OpenStack Overview

What is Cloud Computing?

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

What are the different kinds of cloud deployments?

- Private: Your organization is the only one that uses the cloud.  Your organization can host it or a third party might.

- Public: Hosted by anyone and available to the general public

- Community: Hosted for a group of people or organizations that share some kind of requirement (e.g., certain security requirements - like US GovCloud)

- Hybrid Cloud: A combo of two or more of these cloud deployment types

What are the benefits of open source?

- Open source accelerates industry-wide adoption

- Reduces TCO (total cost of ownership)

- Backed by a large community

- Increased security and trust

What are the four "opens"?

- Open source

- Open design: Every development cycle the OpenStack community holds face-to-face events to gather requirements and write specifications for the upcoming releas

- Open development: Maintain a publicly available source code repository through the entire development process. We do public code reviews. We have public roadmaps.

- Open community: One of our core goals is to maintain a healthy, vibrant developer and user community.

What are descriptions of OpenStack?

a "cloud operating system" or "Linux for the data center"

What does the OpenStack project landscape look like?

Describe what happens when you start OpenStack and instantiate a VM?

When you log into OpenStack, Keystone authenticates you. When you click "Launch Instance", a REST API request goes to Nova's API, which grabs a disk image from Glance, which could be stored on Swift object storage. Nova validates networking info with Neutron, and then communicates with the hypervisor (QEMU-KVM). Nova's program on the compute node copies the image file from Glance locally. Neutron creates the virtual NIC, MAC address, and gets an IP. Then the VM mounts a Cinder volume if needed.

What are common attributes of an OpenStack project (e.g., Glance)?

Each project:

- Is written in Python

- Has an elected "Project Technical Lead" (PTL)

- Has separate developers and design teams

- Has separate development and release cycles

- Has a well defined public API

- With the exception of Horizon, which is the Web GUI, all other projects have a RESTful (JSON/HTTP) API

- And has a separate persistent database layer

How do the different components of OpenStack fit together (in a diagram)?

- Endpoint Node - External network (OpenStack data plane), which runs load balancing and high availability services

- Controller Node - API network (OpenStack control plane), which hosts communication services that support operation of the whole cloud, including the queue server, state database, Horizon dashboard, and possibly a monitoring system

- Compute Cluster Node - Internal Network Compute - hosts a hypervisor and virtual instances, and provides compute resources to them

- Volume Node - Internal Network Storage - hosts the nova-volume service and also serves as an iSCSI target

How do the different components of OpenStack interconnect at a micro-service level?

What is a "backend" in OpenStack?

"backend" refers to the systems or technologies behind an OpenStack cloud services. For example, Compute may use different hypervisors to manage virtual machines (e.g., KVM, Xen, VMware ESXi), and each would be a different backend. For a storage example, the Cinder service can use LVM as the backend. For a networking example, the Neutron service can use Open vSwitch or Linux bridges as backends. For the Identity service, the backend may be LDAP.

How does OpenStack communicate with its backends?

OpenStack uses drivers (e.g., keystone.oauth1.backends.base.Oauth1DriverBase) and it defines what each backend should be abstractly providing to it by configuring "abstract base classes". There's a base.py file for each OpenStack service that contains this configuration.

What are the three active branches of an OpenStack project?

- master: the Development release

- stable: the most recent Maintained release

- oldstable: the previous Maintained release

When an OpenStack release becomes End-of-Life, what happens?

developers can only make security patches on it

Why is Kubernetes driving bare-metal cloud tech?

Kubernetes workloads function better on hardware that isn't already spending resources on a hypervisor

What is Advanced Message Queuing Protocol (AMQP)?

an open standard application layer protocol for message-oriented middleware. The defining features of AMQP are message orientation, queuing, routing (including point-to-point and publish-and-subscribe), reliability and security.

What are some attributes of AMQP?

- It is a "wire-level protocol" that sends data as a string of binary bytes

- It goes across TCP ports 5671 and 5672

- XMPP is an alternative

- AMQP doesn't have a standard API

- The inter-service communications that follow AMQP include RabbitMQ, Qpid, or ZeroMQ

What are the primitives for sending and receiving messages with AMQP?

- Creating and deleting queues

- Publishing and consuming messages

- Describing the properties of messages

- Specifying the routing of messages

- Managing connections and channels

What is RabbitMQ?

RabbitMQ functions as a message queue, managing the routing, queuing, and delivery of messages from senders (producers) to receivers (consumers). It offers a versatile publish-subscribe model, where messages are sent to "exchanges," which then route them to relevant "queues" based on configurable rules. It is often used to decouple applications.

When you deploy an instance, what happens? (part 1)

1. a User logs into a user interface and authenticates with Keystone. This request could come from the OpenStack command line client via the openstack server create command or the Horizon Dashboard user interface.

2. When the user logs in to the user interface, they are authenticated by Keystone based on domain, user name, and password plus a default project. To create a virtual machine, they select Launch Instance and provide the necessary input, making selections for proper image, flavor, SSH keys, network, etc. Once that information has been input, the user clicks Launch Instance to begin the process.

3. This action causes a REST API request to be sent to Nova (or more precisely, the nova-api process). Nova will interface with other OpenStack components to fulfill the request using hypervisor-specific APIs to deploy the instance.

When you deploy an instance, what happens? (part 2)

4. Nova then uses images stored by Glance (an Image service). Initially, nova-api validates the image name as well as the checksum data with Glance. The images might be stored in Swift, for example. OpenStack Swift is a distributed object storage system that uses an http server which replicates an S3 api and allows for storage and retrieval of objects – in this case, images.

5. At this stage, Nova then validates the networking info in the request with Neutron.

6. The nova-compute service communicates with the QEMU-KVM to install a rules file and set the correct permissions on the /dev/kvm device node.

When you deploy an instance, what happens? (part 3)

7. Next nova-compute (on the compute node) works with Glance to retrieve the image disk file; copying it locally. The image disk file is used to boot the virtual machine.

8. While the virtual machine is booting, nova-compute works with Neutron to create a virtual NIC, assign a MAC address, assign an IP address, etc.

9. Optionally, after the virtual machine is deployed, the request could include additional block storage (non-root disks or volumes) that are to be attached to the instance using Cinder. Cinder is a Volume service.