Tweaking openstack

•Télécharger en tant que PPTX, PDF•

2 j'aime•1,110 vues

Vish Abrams

Technologie

© 2013 Nebula, Inc. All rights reserved.
Vishvananda Ishaya, Director of Open Source, Nebula Inc.

© 2013 Nebula, Inc. All rights reserved. 2
• OpenStack Technical Committee
Member
• Started at NASA the day
Nova was created
• Nova Technical Lead for the
first two years of its existence
• Designed and deployed multiple
private clouds with OpenStack

© 2013 Nebula, Inc. All rights reserved.

© 2013 Nebula, Inc. All rights reserved. 4
$ _

© 2013 Nebula, Inc. All rights reserved. 5
$ (apt-get|yum) install openstack

© 2013 Nebula, Inc. All rights reserved. 6
$ (apt-get|yum) install openstack
...

© 2013 Nebula, Inc. All rights reserved. 7
$ (apt-get|yum) install openstack
...
openstack installed successfully!
$ _

© 2013 Nebula, Inc. All rights reserved. 8
$ _

© 2013 Nebula, Inc. All rights reserved. 9
$ (apt-get|yum) install openstack

© 2013 Nebula, Inc. All rights reserved. 10
$ (apt-get|yum) install openstack
unknown command
$ _

© 2013 Nebula, Inc. All rights reserved. 11
$ (apt-get|yum) install openstack
unknown command
$ _

© 2013 Nebula, Inc. All rights reserved. 12
$ (apt-get|yum) install openstack
unknown command
$ _

© 2013 Nebula, Inc. All rights reserved. 13
$ (apt-get|yum) install openstack
unknown command
$ _

© 2013 Nebula, Inc. All rights reserved. 14
$ _

© 2013 Nebula, Inc. All rights reserved. 15
$ git clone git::/github.com...
...
$ cd devstack
$ ./stack.sh

© 2013 Nebula, Inc. All rights reserved. 16
$ git clone git::/github.com...
...
$ cd devstack
$ ./stack.sh

© 2013 Nebula, Inc. All rights reserved. 17
• Tiny to very large scale
• Pluggable backends
• Multiple components

© 2013 Nebula, Inc. All rights reserved. 18
• Tiny to very large scale
• Pluggable backends
• Multiple components
WAT!?

© 2013 Nebula, Inc. All rights reserved. 20
• Neutron OVS
• Neutron Vendor
• Nova-network vlan
• Nova-network flat

© 2013 Nebula, Inc. All rights reserved. 21
• KVM
• Xen
• Hyper-V
• ESX
• Other

© 2013 Nebula, Inc. All rights reserved. 22
• Swift
• Ceph

© 2013 Nebula, Inc. All rights reserved. 23
• Default LVM
• Ceph
• Solidfire
• Netapp

© 2013 Nebula, Inc. All rights reserved. 24
• Compute (nova)
• Object Storage (swift)
• Image Service (glance)
• Identity (keystone)
• Dashboard (horizon)
• Networking (neutron)
• Block Storage (cinder)
• Metering (ceilometer)
• Orchestration (heat)

© 2013 Nebula, Inc. All rights reserved. 25
• Compute (nova)
• Object Storage (swift)
• Image Service (glance)
• Identity (keystone)
• Dashboard (horizon)
• Networking (neutron)
• Block Storage (cinder)
• Metering (ceilometer)
• Orchestration (heat)

© 2013 Nebula, Inc. All rights reserved. 27
• force_dhcp_release=true
• defer_iptables_apply=true
• multi_host=true
• share_dhcp_address=true
• dnsmasq_config_file=/path/to/file
(configure dnsmasq to pass external gateway)

© 2013 Nebula, Inc. All rights reserved. 28
• force_raw_images=False
• use_cow_images=False
• resume_guests_state_on_host_boot=True
• running_deleted_instance_action=reap

© 2013 Nebula, Inc. All rights reserved. 29
• Turn on jumbo frames
• Increase tx queue length
• Tweak guest tcp settings
• http://buriedlede.blogspot.com/2012/11/driving-100-gigabit-network-
with.html

© 2013 Nebula, Inc. All rights reserved. 31
• Normal linux hardening applies
• Control access to the host machines
• Keep software up-to-date
• Don’t have services listen on 0.0.0.0
• Separate mgmt and guest traffic
• http://aa4698cc2bf4ab7e5907-
ed3df21bb39de4e57eec9a20aa0b8711.r41.cf2.rackcdn.com/Ope
nStackSecurityGuide.epub

© 2013 Nebula, Inc. All rights reserved. 32
• Only enable api extensions your users need
• Only enable scheduler filters your users need
• Customize policy for administrative actions
• Use HTTPS in front of api services
• Consider disabling instance migration

© 2013 Nebula, Inc. All rights reserved.
Thank you.Thank you.

Contenu connexe

Tendances

In this lecture will show an introduction to OpenStack, starting with the basic concepts of Cloud, keywords, what Openstack project is, the use cases, history, the project overview, features, tools and roadmap. The following topics will be covered: * Introduction to Cloud Computing (Keyword such: Virtualization; Iaas, Paas, Saas; Public/Private/Hybrid/Community Cloud; Concepts: scalability, elasticity , provisioning, self-service, multi tenant, billing, etc) * What is OpenStack? * Who are using it? * History, Releases/Versions and Evolution * Architecture * Sub-projects (Keystone, Glance, Nova, Openstack Networking/Quantum/Neutron, Cinder, Swift, Horizon, Ceilometer, Heat, Oslo, Marconi, etc) * Tools * Next Releases * Who helps and distributions (RDO, StackOps, Devstack, Dell OpenStack, etc)

Latinoware 2013 - OpenStack RDO - A walkthrough by the Open Source Cloud Comp...

Luan Cestari

OpenStack Toronto Q3 MeetUp - September 28th 2017

Stacy Véronneau

Elastic build environment

Cachet Software Solutions Ltd

OpenStack Congress and Datalog (English)

Motonori Shindo

VietOpenStack Boston recap 2017

Vietnam Open Infrastructure User Group

OpenStack e le nuove Infrastrutture IT

Giuseppe Paterno'

Libcloud and j clouds

DaeMyung Kang

Getting Started with OpenStack from Hong Kong Summit Session November 5

Niki Acosta

OpenStack @ CERN, by Tim Bell

Amrita Prasad

Science logic cloudstack london meetup 2015 02-11

ShapeBlue

OpenStack運用管理最前線 - OpenStack最新情報セミナー 2014年12月

VirtualTech Japan Inc.

OpenStack architecture and services

vinoth kumar selvaraj

OpenStack Overview and History

Mirantis

[Rakuten TechConf2014] [F-4] At Rakuten, The Rakuten OpenStack Platform and B...

Rakuten Group, Inc.

Robert collins openstack on openstack 201304162

OpenStack Foundation

OpenStack Overview

openstackstl

Tendances (16)

Latinoware 2013 - OpenStack RDO - A walkthrough by the Open Source Cloud Comp...

OpenStack Toronto Q3 MeetUp - September 28th 2017

Elastic build environment

OpenStack Congress and Datalog (English)

VietOpenStack Boston recap 2017

OpenStack e le nuove Infrastrutture IT

Libcloud and j clouds

Getting Started with OpenStack from Hong Kong Summit Session November 5

OpenStack @ CERN, by Tim Bell

Science logic cloudstack london meetup 2015 02-11

OpenStack運用管理最前線 - OpenStack最新情報セミナー 2014年12月

OpenStack architecture and services

OpenStack Overview and History

[Rakuten TechConf2014] [F-4] At Rakuten, The Rakuten OpenStack Platform and B...

Robert collins openstack on openstack 201304162

OpenStack Overview

Similaire à Tweaking openstack

Openstack 101 by Jason Kalai

MyNOG

Apache Spark Operations

Cloudera, Inc.

5 cisco open_stack

openstackindia

OpenStack for devops environment

Orgad Kimchi

OpenStack for VMware Admins - Maish Saidel-Keesing, Cisco

Cloud Native Day Tel Aviv

Openstack 101

Kamesh Pemmaraju

JavaOne 2014: Next Step in Automation: Elastic Build Environment

Kohsuke Kawaguchi

Effective Spark on Multi-Tenant Clusters

DataWorks Summit/Hadoop Summit

Audience: Intermediate About: Developing a new product from scratch in a large business can be a time- and effort-consuming exercise. When Telstra started our journey on a new initiative developing a new platform to support bringing new products to market more quickly and cost-effectively, we knew that we would need to do things a bit differently. How can we build faster and cheaper? Can we do it without deploying any physical elements? How can we get closer to our aspirations for a Continuous Deployment model? How can we start small(ish) and grow rather than deploying everything up front? This presentation will talk about these questions and how they lead to our use of OpenStack for both application deployment and a Network Functions Virtualisation platform. Speaker Bio: Rik Harris – Cloud Technology Strategy, Telstra Rik is an experienced IT professional who has been working in corporate and government Australia for around 25 years. He has been with Telstra since 2003 in several roles, including running IT infrastructure deployment teams, managing engineering for Telstra internal shared infrastructure and currently responsible for technology strategy for Telstra’s Cloud business. OpenStack Australia Day - Sydney 2016 https://events.aptira.com/openstack-australia-day-sydney-2016/

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

OpenStack

Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi

ZeroTurnaround

OpenStack 101

All Things Open

[Presented at All Things Open 2015 in Raleigh, NC, USA] OpenStack is one of the fastest-growing and exciting open source projects of our time. OpenStack has drawn together technologists from all over the world to create a cloud operating system and a huge, diverse community behind it. This talk will provide an introduction to OpenStack for newcomers to the project of those who just want to know more. We’ll take a brief look at OpenStack’s history, get a technical overview of the project, learn how to contribute, and check out a few emerging trends and hot topics in the OpenStack world.

OpenStack 101 - All Things Open 2015

Mark Voelker

Deep learning is useful for enterprises tasks in the field of speech recognition, image classification, AI chatbots and machine translation, just to name a few. In order to train deep learning/machine learning models, applications such as TensorFlow / MXNet / Caffe / XGBoost can be leveraged. And sometimes these applications will be used together to solve different problems. To make distributed deep learning/machine learning applications easily launched, managed, monitored. Hadoop community has introduced Submarine project along with other improvements such as first-class GPU support, container-DNS support, scheduling improvements, etc. These improvements make distributed deep learning/machine learning applications run on YARN as simple as running it locally, which can let machine-learning engineers focus on algorithms instead of worrying about underlying infrastructure. Also, YARN can better manage a shared cluster which runs deep learning/machine learning and other services/ETL jobs with these improvements. In this session, we will take a closer look at Submarine project as well as other improvements and show how to run these deep learning workloads on YARN with demos. Audiences can start trying running these workloads on YARN after this talk. Speakers: Sunil Govindan, Staff Engineer Hortonworks Zhankun Tank, Staff Engineer Hortonworks

Hadoop {Submarine} Project: Running Deep Learning Workloads on YARN

DataWorks Summit

Openstack - An introduction/Installation - Presented at Dr Dobb's conference...

Rahul Krishna Upadhyaya

Boston/NYC Chef for OpenStack Hack Days

Matt Ray

What's New in Grizzly & Deploying OpenStack with Puppet

Mark Voelker

Based on a paper published by Shallue, C. J., & Vanderburg (1), this talk introduce the main process and terminology to newbie Data & ML Engineers and Data Scientist covering the full ML lifecycle from data preparation, model exploration, training evaluation and inference using Tensorflow, GPUs and Cloudera Data Science Workbench (CDSW). Based on a paper published by Shallue, C. J., & Vanderburg, A. (2018). Identifying Exoplanets with Deep Learning: A Five-planet Resonant Chain around Kepler-80 and an Eighth Planet around Kepler-90. The Astronomical Journal, 155(2), 94.

Discovering exoplanets with Deep Leaning

Rafael Arana

From OpenStack to Docker swarm

Nikolay Milovanov

2013-cloudconnect-OpenStack@BT

uictamale

Getting Apache Spark Customers to Production

Cloudera, Inc.

Similaire à Tweaking openstack (20)

Openstack 101 by Jason Kalai

Apache Spark Operations

5 cisco open_stack

OpenStack for devops environment

OpenStack for VMware Admins - Maish Saidel-Keesing, Cisco

Openstack 101

JavaOne 2014: Next Step in Automation: Elastic Build Environment

Effective Spark on Multi-Tenant Clusters

Using OpenStack to Accelerate New Product Development: Rik Harris, Telstra

Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi

OpenStack 101

OpenStack 101 - All Things Open 2015

Hadoop {Submarine} Project: Running Deep Learning Workloads on YARN

Openstack - An introduction/Installation - Presented at Dr Dobb's conference...

Boston/NYC Chef for OpenStack Hack Days

What's New in Grizzly & Deploying OpenStack with Puppet

Discovering exoplanets with Deep Leaning

From OpenStack to Docker swarm

2013-cloudconnect-OpenStack@BT

Getting Apache Spark Customers to Production

Dernier

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Dernier (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

presentation ICT roal in 21st century education

MINDCTI Revenue Release Quarter One 2024

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

CNIC Information System with Pakdata Cf In Pakistan

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Ransomware_Q4_2023. The report. [EN].pdf

Apidays New York 2024 - The value of a flexible API Management solution for O...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Tweaking openstack

2. © 2013 Nebula, Inc. All rights reserved. 2 • OpenStack Technical Committee Member • Started at NASA the day Nova was created • Nova Technical Lead for the first two years of its existence • Designed and deployed multiple private clouds with OpenStack

24. © 2013 Nebula, Inc. All rights reserved. 24 • Compute (nova) • Object Storage (swift) • Image Service (glance) • Identity (keystone) • Dashboard (horizon) • Networking (neutron) • Block Storage (cinder) • Metering (ceilometer) • Orchestration (heat)

25. © 2013 Nebula, Inc. All rights reserved. 25 • Compute (nova) • Object Storage (swift) • Image Service (glance) • Identity (keystone) • Dashboard (horizon) • Networking (neutron) • Block Storage (cinder) • Metering (ceilometer) • Orchestration (heat)

27. © 2013 Nebula, Inc. All rights reserved. 27 • force_dhcp_release=true • defer_iptables_apply=true • multi_host=true • share_dhcp_address=true • dnsmasq_config_file=/path/to/file (configure dnsmasq to pass external gateway)

29. © 2013 Nebula, Inc. All rights reserved. 29 • Turn on jumbo frames • Increase tx queue length • Tweak guest tcp settings • http://buriedlede.blogspot.com/2012/11/driving-100-gigabit-network- with.html

31. © 2013 Nebula, Inc. All rights reserved. 31 • Normal linux hardening applies • Control access to the host machines • Keep software up-to-date • Don’t have services listen on 0.0.0.0 • Separate mgmt and guest traffic • http://aa4698cc2bf4ab7e5907- ed3df21bb39de4e57eec9a20aa0b8711.r41.cf2.rackcdn.com/Ope nStackSecurityGuide.epub

32. © 2013 Nebula, Inc. All rights reserved. 32 • Only enable api extensions your users need • Only enable scheduler filters your users need • Customize policy for administrative actions • Use HTTPS in front of api services • Consider disabling instance migration

Notes de l'éditeur

Swift has some great characteristics, but its hard to argue against the two for the price of one (object and block storage) that ceph provides.
Once again the two-for-one is valuable unless you have existing investment in a storage solution.
Ceilometer requires quite a bit of manual configuration and coding to be useful. It doesn’t yet provide a lot out-of-the-box.
Swift has proved its value at really large scale and the default neutron backend still has a few performance and HA drawbacks.

Tweaking openstack

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (16)

Similaire à Tweaking openstack

Similaire à Tweaking openstack (20)

Dernier

Dernier (20)

Tweaking openstack

Notes de l'éditeur