SlideShare a Scribd company logo

Learn OpenStack from trystack.cn ——Folsom in practice

OpenCity Community
OpenCity Community

Trystakc.cn was announced in OpenStack Summit San Diego 2012(www.slideshare.net/openstack/trystack-introfinalpdf ).It was a Non-profit OpenStack community projects. By Stackers, for stackers. Experience the latest OpenStack features. Welcoming contributions and feedback, Join the fun !

Related slideshows

DevCloud and CloudMonkey
DevCloud and CloudMonkeyDevCloud and CloudMonkey
DevCloud and CloudMonkey
 
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServerUnder the Hood: Open vSwitch & OpenFlow in XCP & XenServer
Under the Hood: Open vSwitch & OpenFlow in XCP & XenServer
 
CloudStack and SDN
CloudStack and SDNCloudStack and SDN
CloudStack and SDN
 
1 of 26
Download to read offline
TRYSTACK.CN Learn OpenStack from trystack.cn ——Folsom in practice @ben_duyujie 99cloud.net #ChengDu for ECUG Con 2012 Du.yujie@99cloud.net
TRYSTACK.CN Who am I ? -OpenStack Evangelist who is this talk for? -Co-founder of COUSG - wants to learn more about OpenStack -OpenStack Foundation - for supporting trystack @trystack on board member http://www.openstack.org/foundation/board-of-directors/ 2012/12/23 www.trystack.cn 2
TRYSTACK.CN Why OpenStack? • Open Source –Apache 2.0 license, Contributors agreement. • Open Design –Design Summit every six months. • Open Development - managed via Launchpad & gihub. • Open community – Lazy consensus model, OpenStack Foundation in 2012. 2012/12/23 www.trystack.cn 3
TRYSTACK.CN What’s trystack.cn ? • Non-profit OpenStack community projects. • By Stackers, for stackers. • Experience the latest OpenStack features. – Announced in OpenStack Summit San Diego 2012. Welcoming contributions and feedback, Join the fun ! Slides are on slideshare for download: www.slideshare.net/openstack/trystack-introfinalpdf 2012/12/23 www.trystack.cn 4
TRYSTACK.CN Who are trying? A single region: the“CloudFoundry Region“ for VMWare team • 4 servers with 32G+ memory, 12+ cores each • 1TB storage • Network – CF VLAN: 100 ip (all VMs need to access internet directly) – Service VLAN (optional): 8 ip – Public VLAN: 1 public ip • Images – 64-bit Ubuntu 10.04 LTS • Openstack – Folsom • OS_USERNAME, OS_TENANT_NAME, OS_PASSWORD, OS_AUTH_URL – Openstack console access CloudFoundry doesn't work on folsom • https://groups.google.com/a/cloudfoundry.org/forum/?fromgroups=#!topic/bosh-users/0mzvv5HLQ5o • https://bugs.launchpad.net/nova/+bug/1076119 2012/12/23 www.trystack.cn 5
TRYSTACK.CN 2012/12/23 www.trystack.cn 7 Source: http://ken.pepple.info/openstack/2012/09/25/openstack-folsom-architecture/
TRYSTACK.CN Network connectivity as a service Key Capabilities: Architecture •Responsible for managing networks, ports, and attachments on infrastructure for virtual resources •Create/delete tenant-specific L2 networks •L3 support (Floating IPs, DHCP, routing) •Moving to L4 and above in Grizzly •Attach / Detach host to network •Similar to dynamic VLAN support •Support for • Open vSwitch • OpenFlow (NEC & Floodlight controllers) • Cisco Nexus • Niciria 2012/12/23 www.trystack.cn 8
TRYSTACK.CN Networking challenges in the Cloud • Multi-tenants on hypervisors => isolation between guest networks. • VLANs in the datacenter is hard and limit at 4K VLANs. • Hardware switches may not do it very well or have a lower limit. 2012/12/23 www.trystack.cn 9
TRYSTACK.CN Different tenants and applications have different needs Tenant “B” Tenant “A” App App Web Svr Web Svr Web Svr OS OS OS OS OS VM VM VM VM VM 10.0.1.0/24 DataBase OS 10.0.1.0/24 App Svr App Svr MemCach MemCach VM OS OS OS OS VM VM VM VM Tenant “C” DataBase DataBase App DataBase OS OS OS OS VM VM VM VM 198.133.219.10 Internet Access, Management Network Internet and Multi-tenant Services VPN Gateway Service Service Provider Network
TRYSTACK.CN Quantum Architecture API Clients Quantum Server Internal plugin Quantum communication. Uniform API for all clients API Quantum Plugin Tenant Create-net Scripts . Create-net virtual switch Nova Compute . . Horizon Nova Compute . . Nova Compute Create-port Nova Compute Nova . Create-port Interfaces from a service API like Nova plug in to a Extensions DB switch manages by the Quantum plugin. API + Plugin = Quantum Service 2012/12/23 www.trystack.cn 13
TRYSTACK.CN Use a Networking Quantum in Production Controller External API Clients Quantum Server Manager Don't hack Quantum, Choose the right plugin DB just use Quantum API Internal plugin Quantum communication. Uniform API for all clients API Quantum Plugin Tenant Create-net Scripts . Create-net virtual switch Nova Compute . . Horizon Nova Compute . . Nova Compute Create-port Nova Compute Nova . Create-port Interfaces from a service API like Nova plug in to a Extensions DB switch manages by the Be ready for SDN ! Quantum plugin. API + Plugin = Quantum Service 2012/12/23 www.trystack.cn 14
TRYSTACK.CN Essex model Essex iptables model Pubilc Network Pubilc Network Network node(Gateway) L3/DHCHP Functionality In-rules In-routes In-rules In-routes Tenant Tenant Tenant Network Network Network Subnet Subnet Subnet There’s no namespace shared for all tenant’s networks/subnets. All interfaces and their ip addresses,routes,firewall rules in iptables and dhcp processes for tenant interfaces are in the same “namespace”. 2012/12/23 www.trystack.cn 15
TRYSTACK.CN The Folsom network node (L3 / DHCP agent node) Namespace isolated Interfaces (Gateway interfaces Tenant Tenant and others like “tap” interfaces…) don’t show up NameSpace NameSpace anymore in your OS’s configuration commands like Rules Routes Addr Other Rules Routes Addr Other “route”, “ip “, “ifconfig”. Firewall / NAT rules (Iptables Router(s) Router(s) rules) won’t show up anymore in “iptables” commands for Network(s) Network(s) the system wide rules. Subnet(s) Subnet(s) DHCP interfaces (See left) also doesn’t show up. 2012/12/23 www.trystack.cn 16
TRYSTACK.CN What does Quantum provide ? • API for Networking in OpenStack • Nova Integration • OSI Network Layers L2 + L3 • Decouples Logical / Tenant view of the network from Physical / Provider 2012/12/23 www.trystack.cn 17
TRYSTACK.CN What does Quantum provide ? • Provides connectivity to VMs, Decouples Logical / Tenant view of the network from Physical / Provider. • Manage OSI Network Layers L2 & L3 with an API. • Not yet full-integraded with Dashboard : only L2 is working. L3 should be managed from CLI. Horizon can't manage L3 (routers + floatings IP). • Networking backed by plugins : Open-vSwitch, Linux Bridge, Cisco, OpenFlow (BigSwitch, Floodlight, NEC, Ryu, etc), Midonet (Midokura) and NVP (Nicira /Vmware). 2012/12/23 www.trystack.cn 18
TRYSTACK.CN Quantum Openvswitch plugin • The Quantum Openvswitch plugin consists of two components: • 1) A plugin loaded at runtime by the Quantum service. The plugin processes all API calls and stores the resulting logical network data model and associated network mappings in a database backend . • 2) An agent which runs on each compute node (i.e., each node running nova-compute). This agent gathers the configuration and mappings from the central mysql database and communicates directly with the local Open vSwitch instance to configure flows to implement the logical data model. Try it yourself: http://wiki.openstack.org/QuantumDevstack 2012/12/23 www.trystack.cn 19
TRYSTACK.CN Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!! 2012/12/23 www.trystack.cn 20
TRYSTACK.CN Try it now ! • Thank you to our Partners/Sponsors: Don't believe me. – Intel,IBM, Sugon suport Believe yourself. hardware – VMWare cloudfoundry team Give it a try. testing Thanks! • Many thanks to our QQ Group: 162033258 Contributors: Weibo: @trystack http://wiki.trystack.cn/main trystack-china+subscribe@googlegroups.com Questions ? Come join us! 2012/12/23 www.trystack.cn 21
TRYSTACK.CN Backup 2012/12/23 www.trystack.cn 22
TRYSTACK.CN Road to the OpenStack Foundation April 2012 October 2011 19 companies Announced plans to announce support for July 18, 2012 Sept 19, 2012 launch independent Foundation; form Final legal documents OpenStack Foundation in 2012 Drafting Committee posted for ratification Foundation Launch! Jan/Feb 2012 June/July 2012 August 2012 July 2010 Created framework Individual & Gold Director Drafting committee OpenStack for Foundation as a elections; first Board of produces and publishes community community Directors meeting three rounds of legal established documents 2012/12/23 www.trystack.cn 23
TRYSTACK.CN 2012/12/23 www.trystack.cn 24
TRYSTACK.CN Foundation Membership • Individual Members Free to join, run, vote http://www.openstack.org/join • Platinum Members Contribute funds, full-time employees Appoint one director to the board • Gold Members Contribute funds Elect members to the board from their class 2012/12/23 www.trystack.cn 25
TRYSTACK.CN What’s next • 2013 Board Elections Individual Member nominations closed December 7th, 2012 Elections taking place January 14-18, 2013 See openstack.org/election • Grizzly Release Scheduled for April 4 with 195 total blueprints First milestone released November 23 with 40 blueprints • OpenStack Summit Details coming soon for April 2013 Summit First International Summit planned for October 2013 2012/12/23 www.trystack.cn 26
TRYSTACK.CN OpenStack Community companies 2012/12/23 www.trystack.cn 27 Nov 2012, From http://www.openstack.org/foundation/companies/
TRYSTACK.CN Some OpenStack Public Use Cases • Internap – http://www.internap.com/press-release/internap-announces-world%E2%80%99s-first-commercially-available- openstack-cloud-compute-service/ • Rackspace Cloud Servers, Powered by OpenStack – http://www.rackspace.com/blog/rackspace-cloud-servers-powered-by-openstack-beta/ • Deutsche Telekom – http://www.telekom.com/media/media-kits/104982 • AT&T – http://arstechnica.com/business/news/2012/01/att-joins-openstack-as-it-launches-cloud-for-developers.ars • MercadoLibre – http://openstack.org/user-stories/mercadolibre-inc/mercadolibre-s-bid-for-cloud-automation/ • NeCTAR – http://nectar.org.au/ • San Diego Supercomputing Center – http://openstack.org/user-stories/sdsc/ • HPCloud – https://www.hpcloud.com/ 2012/12/23 www.trystack.cn 28
TRYSTACK.CN Where can find OpenStack ? • http://trystack.org/ – Register to try out a test public OpenStack cloud • http://devstack.org/ – Script to setup simple/developer installs – Currently Ubuntu centric – fedoraproject.org/wiki/OpenStack_devstack 2012/12/23 www.trystack.cn 29

More Related Content

Learn OpenStack from trystack.cn ——Folsom in practice

  • 1. TRYSTACK.CN Learn OpenStack from trystack.cn ——Folsom in practice @ben_duyujie 99cloud.net #ChengDu for ECUG Con 2012 Du.yujie@99cloud.net
  • 2. TRYSTACK.CN Who am I ? -OpenStack Evangelist who is this talk for? -Co-founder of COUSG - wants to learn more about OpenStack -OpenStack Foundation - for supporting trystack @trystack on board member http://www.openstack.org/foundation/board-of-directors/ 2012/12/23 www.trystack.cn 2
  • 3. TRYSTACK.CN Why OpenStack? • Open Source –Apache 2.0 license, Contributors agreement. • Open Design –Design Summit every six months. • Open Development - managed via Launchpad & gihub. • Open community – Lazy consensus model, OpenStack Foundation in 2012. 2012/12/23 www.trystack.cn 3
  • 4. TRYSTACK.CN What’s trystack.cn ? • Non-profit OpenStack community projects. • By Stackers, for stackers. • Experience the latest OpenStack features. – Announced in OpenStack Summit San Diego 2012. Welcoming contributions and feedback, Join the fun ! Slides are on slideshare for download: www.slideshare.net/openstack/trystack-introfinalpdf 2012/12/23 www.trystack.cn 4
  • 5. TRYSTACK.CN Who are trying? A single region: the“CloudFoundry Region“ for VMWare team • 4 servers with 32G+ memory, 12+ cores each • 1TB storage • Network – CF VLAN: 100 ip (all VMs need to access internet directly) – Service VLAN (optional): 8 ip – Public VLAN: 1 public ip • Images – 64-bit Ubuntu 10.04 LTS • Openstack – Folsom • OS_USERNAME, OS_TENANT_NAME, OS_PASSWORD, OS_AUTH_URL – Openstack console access CloudFoundry doesn't work on folsom • https://groups.google.com/a/cloudfoundry.org/forum/?fromgroups=#!topic/bosh-users/0mzvv5HLQ5o • https://bugs.launchpad.net/nova/+bug/1076119 2012/12/23 www.trystack.cn 5
  • 6. TRYSTACK.CN 2012/12/23 www.trystack.cn 7 Source: http://ken.pepple.info/openstack/2012/09/25/openstack-folsom-architecture/
  • 7. TRYSTACK.CN Network connectivity as a service Key Capabilities: Architecture •Responsible for managing networks, ports, and attachments on infrastructure for virtual resources •Create/delete tenant-specific L2 networks •L3 support (Floating IPs, DHCP, routing) •Moving to L4 and above in Grizzly •Attach / Detach host to network •Similar to dynamic VLAN support •Support for • Open vSwitch • OpenFlow (NEC & Floodlight controllers) • Cisco Nexus • Niciria 2012/12/23 www.trystack.cn 8
  • 8. TRYSTACK.CN Networking challenges in the Cloud • Multi-tenants on hypervisors => isolation between guest networks. • VLANs in the datacenter is hard and limit at 4K VLANs. • Hardware switches may not do it very well or have a lower limit. 2012/12/23 www.trystack.cn 9
  • 9. TRYSTACK.CN Different tenants and applications have different needs Tenant “B” Tenant “A” App App Web Svr Web Svr Web Svr OS OS OS OS OS VM VM VM VM VM 10.0.1.0/24 DataBase OS 10.0.1.0/24 App Svr App Svr MemCach MemCach VM OS OS OS OS VM VM VM VM Tenant “C” DataBase DataBase App DataBase OS OS OS OS VM VM VM VM 198.133.219.10 Internet Access, Management Network Internet and Multi-tenant Services VPN Gateway Service Service Provider Network
  • 10. TRYSTACK.CN Quantum Architecture API Clients Quantum Server Internal plugin Quantum communication. Uniform API for all clients API Quantum Plugin Tenant Create-net Scripts . Create-net virtual switch Nova Compute . . Horizon Nova Compute . . Nova Compute Create-port Nova Compute Nova . Create-port Interfaces from a service API like Nova plug in to a Extensions DB switch manages by the Quantum plugin. API + Plugin = Quantum Service 2012/12/23 www.trystack.cn 13
  • 11. TRYSTACK.CN Use a Networking Quantum in Production Controller External API Clients Quantum Server Manager Don't hack Quantum, Choose the right plugin DB just use Quantum API Internal plugin Quantum communication. Uniform API for all clients API Quantum Plugin Tenant Create-net Scripts . Create-net virtual switch Nova Compute . . Horizon Nova Compute . . Nova Compute Create-port Nova Compute Nova . Create-port Interfaces from a service API like Nova plug in to a Extensions DB switch manages by the Be ready for SDN ! Quantum plugin. API + Plugin = Quantum Service 2012/12/23 www.trystack.cn 14
  • 12. TRYSTACK.CN Essex model Essex iptables model Pubilc Network Pubilc Network Network node(Gateway) L3/DHCHP Functionality In-rules In-routes In-rules In-routes Tenant Tenant Tenant Network Network Network Subnet Subnet Subnet There’s no namespace shared for all tenant’s networks/subnets. All interfaces and their ip addresses,routes,firewall rules in iptables and dhcp processes for tenant interfaces are in the same “namespace”. 2012/12/23 www.trystack.cn 15
  • 13. TRYSTACK.CN The Folsom network node (L3 / DHCP agent node) Namespace isolated Interfaces (Gateway interfaces Tenant Tenant and others like “tap” interfaces…) don’t show up NameSpace NameSpace anymore in your OS’s configuration commands like Rules Routes Addr Other Rules Routes Addr Other “route”, “ip “, “ifconfig”. Firewall / NAT rules (Iptables Router(s) Router(s) rules) won’t show up anymore in “iptables” commands for Network(s) Network(s) the system wide rules. Subnet(s) Subnet(s) DHCP interfaces (See left) also doesn’t show up. 2012/12/23 www.trystack.cn 16
  • 14. TRYSTACK.CN What does Quantum provide ? • API for Networking in OpenStack • Nova Integration • OSI Network Layers L2 + L3 • Decouples Logical / Tenant view of the network from Physical / Provider 2012/12/23 www.trystack.cn 17
  • 15. TRYSTACK.CN What does Quantum provide ? • Provides connectivity to VMs, Decouples Logical / Tenant view of the network from Physical / Provider. • Manage OSI Network Layers L2 & L3 with an API. • Not yet full-integraded with Dashboard : only L2 is working. L3 should be managed from CLI. Horizon can't manage L3 (routers + floatings IP). • Networking backed by plugins : Open-vSwitch, Linux Bridge, Cisco, OpenFlow (BigSwitch, Floodlight, NEC, Ryu, etc), Midonet (Midokura) and NVP (Nicira /Vmware). 2012/12/23 www.trystack.cn 18
  • 16. TRYSTACK.CN Quantum Openvswitch plugin • The Quantum Openvswitch plugin consists of two components: • 1) A plugin loaded at runtime by the Quantum service. The plugin processes all API calls and stores the resulting logical network data model and associated network mappings in a database backend . • 2) An agent which runs on each compute node (i.e., each node running nova-compute). This agent gathers the configuration and mappings from the central mysql database and communicates directly with the local Open vSwitch instance to configure flows to implement the logical data model. Try it yourself: http://wiki.openstack.org/QuantumDevstack 2012/12/23 www.trystack.cn 19
  • 17. TRYSTACK.CN Networking trend • Move to software switches • Move to L3 isolation • Use tunnels between OVS (GRE tech preview) • Program the network through API • Encapsulation virtualizes the network, between overlays on overlays on overlays.. • L3 on L2 on GRE on L3 on L2… • Then you bring the WAN and you have: • L3 on L2 on GRE on L3 on L2 on GRE on L3 on L2 ….Euhhhh !!! 2012/12/23 www.trystack.cn 20
  • 18. TRYSTACK.CN Try it now ! • Thank you to our Partners/Sponsors: Don't believe me. – Intel,IBM, Sugon suport Believe yourself. hardware – VMWare cloudfoundry team Give it a try. testing Thanks! • Many thanks to our QQ Group: 162033258 Contributors: Weibo: @trystack http://wiki.trystack.cn/main trystack-china+subscribe@googlegroups.com Questions ? Come join us! 2012/12/23 www.trystack.cn 21
  • 19. TRYSTACK.CN Backup 2012/12/23 www.trystack.cn 22
  • 20. TRYSTACK.CN Road to the OpenStack Foundation April 2012 October 2011 19 companies Announced plans to announce support for July 18, 2012 Sept 19, 2012 launch independent Foundation; form Final legal documents OpenStack Foundation in 2012 Drafting Committee posted for ratification Foundation Launch! Jan/Feb 2012 June/July 2012 August 2012 July 2010 Created framework Individual & Gold Director Drafting committee OpenStack for Foundation as a elections; first Board of produces and publishes community community Directors meeting three rounds of legal established documents 2012/12/23 www.trystack.cn 23
  • 21. TRYSTACK.CN 2012/12/23 www.trystack.cn 24
  • 22. TRYSTACK.CN Foundation Membership • Individual Members Free to join, run, vote http://www.openstack.org/join • Platinum Members Contribute funds, full-time employees Appoint one director to the board • Gold Members Contribute funds Elect members to the board from their class 2012/12/23 www.trystack.cn 25
  • 23. TRYSTACK.CN What’s next • 2013 Board Elections Individual Member nominations closed December 7th, 2012 Elections taking place January 14-18, 2013 See openstack.org/election • Grizzly Release Scheduled for April 4 with 195 total blueprints First milestone released November 23 with 40 blueprints • OpenStack Summit Details coming soon for April 2013 Summit First International Summit planned for October 2013 2012/12/23 www.trystack.cn 26
  • 24. TRYSTACK.CN OpenStack Community companies 2012/12/23 www.trystack.cn 27 Nov 2012, From http://www.openstack.org/foundation/companies/
  • 25. TRYSTACK.CN Some OpenStack Public Use Cases • Internap – http://www.internap.com/press-release/internap-announces-world%E2%80%99s-first-commercially-available- openstack-cloud-compute-service/ • Rackspace Cloud Servers, Powered by OpenStack – http://www.rackspace.com/blog/rackspace-cloud-servers-powered-by-openstack-beta/ • Deutsche Telekom – http://www.telekom.com/media/media-kits/104982 • AT&T – http://arstechnica.com/business/news/2012/01/att-joins-openstack-as-it-launches-cloud-for-developers.ars • MercadoLibre – http://openstack.org/user-stories/mercadolibre-inc/mercadolibre-s-bid-for-cloud-automation/ • NeCTAR – http://nectar.org.au/ • San Diego Supercomputing Center – http://openstack.org/user-stories/sdsc/ • HPCloud – https://www.hpcloud.com/ 2012/12/23 www.trystack.cn 28
  • 26. TRYSTACK.CN Where can find OpenStack ? • http://trystack.org/ – Register to try out a test public OpenStack cloud • http://devstack.org/ – Script to setup simple/developer installs – Currently Ubuntu centric – fedoraproject.org/wiki/OpenStack_devstack 2012/12/23 www.trystack.cn 29