16. • Secure, multi-tenant cloud
orchestration platform
– Turnkey platform for delivering IaaS clouds
– Hypervisor agnostic
– Massively scalable, secure and open
– Open source, open standards
– Deploys on premise or as a hosted solution
• Deliver cloud services faster and at a
fraction of the cost
What is Citrix CloudPlatform?
Build your cloud the way the world’s
most successful clouds are built
17. CloudStack Supports Multiple Cloud Strategies
Multi-tenant
Public Cloud
• Dedicated resources
• Security & total control
• Internal network
• Managed by Enterprise
or 3rd party
• Mix of shared and
dedicated resources
• Elastic scaling
• Pay as you go
• Public internet, VPN
access
Hosted
Enterprise Cloud
• Dedicated resources
• Security
• SLA bound
• 3rd party owned and
operated
Private Clouds Public Clouds
On-premise
Enterprise Cloud
18. Benefits of CloudStack
Self Service
CapitalLeverageWorkforceLeverage
Management
Automation
Workload
Standardization
Remove IT as a service delivery critical path
Reduce IT operational costs
Consistent application and service deployment
Usage Metering
Centralized
Management
Smarter
Virtualization
Visibility into user and line of business usage
Manage complete infrastructure, regardless of scale
Drive reduced capital requirements
20. Compute
CloudStack Provides On-demand Access to
Infrastructure Through a Self-Service Portal
Citrix Confidential - Do Not Distribute
Network Storage
Admin
Users
Org A
Admin
Users
Org B
Users
End User
Admin
21. Volume & Snapshot Management
Citrix Confidential - Do Not Distribute
Volume
VM 1Add / Delete
Volumes
Schedule
Snapshots
Hourly
Daily
Weekly
Monthly
Now
Create Templates
from Volumes
Volume Template
View Snapshot
History 12/2/2012 7.30 am
….
2/2/2012 7.30 am
22. Network & Network Services
Citrix Confidential - Do Not Distribute
• Create Networks and attach VMs
• Acquire public IP address for NAT & load
balancing
• Control traffic to VM using ingress and
egress firewall rules
• Set up rules to load balance traffic between
VMs
23. CPU Cores
CPU (MHz)
Memory (MB)
Name
Compute
Specify Resource Levels
Service Offerings
Citrix Confidential - Do Not Distribute
Custom Disk Size
Disk Size (GB)
Storage Tag
Storage Tag
Public
Name
Disk
Network Rate
Redundant VR
Public
Name
Network
Firewall
Load balancer
CPU Cap
Host Tag
Enable HA
Configure Properties
Public
Define Scope
25. #CitrixSynergy
Citrix CloudPlatform Architecture
Availability and Security
Servers Network Storage
Virtualization Layer
Service Management (Metering, Accounts, etc.)
Resource Management
Servers Storage Network
Dynamic Workload Management
snapshots LB HA Monitoring
Image Libraries
Application Catalog
Custom Templates
Operating System ISOs
IntegrationAPI
OperationalIntegration
/BSS,Monitoring,IdentityManagement,Etc)
User Interface
Administrator End User Console
Developer API
Amazon*REST
26. Open Platform to Suit Customer Needs
Citrix Confidential - Do Not Distribute
Compute
XenServer VMware KVMOracle VM Bare metal
Hypervisor
Storage
Local Disk iSCSI NFSFiber Channel Swift
Block & Object
Network
Network Type Isolation Load balancerFirewall VPN
Network & Network Services
27. Multi-tenancy & Account Management
Cloud
• Domain is a unit of isolation that
represents a customer org,
business unit or a reseller
• Domain can have arbitrary levels
of sub-domains
• A Domain can have one or more
accounts
• An Account represents one or
more users and is the basic unit
of isolation
• Admin can limit resources at the
Account or Domain levels
Admin
Org A
Admin
Reseller A
Domain
Domain
Admin
Org C
Sub-Domain
User 1
User 2
Group B
Account
Group A
Account
VMs, IPs,
Snapshots…
VMs, IPs,
Snapshots…
Resources
Resources
28. Pod 1
….
Cluster N
L2 switch
Host 2
Cluster 1
CloudStack Cloud Architecture
Citrix Confidential - Do Not Distribute
Host 1
Host is the basic unit of scale. Runs a
hypervisor or is bare metal
Cluster consists of one ore more hosts
of same hypervisor
All hosts in cluster have access to
shared (primary) storage
Pod is one or more clusters, usually
with a L2 switch. Represents a rack
Availability Zone has one or more
pods, has access to secondary
storage.
Firewall and Load balancers separate
public and private networks
One or more zones represent cloudPrimary
Storage
Zone 1
FirewallLoad Balancer
….
L3 switch
Secondary
Storage
Pod N
30. Availability Zones Can be Private
Citrix CloudPlatform Cluster
San Jose
Austin
Frankfurt
TokyoPrivate Delhi
Private Rio
31. Citrix Confidential - Do Not Distribute
Pod 1
Host 2
Cluster 1
Host 1
Primary
Storage
L3 switch
Secondary
Storage
L2 switch
CloudStack Storage
• Configured at Cluster-level. Close to hosts for better performance
• Stores all disk volumes for VMs in a cluster
• Cluster can have one or more primary storages
• Local disk, iSCSI, FC or NFS
Primary Storage
• Configured at Zone-level
• Stores all Templates, ISOs and Snapshots
• Zone can have one or more secondary storages
• NFS, OpenStack Swift
Secondary Storage
33. Management Server Deployment Architecture
Citrix Confidential - Do Not Distribute
Management
Server
MySQL
DB
Back Up
DB
Infrastructure
Resources
User API
Admin API
Load
Balancer
Management
Server
Management
Server MySQL
DB
Infrastructure
Resources
User API
Admin API
Single-node Deployment Multi-node Deployment
MS is stateless. MS can be deployed as
physical server or VM
Single MS node can manage up to 5K hosts.
Multiple nodes can be deployed for scale or
redundancy
Commercial: RHEL 6.x, CentOS 6.x
Replication
34. Management Server Managing Multiple Zones
Citrix Confidential - Do Not Distribute
Zone1
Data Center 1
Cloud
Data Center 2
Zone 3
Zone 2
Data Center 2
Zone 3
Zone 2
Data Center 2
Zone 3
Zone 2
Data Center 2
Zone 3
Zone 2
Data Center 2
Zone 3
Zone 2
Data Center 3
Zone 4
Management
Server
Single Management Server can manage
multiple zones
Zones can be geographically distributed but
low latency links are expected for better
performance
Single MS node can manage up to 5K hosts.
Multiple MS nodes can be deployed as cluster
for scale or redundancy
36. Basic (Layer 3) vs. Advanced (Layer 2)
Networking
• Segmentation based on feature set and ease-
of-deployment
• Basic Zone implements true AWS-style L3-
isolation
• Tenants do not get contiguous IP addresses or subnets
• Network segmentation based on Security Groups
• Tremendous scale (tens of thousands)
• Advanced Zone offers full L3 subnets
• VLANs are default implementation (4K limit)
• More features (source NAT, PF, VPN)
37. Basic Guest Network
Public Network
65.11.0.0/16
65.11.1.2
Guest VM 1
Guest VM 2
Guest VM 3
Guest VM 4
Public
Network/Internet
NetScaler
Load Blancer
65.11.1.3
65.11.1.4
65.11.1.5
DHCP,
DNS
CS
Virtual
Router
Security Group 1
Security Group 2
65.11.1.2
Guest VM 1
Guest VM 2
Guest VM 3
Guest VM 4
65.11.1.3
65.11.1.4
65.11.1.5
DHCP,
DNS
CS
Virtual
Router
Security Group 1
Security Group 2
EIP, ELB
38. Guest Virtual Network (Advanced)
Public
Network/Internet
Guest Virtual Network 10.0.0.0/8
VLAN 100
Gateway address
10.1.1.1
DHCP, DNS
NAT
Load Balancing
VPN
Public IP
65.37.141.11
10.1.1.1
Guest VM 1
10.1.1.3
Guest VM 2
10.1.1.4
Guest VM 3
10.1.1.5
Guest VM 4
CS
Virtual Router
Public
Network/Internet
Guest Virtual Network 10.0.0.0/8
VLAN 100
Private IP
10.1.1.112
DHCP,
DNS
Public IP
65.37.141.112
10.1.1.1
Guest VM 1
10.1.1.3
Guest VM 2
10.1.1.4
Guest VM 3
10.1.1.5
Guest VM 4
NetScaler
Load Blancer
Private IP
10.1.1.111
Public IP
65.37.141.111 Juniper SRX
Firewall
CS Virtual Router provides Network Services External Devices provide Network Services
CS
Virtual
Router
39. Advanced L2 Multi-tier network
Public
Network/Internet
Private IP
10.1.1.112
DHCP, DNS
User-data
Public IP
65.37.141.112
10.1.1.2 Web VM 1
10.1.1.3
Web VM 2
10.1.1.4
Web VM 3
10.1.1.5
Web VM 4
Netscaler
Load Balancer
Private IP
10.1.1.111
Public IP
65.37.141.111 Juniper SRX
Firewall
Multi-tier network
CS
Virtual
Router
CS
Virtual
Router
Virtual Network
10.1.1.0/24
VLAN 100
Virtual Network
10.1.2.0/24
VLAN 1001
10.1.2.21
10.1.2.18
10.1.2.38
10.1.2.39
10.1.2.31 App VM 1 10.1.3.21
Virtual Network
10.1.3.0/24
VLAN 141
10.1.2.24 App VM 2 10.1.3.45
10.1.3.24 DB VM 1
CS
Virtual
Router
DHCP,
DNS,
User-data
DHCP, DNS
User-data,
Source-
NAT, VPN
Public IP
65.37.141.115
40. Learn how to build your own cloud
with new educational resources
from Citrix and partners.
http://bit.ly/OHhO08.
90 days free trial:
http://www.citrix.com/products/cloud
platform/try.
Apache community:
http://www.cloudstack.org