dashboard
Nova 00 写上你的文字你的文字
01Nova
Compute01
Compute
02 Metrics:
02 API daemon
CPU、mem、disk、
Worker
03
03 Retrieve network traffic
usage Responds to client
04 info request

05
Billing
Aggregator

NoSQL
Calculates/stores
metrics Repo: https://github.com/sinacloud/kanyun

Kanyun demo
目录

00
01
01
02
02
03
03

04

05

Dough:Billing system
目录
 Keep track of billing
info to charge tenants
00 Flexible

deduct
customization of
01 payment policies
01
RDBMS Dashboard  How much/often to
Kanyun API
02 charge for resource
02
(Metering) unit
03 Handles prepaid or
03


pay-as-you-go
Coupon Support
04


05 Farmer API daemon
NoSQL
Check status / Subscribe or
Retrieve usage / unsubscribe
Create purchases Query info
Repo: https://github.com/sinacloud/dough, you should also consider Celiometer project.

Dough:Billing info page
目录

00
01
01
02
02
03
03

04

05

目录
Dashboard Improvement

00
 00
We did not use Horizon, because:
写上你的文字你的文字
01  Horizon’s UI is not easy to customize
 01Front end and back end is tightly coupled
02  we need much customization, it’s hard to keep pace with
02Horizon.
03
03


04
What we do?
 Decouple the frontend design and backend implementation.
05
 Make dashboard a lightweight frontend.
 Separate user console and admin console.

目录
Horizon Dashboard

00
01
01
02
02
03
03

04

05

SWS v1
目录

00
01
01
02
02
03
03

04

05

SWS v2
目录

00
01
01
02
02
03
03

04

05

SWS v3 – User Dashboard
目录

00
01
01
02
02
03
03

04

05

SWS v3 - Monitoring
目录

00
01
01
02
02
03
03

04

05

Platform Stack
目录

00
01
01 x86 rack Server
2U
02
02 Ubuntu
03 OpenStack
03
KVM
04

05
SAS SSD
Raid10/5 Raid10/5

Challenges in Deploying Cloud

 Cloud in essence are big data centers

 Requirement:
 Provision large scale physical infrastructures
 Software deployment
 Orchestrate all the heterogeneous components

SWS automation toolchain.
目录

Openstack Montoring
00 Zabbix
Development tools
Cluster

01 Configuration management
01
Deb
02 Puppet
Repo
02
03 Build Packages
03 Services Provision
Gitorious Operation Tools
04
Peer Review Foreman Provides DHCP/TFTP/DNS
05 and puppetCA for puppet
Gerrit

OS provision
git review

Dev Bare Metal

SWS continuous integration
目录

00 Dev
01
01
Something failed… Wish my code passed
02
02
03
03Packaging
Need

04
change!
Hey, test PASS! Peer review PASS!
Newbie
05 Old Bird

It looks good to me,
Good, Approve!
But need someone approve…

Project Management
目录

00
01
01
02
02
03
03

04

05

Deploy open-source version Launchpad in-house as project management system.

StackLab.org

A Community free OpenStack Public Cloud, more
than just a OpenStack sandbox.

StackLab is initiated and operated by Sina OpenStack team, as well as
tech volunteers from community, while resources sponsored by Sina, Intel.
StackLab news report: http://freedomhui.com/2012/10/coscl-launches-stacklab/

Why StackLab

Not everyone has the opportunity to run a OpenStack public
cloud when no resources, no users, no market, but StackLab
will change this.

StackLab Goals

A community OpenStack public cloud which benefits users,
contributors and sponsors.
For OpenStack Users who experience StackLab
 Understand what exactly OpenStack is and what does it provide
 Develop application on StackLab or using OpenStack API
 Build faith on OpenStack, possibly become real adopters and supporter

For OpenStack contributors involved in StackLab
 Testing patches on real production-like environmental, and get feedback
from users, thus facilitate development and QA processes
 Gains experiences through operating StackLab without risk of SLA
 Better understand the requirement of OpenStack users
For StackLab sponsors
 Build band acknowledgement in OpenStack community
 Own one StackLab region in their own data center
 Prior access to free technical support, consultant, of StackLab DevOps team

How to join StackLab

For OpenStack Users who want to experience StackLab
Really Easy! Goto StackLab.org, register a free account instantly without
approvement by admin.

For OpenStack contributors to join StackLab DevOps team
1. Persuade your company to become a StackLab sponsor, thus you will have a
StackLab region in your own DC, and you are one admin of StackLab.
2. Contact us to join as an individual member.
For StackLab sponsors

1. Send a email to openstacklab@gmail.com, expressing your willing to join
StackLab
2. Sign a agreement with StackLab DevOps team
3. StackLab team help you build one StackLab region in your own DC. The
minimum requirement is 3 servers with access to public network.
4. List your StackLab region in Stacklab.org portal.

How to join StackLab(cont.)

StackLab: http://stacklab.org
StackLab Discussion Group:
https://groups.google.com/group/stacklab
stacklab@googlegroups.com
StackLab DevOps Team:
https://groups.google.com/group/stacklab-devops
stacklab-devops@googlegroups.com

What does StackLab Look Like?

Choose the region before login

Or choose the region after login

Summary
目录

00
 OpenStack definitely the best open-source cloud
01
01
platform for building public cloud
02
 Open, open, open, open

02
Fast growing ecosystem around OpenStack
03 No vendor lock-in

03
 Etc.
04
 OpenStack Public cloud needs much more
05
customization and development to differentiate.

 Require strong technical skills and involvement in
community.

目录

00
01
01
02
Thank you, OpenStack Community
03
02

and Foundation.
03

04

05

目录

00
01
01 Q&A
02
02
03
03

04

05 freedomhui@gmail.com
Freedomhui.com

DevOps in a Public OpenStack Cloud - Hui Cheng

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (6)

Similaire à DevOps in a Public OpenStack Cloud - Hui Cheng

Similaire à DevOps in a Public OpenStack Cloud - Hui Cheng (20)

Plus de Hui Cheng

Plus de Hui Cheng (20)

Dernier

Dernier (20)

DevOps in a Public OpenStack Cloud - Hui Cheng