SlideShare une entreprise Scribd logo

Introducing self-service to research (Devopsdays Ghent 2016)

Bart Vanbrabant
Bart Vanbrabant

This talk reports about the introduction of an OpenStack based private cloud at the large research group. (1) The process taking away “pets” and giving them “cattle”. (2) Technical and management challenges for managing a virtual environment with very diverse requirements.

Logiciels
1  sur  60
Télécharger pour lire hors ligne
Introducing self- service to researchers Bart Vanbrabant
About me  Did a PhD at KU Leuven  CTO of Inmanta • KU Leuven spin-off • Develops an orchestration tool • Open source at https://github.com/inmanta/inmanta  Research fellow at KU Leuven  Was here in 2009 2
Research environment Large research group • ~ 80 researchers • Research on software engineering, security, networks and systems, … 3
Research environment Single person silos “Tiger teams” Large project teams 4
Resources for experiments Based on smaller teams and projects Very limited for the single person silo Labs with equipment: mostly desktops out of warranty 5
About my PhD 6 A Framework for Integrated Configuration Management of Distributed Systems
About my PhD 7 A Framework for Integrated Configuration Management of Distributed Systems Een raamwerk voor geïntegreerd configuratiebeheer van gedistribueerde systemen
About my PhD 8 A Framework for Integrated Configuration Management of Distributed Systems
Single person silo 9
Single person silo 10 ME
Networking lab 11
Networking lab 12
Specs  PII 400 mhz  <= 256 ram  4 and 8 GB disks  1x 100M NIC 13
Optiplex GX100 14
15
Specs  PII and PIII: 400 -> 650 Mhz  512M ram  8 GB disks  2x 100M NIC 16
Stacks 17
Lots of them 18
Optiplex GX1 1998? 19
Optiplex GX1 2008 20
Optiplex GX1 2011 21
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD 22
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? 23
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? Where are they? 24
25
Shadow-IT  Multiple old desktops under desk  Sharing desktop stacks in offices  You can use mine if I can use yours  … 26
Shadow-IT  No pool of hardware to use  No backups  No updates  No idea what is actually available  All machines have a public IP! 27
Cause  Silos  Not just Devs vs Ops • Central IT • Local IT • Research group IT • Researchers  Different goals  Communications through tickets, email, … 28
No silo any more  Researcher with operational skills  Collaborate in projects, using other research as case study  Java and Application servers 29
Tipping point Use a J2EE application as case study 30
Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram 31
Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram In 2011 32
33
Managed servers  Buy one or more beefy servers  Use for a single research project (2 to 5 years)  Peak usage  In DC (“computerzaal”) by local IT staff  Ubuntu LTS 34
Managed servers Buy new server in may 2014 • New OS: 14.04 Buy new server in march 2014 • 2 year old OS: 12.04 35
More recent software?  Researcher: I need a newer version of X  IT staff: There is no update in Ubuntu repo  Researcher: But I really need it!  IT staff: No worry, we installed GCC and increased your quota. But please, put it in a NoBackup folder 36
37
Network zones  DMZ  Intranet  Lab  Experiments 38
Virtualization Managed system Root access on virtual machines No solution for networking and storage 39
Self service 40
Self service  Setup a pool of hardware  Isolate users from each other  Users and teams can create servers, networks, change firewall rules, use multiple zones, offer services to other users, … 41
42
Public cloud Easy: credit card and ready Bounded to their AUP Harder to predict cost Data not on premise Not so cheap 43
Private cloud  Harder to set up and operate  Up-front cost and hosting cost  Better integration with own infrastructure  Fixed size 44
OpenStack  Start with one server with OpenStack Folsom in 2012  Added two servers two months later  Add two servers  Migrated local storage to shared Ceph storage  Add three servers  Upgraded from 1G to 4x1G  Added NetApp NFS archive  Add SSD caching layer in Ceph  Migrated to 2x10G  Add eight server servers  Same interface for users! 45
Current setup  2x controller  1x mgmt server  6x performance nodes • CPU pinning, NUMA awareness, local storage • 2x8 Cores + 64GB ram  6x general purpose • 128GB ram • 2x14 cores • Ceph storage • SSD + SAS disks  2x10G  NetApp filer with 48TB storage 46
Virtual infrastructure  Three different uplinks (network zones)  Different routing and floating IP model  Each user gets their own sandbox with quotas  Team projects get their own project  Security groups by default closed  Routes from and to all user networks within private address range  Access with SSH or OpenVPN 47
Management 48
Config model 49 entity Project: """ A personal sandbox project in OpenStack :param name The username and projectname to create :param email The email address of the user :param subnet_id The third octet of the project :param public_network Create a network in the public zone :param lab_network Create a network in the lab zone (they get their own router) :param exp_network Create a network in the experimental zone """ string name string email number subnet_id bool public_network bool lab_network bool exp_network end index Project(name) index Project(subnet_id) Project personal_projects [0:] -- [1] neutron::Network lab_uplink Project personal_projects [0:] -- [1] neutron::Subnet lab_routing_subnet Project admin_projects [0:] -- [1] keystone::Project admin_project Project personal_projects [0:] -- [1] keystone::Project project Project personal_projects [0:] -- [1] vm::IaaS iaas Project personal_project_public_router [0:] -- [1] neutron::Router public_router Project personal_project_exp_router [0:] -- [1] neutron::Router exp_router
User setup 50 implementation personalProject for Project: # define the user stuff self.project = keystone::Project(iaas=self.iaas, name=name, enabled=true, description="Personal project of {{ name }} ({{ email }})") user = keystone::User(iaas=self.iaas, name=name, email=email, enabled=true, password=password) keystone::Role(project=self.project, user=user, role="Member") keystone::Role(project=self.project, user=user, role="heat_stack_owner") keystone::Role(project=self.project, user=keystone::User[name="admin"], role="admin") keystone::Role(project=keystone::Project[name="openvpn"], user=user, role="Member") std::User(host=self.iaas.access_vm, name=name, shell=“/bin/bash”) end
Public network zone 51 implementation publicNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_net", project=self.project, self.iaas=iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.public_router, dhcp=true, name="{{ name }}_net", network_address="172.16.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.16.{{subnet_id}}.10", allocation_end="172.16.{{subnet_id}}.254") end
Lab network zone 52 implementation labNet for Project: # Create a dedicated router and network for this demo environment router = neutron::Router(name="router-{{name}}", iaas=self.iaas, project=self.project, ext_gateway=self.lab_uplink) net = neutron::Network(name="{{name}}_lab", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=router, dhcp=true, name="{{name}}_lab", network_address="172.17.{{subnet_id}}.0/24", iaas=self.iaas, allocation_start="172.17.{{subnet_id}}.10", allocation_end="172.17.{{subnet_id}}.254") router_port = neutron::RouterPort(project=self.admin_project, iaas=self.iaas, name="{{name}}_lab_routing", address="172.18.0.{{subnet_id}}", subnet=self.lab_routing_subnet, router=router, purged=false) router.routes = neutron::Route(destination="172.16.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.17.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.19.0.0/16", nexthop="172.18.0.253") neutron::Route(destination="172.17.{{subnet_id}}.0/24", nexthop="172.18.0.{{subnet_id}}", router=self.public_router) end
Experimental network zone 53 implementation expNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_exp", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.exp_router, dhcp=true, name="{{ name }}_exp", network_address="172.19.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.19.{{subnet_id}}.10", allocation_end="172.19.{{subnet_id}}.254") end implement Project using personalProject implement Project using labNet when lab_network implement Project using publicNet when public_network implement Project using expNet when exp_network
54
Lessons learned 55
Self-service  Getting money to change things is hard  Got support from local IT  Start small  Documentation  Demo!  Training  Pro-bono services 56
Elasticity  (private) Cloud should be elastic  Resource have to seem infinite  But do enforce quotas  Capacity management and planning  Capacity problems encourages hoarding 57
Resource accounting  Quotes help wasting resources  Abandoned virtual machines  50 useful VM’s vs one VM trashing for weeks?  Working on better monitoring  Anomaly detection  Public shaming 58
Contact  bart.vanbrabant at inmanta.com  @bartvanbrabant  https://bart.vanbrabant.eu  https://inmanta.com  https://github.com/inmanta/inmanta  @inmanta_com 59
Eliminate complexityEliminate complexity 60

Recommandé

Document Similarity with Cloud Computing
Document Similarity with Cloud ComputingDocument Similarity with Cloud Computing
Document Similarity with Cloud Computing
Bryan Bende
 
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairRENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
John Constable
 
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Frank Dürr
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
Dave Holland
 
Distributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedDistributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learned
Wee Hyong Tok
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015
Belmiro Moreira
 
.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4
aminmesbahi
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute Node
Palak Sood
 

Recommandé

Document Similarity with Cloud Computing
Document Similarity with Cloud ComputingDocument Similarity with Cloud Computing
Document Similarity with Cloud Computing
Bryan Bende
 
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairRENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
John Constable
 
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Frank Dürr
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017
Dave Holland
 
Distributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedDistributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learned
Wee Hyong Tok
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015
Belmiro Moreira
 
.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4
aminmesbahi
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute Node
Palak Sood
 
Using Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems EasyUsing Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems Easy
nathanmarz
 
OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014
Carlos Gonçalves
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERN
Arne Wiebalck
 
Thread
ThreadThread
Thread
Syed Zaid Irshad
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1
Nhan Cao Thanh
 
Taverna summary
Taverna summaryTaverna summary
Taverna summary
myGrid team
 
Kafka overview v0.1
Kafka overview v0.1Kafka overview v0.1
Kafka overview v0.1
Mahendran Ponnusamy
 
Vancouver open stack meetup presentation
Vancouver open stack meetup presentationVancouver open stack meetup presentation
Vancouver open stack meetup presentation
Sean Winn
 
Introduction to Openstack Network
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Network
salv_orlando
 
Microservices in Unikernels
Microservices in UnikernelsMicroservices in Unikernels
Microservices in Unikernels
Madhuri Yechuri
 
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical Overview
Thang Man
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
Priti Desai
 
OpenStack Introduction
OpenStack IntroductionOpenStack Introduction
OpenStack Introduction
Jimi Chen
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in Go
All Things Open
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
Giuseppe Paterno'
 
OpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceOpenStack - Infrastructure as a service
OpenStack - Infrastructure as a service
Denis Cavalcante
 
Expanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesExpanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network Capabilities
HPCC Systems
 
Apache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupApache Kafka Women Who Code Meetup
Apache Kafka Women Who Code Meetup
Snehal Nagmote
 
Internship presentation
Internship presentationInternship presentation
Internship presentation
Riccardo Samperna
 
Open stack and sdn hands-on and demo
Open stack and sdn hands-on and demoOpen stack and sdn hands-on and demo
Open stack and sdn hands-on and demo
Kyohei Moriyama
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
Peter Clapham
 

Contenu connexe

Tendances

DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical Overview
Thang Man
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
Giuseppe Paterno'
 

Tendances (20)

Using Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems EasyUsing Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems Easy
 
OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERN
 
Thread
ThreadThread
Thread
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1
 
Taverna summary
Taverna summaryTaverna summary
Taverna summary
 
Kafka overview v0.1
Kafka overview v0.1Kafka overview v0.1
Kafka overview v0.1
 
Vancouver open stack meetup presentation
Vancouver open stack meetup presentationVancouver open stack meetup presentation
Vancouver open stack meetup presentation
 
Introduction to Openstack Network
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Network
 
Microservices in Unikernels
Microservices in UnikernelsMicroservices in Unikernels
Microservices in Unikernels
 
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical Overview
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
 
OpenStack Introduction
OpenStack IntroductionOpenStack Introduction
OpenStack Introduction
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in Go
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
 
OpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceOpenStack - Infrastructure as a service
OpenStack - Infrastructure as a service
 
Expanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesExpanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network Capabilities
 
Apache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupApache Kafka Women Who Code Meetup
Apache Kafka Women Who Code Meetup
 
Internship presentation
Internship presentationInternship presentation
Internship presentation
 

Similaire à Introducing self-service to research (Devopsdays Ghent 2016)

OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
NETWAYS
 
Pankaj_Kapila
Pankaj_Kapila Pankaj_Kapila
Pankaj_Kapila
Panapka
 

Similaire à Introducing self-service to research (Devopsdays Ghent 2016) (20)

Open stack and sdn hands-on and demo
Open stack and sdn hands-on and demoOpen stack and sdn hands-on and demo
Open stack and sdn hands-on and demo
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
 
Flexible compute
Flexible computeFlexible compute
Flexible compute
 
[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics
 
XPages -Beyond the Basics
XPages -Beyond the BasicsXPages -Beyond the Basics
XPages -Beyond the Basics
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paas
 
Leveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network BandwidthLeveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network Bandwidth
 
Openstack – An introduction
Openstack – An introductionOpenstack – An introduction
Openstack – An introduction
 
Extension Library - Viagra for XPages
Extension Library - Viagra for XPagesExtension Library - Viagra for XPages
Extension Library - Viagra for XPages
 
HPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyHPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journey
 
Cloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: OpenstackCloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: Openstack
 
Provisioning Servers Made Easy
Provisioning Servers Made EasyProvisioning Servers Made Easy
Provisioning Servers Made Easy
 
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
 
ANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptxANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptx
 
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration management
 
Introduction to Open stack - An Overview
Introduction to Open stack - An Overview Introduction to Open stack - An Overview
Introduction to Open stack - An Overview
 
Python and Oracle : allies for best of data management
Python and Oracle : allies for best of data managementPython and Oracle : allies for best of data management
Python and Oracle : allies for best of data management
 
Pankaj_Kapila
Pankaj_Kapila Pankaj_Kapila
Pankaj_Kapila
 
StarlingX - Project Onboarding
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project Onboarding
 

Dernier

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 

Dernier (20)

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 

Introducing self-service to research (Devopsdays Ghent 2016)

  • 1. Introducing self- service to researchers Bart Vanbrabant
  • 2. About me  Did a PhD at KU Leuven  CTO of Inmanta • KU Leuven spin-off • Develops an orchestration tool • Open source at https://github.com/inmanta/inmanta  Research fellow at KU Leuven  Was here in 2009 2
  • 3. Research environment Large research group • ~ 80 researchers • Research on software engineering, security, networks and systems, … 3
  • 4. Research environment Single person silos “Tiger teams” Large project teams 4
  • 5. Resources for experiments Based on smaller teams and projects Very limited for the single person silo Labs with equipment: mostly desktops out of warranty 5
  • 6. About my PhD 6 A Framework for Integrated Configuration Management of Distributed Systems
  • 7. About my PhD 7 A Framework for Integrated Configuration Management of Distributed Systems Een raamwerk voor geïntegreerd configuratiebeheer van gedistribueerde systemen
  • 8. About my PhD 8 A Framework for Integrated Configuration Management of Distributed Systems
  • 13. Specs  PII 400 mhz  <= 256 ram  4 and 8 GB disks  1x 100M NIC 13
  • 15. 15
  • 16. Specs  PII and PIII: 400 -> 650 Mhz  512M ram  8 GB disks  2x 100M NIC 16
  • 22. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD 22
  • 23. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? 23
  • 24. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? Where are they? 24
  • 25. 25
  • 26. Shadow-IT  Multiple old desktops under desk  Sharing desktop stacks in offices  You can use mine if I can use yours  … 26
  • 27. Shadow-IT  No pool of hardware to use  No backups  No updates  No idea what is actually available  All machines have a public IP! 27
  • 28. Cause  Silos  Not just Devs vs Ops • Central IT • Local IT • Research group IT • Researchers  Different goals  Communications through tickets, email, … 28
  • 29. No silo any more  Researcher with operational skills  Collaborate in projects, using other research as case study  Java and Application servers 29
  • 30. Tipping point Use a J2EE application as case study 30
  • 31. Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram 31
  • 32. Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram In 2011 32
  • 33. 33
  • 34. Managed servers  Buy one or more beefy servers  Use for a single research project (2 to 5 years)  Peak usage  In DC (“computerzaal”) by local IT staff  Ubuntu LTS 34
  • 35. Managed servers Buy new server in may 2014 • New OS: 14.04 Buy new server in march 2014 • 2 year old OS: 12.04 35
  • 36. More recent software?  Researcher: I need a newer version of X  IT staff: There is no update in Ubuntu repo  Researcher: But I really need it!  IT staff: No worry, we installed GCC and increased your quota. But please, put it in a NoBackup folder 36
  • 37. 37
  • 38. Network zones  DMZ  Intranet  Lab  Experiments 38
  • 39. Virtualization Managed system Root access on virtual machines No solution for networking and storage 39
  • 41. Self service  Setup a pool of hardware  Isolate users from each other  Users and teams can create servers, networks, change firewall rules, use multiple zones, offer services to other users, … 41
  • 42. 42
  • 43. Public cloud Easy: credit card and ready Bounded to their AUP Harder to predict cost Data not on premise Not so cheap 43
  • 44. Private cloud  Harder to set up and operate  Up-front cost and hosting cost  Better integration with own infrastructure  Fixed size 44
  • 45. OpenStack  Start with one server with OpenStack Folsom in 2012  Added two servers two months later  Add two servers  Migrated local storage to shared Ceph storage  Add three servers  Upgraded from 1G to 4x1G  Added NetApp NFS archive  Add SSD caching layer in Ceph  Migrated to 2x10G  Add eight server servers  Same interface for users! 45
  • 46. Current setup  2x controller  1x mgmt server  6x performance nodes • CPU pinning, NUMA awareness, local storage • 2x8 Cores + 64GB ram  6x general purpose • 128GB ram • 2x14 cores • Ceph storage • SSD + SAS disks  2x10G  NetApp filer with 48TB storage 46
  • 47. Virtual infrastructure  Three different uplinks (network zones)  Different routing and floating IP model  Each user gets their own sandbox with quotas  Team projects get their own project  Security groups by default closed  Routes from and to all user networks within private address range  Access with SSH or OpenVPN 47
  • 49. Config model 49 entity Project: """ A personal sandbox project in OpenStack :param name The username and projectname to create :param email The email address of the user :param subnet_id The third octet of the project :param public_network Create a network in the public zone :param lab_network Create a network in the lab zone (they get their own router) :param exp_network Create a network in the experimental zone """ string name string email number subnet_id bool public_network bool lab_network bool exp_network end index Project(name) index Project(subnet_id) Project personal_projects [0:] -- [1] neutron::Network lab_uplink Project personal_projects [0:] -- [1] neutron::Subnet lab_routing_subnet Project admin_projects [0:] -- [1] keystone::Project admin_project Project personal_projects [0:] -- [1] keystone::Project project Project personal_projects [0:] -- [1] vm::IaaS iaas Project personal_project_public_router [0:] -- [1] neutron::Router public_router Project personal_project_exp_router [0:] -- [1] neutron::Router exp_router
  • 50. User setup 50 implementation personalProject for Project: # define the user stuff self.project = keystone::Project(iaas=self.iaas, name=name, enabled=true, description="Personal project of {{ name }} ({{ email }})") user = keystone::User(iaas=self.iaas, name=name, email=email, enabled=true, password=password) keystone::Role(project=self.project, user=user, role="Member") keystone::Role(project=self.project, user=user, role="heat_stack_owner") keystone::Role(project=self.project, user=keystone::User[name="admin"], role="admin") keystone::Role(project=keystone::Project[name="openvpn"], user=user, role="Member") std::User(host=self.iaas.access_vm, name=name, shell=“/bin/bash”) end
  • 51. Public network zone 51 implementation publicNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_net", project=self.project, self.iaas=iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.public_router, dhcp=true, name="{{ name }}_net", network_address="172.16.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.16.{{subnet_id}}.10", allocation_end="172.16.{{subnet_id}}.254") end
  • 52. Lab network zone 52 implementation labNet for Project: # Create a dedicated router and network for this demo environment router = neutron::Router(name="router-{{name}}", iaas=self.iaas, project=self.project, ext_gateway=self.lab_uplink) net = neutron::Network(name="{{name}}_lab", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=router, dhcp=true, name="{{name}}_lab", network_address="172.17.{{subnet_id}}.0/24", iaas=self.iaas, allocation_start="172.17.{{subnet_id}}.10", allocation_end="172.17.{{subnet_id}}.254") router_port = neutron::RouterPort(project=self.admin_project, iaas=self.iaas, name="{{name}}_lab_routing", address="172.18.0.{{subnet_id}}", subnet=self.lab_routing_subnet, router=router, purged=false) router.routes = neutron::Route(destination="172.16.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.17.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.19.0.0/16", nexthop="172.18.0.253") neutron::Route(destination="172.17.{{subnet_id}}.0/24", nexthop="172.18.0.{{subnet_id}}", router=self.public_router) end
  • 53. Experimental network zone 53 implementation expNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_exp", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.exp_router, dhcp=true, name="{{ name }}_exp", network_address="172.19.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.19.{{subnet_id}}.10", allocation_end="172.19.{{subnet_id}}.254") end implement Project using personalProject implement Project using labNet when lab_network implement Project using publicNet when public_network implement Project using expNet when exp_network
  • 54. 54
  • 56. Self-service  Getting money to change things is hard  Got support from local IT  Start small  Documentation  Demo!  Training  Pro-bono services 56
  • 57. Elasticity  (private) Cloud should be elastic  Resource have to seem infinite  But do enforce quotas  Capacity management and planning  Capacity problems encourages hoarding 57
  • 58. Resource accounting  Quotes help wasting resources  Abandoned virtual machines  50 useful VM’s vs one VM trashing for weeks?  Working on better monitoring  Anomaly detection  Public shaming 58
  • 59. Contact  bart.vanbrabant at inmanta.com  @bartvanbrabant  https://bart.vanbrabant.eu  https://inmanta.com  https://github.com/inmanta/inmanta  @inmanta_com 59