The CERN OpenStack Cloud

Similar documents
The CERN OpenStack Cloud

The CERN OpenStack Cloud

Five years of OpenStack at CERN

Upcoming Services in OpenStack Rohit Agarwalla, Technical DEVNET-1102

"Charting the Course... H8Q14S HPE Helion OpenStack. Course Summary

DEEP DIVE: OPENSTACK COMPUTE

OpenStack Mitaka Release Overview

IN2P3-CC cloud computing (IAAS) status FJPPL Feb 9-11th 2016

Batch Services at CERN: Status and Future Evolution

Overview. About CERN 2 / 11

Jumpstart your Production OpenStack Deployment with

Introduction To OpenStack. Haim Ateya Group Manager, EMC

Minimal OpenStack Starting Your OpenStack Journey

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Red Hat OpenStack Platform 10 Product Guide

OpenStack Architecture and Pattern Deployment with Heat. OpenStack Architecture and Pattern Deployment using Heat Ruediger Schulze

Visita delegazione ditte italiane

Build Cloud like Rackspace with OpenStack Ansible

Part2: Let s pick one cloud IaaS middleware: OpenStack. Sergio Maffioletti

Accelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation

Huawei FusionSphere 6.0 Technical White Paper on OpenStack Integrating FusionCompute HUAWEI TECHNOLOGIES CO., LTD. Issue 01.

SUSE OpenStack Cloud Production Deployment Architecture. Guide. Solution Guide Cloud Computing.

Contrail Cloud Platform Architecture

Clouds in High Energy Physics

On-demand provisioning of HEP compute resources on cloud sites and shared HPC centers

Contrail Cloud Platform Architecture

File system, 199 file trove-guestagent.conf, 40 flavor-create command, 108 flavor-related APIs list, 280 show details, 281 Flavors, 107

Conference The Data Challenges of the LHC. Reda Tafirout, TRIUMF

CONSIDERATIONS FOR YOUR NEXT CLOUD PROJECT CLOUDFORMS & OPENSTACK DO S AND DON TS

Deterministic Storage Performance

An Introduction to Red Hat Enterprise Linux OpenStack Platform. Rhys Oxenham Field Product Manager, Red Hat

OpenStack Magnum Pike and the CERN cloud. Spyros

Introduction to OpenStack

Introduction to OpenStack

OpenStack Magnum Hands-on. By Saulius Alisauskas and Bryan Havenstein

Preparing for High-Luminosity LHC. Bob Jones CERN Bob.Jones <at> cern.ch

Infrastructure-as-Code and CI Infrastructure at Open Stack A look at one of the largest CI systems and system administration

Building a Video Optimized Private Cloud Platform on Cisco Infrastructure Rohit Agarwalla, Technical

OSDC.de 2013 Introduction to OpenStack. Justin Clift Open Source & Standards RH 17 April 2013

White Paper The Storage System Best Suited for OpenStack FUJITSU Storage ETERNUS DX S4/S3 series and ETERNUS AF series

Securing Microservice Interactions in Openstack and Kubernetes

Storage and I/O requirements of the LHC experiments

Virtualizing a Batch. University Grid Center

BCS EXIN Foundation Certificate in OpenStack Software Syllabus

CERN s Business Computing

5 Things You Need for a True VMware Private Cloud

CERN openlab II. CERN openlab and. Sverre Jarp CERN openlab CTO 16 September 2008

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

NephOS. A Single Turn-key Solution for Public, Private, and Hybrid Clouds

OpenStack Manila An Overview of Manila Liberty & Mitaka

Deterministic Storage Performance

High Availability for Enterprise Clouds: Oracle Solaris Cluster and OpenStack

STATUS OF PLANS TO USE CONTAINERS IN THE WORLDWIDE LHC COMPUTING GRID

OPENSTACK Building Block for Cloud. Ng Hwee Ming Principal Technologist (Telco) APAC Office of Technology

Adding Speed and Agility to Virtualized Infrastructure with OpenStack

HPE Digital Learner OpenStack Content Pack

The LHC Computing Grid

HPE Helion OpenStack Carrier Grade 1.1 Release Notes HPE Helion

Red Hat Enterprise Linux OpenStack Platform User Group.

Helion OpenStack Carrier Grade 4.0 RELEASE NOTES

Tackling tomorrow s computing challenges today at CERN. Maria Girone CERN openlab CTO

Road to Private Cloud mit OpenStack Projekterfahrungen

RED HAT CEPH STORAGE ROADMAP. Cesar Pinto Account Manager, Red Hat Norway

Intel, OpenStack, & Trust in the Open Cloud. Intel Introduction

VMware + OpenStack. Dan Wendlandt Director of Product Management VMware VMware Inc. All rights reserved.

HPE HELION CLOUDSYSTEM 9.0. Copyright 2015 Hewlett Packard Enterprise Development LP

Migration Strategies from vsphere to Linux and OpenStack via a shared virtualized network

Scientific data processing at global scale The LHC Computing Grid. fabio hernandez

DEPLOYING NFV: BEST PRACTICES

Virtualization of the ATLAS Tier-2/3 environment on the HPC cluster NEMO

Build your own Cloud on Christof Westhues

HP Helion OpenStack Carrier Grade 1.1: Release Notes

BRKDCT-1253: Introduction to OpenStack Daneyon Hansen, Software Engineer

Contrail Release Release Notes

ISTITUTO NAZIONALE DI FISICA NUCLEARE

Highly Available OpenStack Deployments with NetApp & Red Hat's OpenStack platform June 26, 2015

ATLAS Experiment and GCE

Cloud Essentials for Architects using OpenStack

Spawning Virtual HPCs Using OpenStack

Enterprise Ceph: Everyway, your way! Amit Dell Kyle Red Hat Red Hat Summit June 2016

Storage for HPC, HPDA and Machine Learning (ML)

The creation of a Tier-1 Data Center for the ALICE experiment in the UNAM. Lukas Nellen ICN-UNAM

OpenStack in 10 minutes with DevStack

Grid Computing a new tool for science

Integrated Management of OpenPOWER Converged Infrastructures. Revolutionizing the Datacenter

CC-IN2P3: A High Performance Data Center for Research

OpenStack Ceilometer. Tong Li (IBM) Brad Topol (IBM)

CSCS CERN videoconference CFD applications

Clouds at other sites T2-type computing

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

Oracle for administrative, technical and Tier-0 mass storage services

OpenStack Cloud Storage. PRESENTATION TITLE GOES HERE Sam Fineberg HP Storage

Case Study on Enterprise Private Cloud

Reimagining OpenStack*

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Roles. Ecosystem Flow of Information between Roles Accountability

Monitoring system for geographically distributed datacenters based on Openstack. Gioacchino Vino

COMMUNITY-GENERATED ROADMAP

Data Transfers Between LHC Grid Sites Dorian Kcira

Transcription:

The CERN OpenStack Cloud Compute Resource Provisioning for the Large Hadron Collider Jan van Eldik for the CERN Cloud Team OpenStack Days Nordic Stockholm September 22, 2016 2

Agenda Introduction to CERN Computing at CERN scale Cloud Service Overview Operations Performance Outlook 3

CERN: home.cern European Organization for Nuclear Research (Conseil Européen pour la Recherche Nucléaire) - Founded in 1954, today 22 member states - World s largest particle physics laboratory - Located at Franco-Swiss border near Geneva - ~2 300 staff members, >12 500 users - Budget: ~1000 MCHF (2016) CERN s mission - Answer fundamental questions of the universe - Advance the technology frontiers - Train the scientists and engineers of tomorrow - Bring nations together 4

The Large Hadron Collider (LHC) Largest machine on earth: 27km circumference 5

LHC: 9 600 Magnets for Beam Control 1232 superconducting dipoles for bending: 14m, 35t, 8.3T, 12kA 6

LHC: Coldest Temperature World s largest cryogenic system: colder than outer space (1.9K/2.7K), 120t of He 7

LHC: Highest Vacuum Vacuum system: 104 km of pipes, 10-10 -10-11 mbar (comparable to the moon) 8

LHC: Detectors Four main experiments to study the fundamental properties of the universe 9

A collision at LHC January 2013 - The LHC Computing Grid - Nils Hoymir 10

The Data Acquisition Ian.Bird@cern.ch 11 January 2013 - The LHC Computing Grid - Nils Hoymir

Tier 0 at CERN: Acquisition, First pass reconstruction, Storage & Distribution 2011: 400-500 MB/sec 2011: 4-6 GB/sec 1.25 GB/sec (ions)

Solution: the Grid Use the Grid to unite computing resources of particle physics institutes around the world The World Wide Web provides seamless access to information that is stored in many millions of different geographical locations The Grid is an infrastructure that provides seamless access to computing power and data storage capacity distributed over the globe

LHC: World-wide Computing Grid TIER-0 (CERN): data recording, reconstruction and distribution nearly 170 sites, 40 countries ~350 000 cores TIER-1: permanent storage, re-processing, analysis 500 PB of storage > 2 million jobs/day TIER-2: simulation, end-user analysis 10-100 Gb links 14

LHC: Data & Compute Growth PB/year Collisions produce ~1 PB/s 10 9 HS06 sec / month What we can afford 15

2012: Enter the cloud Aim: virtualize all the machines Unless really, really, really not possible Offer Cloud endpoints to users Scale horizontally Consolidate server provisioning Yes, use the private cloud for server consolidation usecases as well 16

OpenStack at CERN In production: 4 clouds >200K cores >8,000 hypervisors 90% of CERN s compute resources are now delivered on top of OpenStack 17

Cloud Service Context CERN IT to enable the laboratory to fulfill its mission - Main data center on the Geneva site - Wigner data center, Budapest, 23ms distance - Connected via two dedicated 100Gbs links CERN Cloud Service one of the three major components in IT s AI project - Policy: Servers in CERN IT shall be virtual http://goo.gl/maps/k5sog Based on OpenStack - Production service since July 2013 - Performed 4 rolling upgrades since - Currently in transition from Liberty to Mitaka - Nova, Glance, Keystone, Horizon, Cinder, Ceilometer, Heat, Neutron, Magnum, Barbican 18

CERN Cloud Architecture (1) Deployment spans our two data centers - 1 region (to have 1 API), ~40 cells - Cells map use cases hardware, hypervisor type, location, users, Top cell on physical and virtual nodes in HA - Clustered RabbitMQ with mirrored queues - API servers are VMs in various child cells Child cell controllers are OpenStack VMs - One controller per cell - Tradeoff between complexity and failure impact 19

CERN Cloud Architecture (2) Top cell controller rabbitmq API server nova-cells nova-api DB infrastructure Child cell controller Child cell controller nova-api rabbitmq nova-api rabbitmq nova-scheduler nova-cells nova-scheduler nova-cells nova-conductor nova-conductor nova-network nova-network Compute node Compute node nova-compute nova-compute 20

CERN Cloud in Numbers (1) ~6700 hypervisors in production - Split over 40+ Nova cells - Vast majority qemu/kvm now on CERN CentOS 7 (~150 Hyper-V hosts) - ~2 100 HVs at Wigner in Hungary (batch, compute, services) - 370 HVs on critical power 190k Cores ~430 TB RAM ~20 000 VMs Big increase during 2016! - +57k cores in spring - +40k cores in autumn 21

CERN Cloud in Numbers (2) Rally down Every 10s a VM gets created or deleted in our cloud! 2 700 images/snapshots - Glance on Ceph 2 300 volumes - Cinder on Ceph (& NetApp) in GVA & Wigner Only issue during 2 years in prod: Ceph Issue 6480 22

Software Deployment Deployment based on CentOS and RDO - Upstream, only patched where necessary (e.g. nova/neutron for CERN networks) - Some few customizations - Works well for us Puppet for config management - Introduced with the adoption of AI paradigm We submit upstream whenever possible - openstack, openstack-puppet, RDO, Updates done service-by-service over several months - Running services on dedicated (virtual) servers helps (Exception: ceilometer and nova on compute nodes) Upgrade testing done with packstack and devstack - Depends on service: from simple DB upgrades to full shadow installations 23

dev environment Simulate the full CERN cloud environment on your laptop, even offline Docker containers in a Kubernetes cluster - Clone of central Puppet configuration - Mock-up of - our two Ceph clusters - our secret store - our network DB & DHCP - Central DB & Rabbit instances - One POD per service Change & test in seconds Full upgrade testing 24

Cloud Service Release Evolution July 2013 CERN OpenStack Production Service February 2014 CERN OpenStack Havana Release October 2014 CERN OpenStack Icehouse Release March2015 CERN OpenStack Juno Release September 2015 CERN OpenStack Kilo Release May 2016 CERN OpenStack ongoing Liberty 5 April 2012 27 September 2012 4 April 2013 17 October 2013 17 April 2014 16 October 2014 30 April 2015 15 October 2015 ESSEX FOLSOM GRIZZLY HAVANA ICEHOUSE JUNO KILO LIBERTY Nova (*) Swift Glance (*) Horizon (*) Keystone (*) Nova (*) Swift Glance (*) Horizon (*) Keystone (*) Quantum Cinder Nova Swift Glance Horizon Keystone Quantum Cinder Ceilometer (*) Nova Swift Glance Horizon Keystone Neutron Cinder Ceilometer (*) Heat Nova Swift Glance Horizon Keystone Neutron Cinder Ceilometer Heat Nova Swift Glance Horizon Keystone Neutron Cinder Ceilometer Heat (*) Rally (*) Nova Swift Glance Horizon Keystone Neutron Cinder Ceilometer Heat Rally Nova Swift Glance Horizon Keystone Neutron (*) Cinder Ceilometer Heat Rally Magnum (*) Barbican (*) (*) Pilot 25

Rich Usage Spectrum Batch service - Physics data analysis IT Services - Sometimes built on top of other virtualised services Experiment services - E.g. build machines Engineering services - E.g. micro-electronics/chip design Infrastructure services - E.g. hostel booking, car rental, Personal VMs - Development rich requirement spectrum! 26

Usecases (1) Server consolidation: Service nodes, dev boxes, Personal VMs, Performance less important than durability Live-migration is desirable Persistent block storage is required Linux VM @ KVM, Windows VMs @ HyperV Starting to run Win VMs under KVM Pets usecase : 32K cores, 7500 VMs 27

Usecases (2) Compute workloads Optimize for compute efficiency CPU passthrough, NUMA aware flavours Still, very different workloads IT Batch: LSF and HTCondor, longlived VMs, 8 and 16-core VMs, full-node flavors CMS Tier-0: medium-long, 8-core VMs LHCb Vcycle: short-lived, single core VMs Low-SLA, cattle usecase 150K cores, 12500 VMs @ 6000 compute nodes 28

Wide Hardware Spectrum The ~6700 hypervisors differ in - Processor architectures: AMD vs. Intel (av. features, NUMA, ) - Core-to-RAM ratio (1:2, 1:4, 1:1.5,...) - Core-to-disk ratio (going down with SSDs!) - Disk layout (2 HDDs, 3 HDDs, 2 HDDs + 1 SSD, 2 SSDs, ) - Network (1GbE vs 10 GbE) - Critical vs physics power - Physical location (Geneva vs. Budapest) - Network domain (LCG vs. GPN vs. TN) - CERN CentOS 7, RHEL7, SLC6, Windows - Variety reflected/accessible via instance types, cells, projects variety not necessarily visible to users! - We try to keep things simple and hide some of the complexity - We can react to (most of the) requests with special needs 29

Basic Building Blocks: Instance Types Name vcpus RAM [GB] Ephemeral [GB] m2.small 1 1.875 10 m2.medium 2 3.750 20 m2.large 4 7.5 40 m2.xlarge 8 15 80 m2.2xlarge 16 30 160 m2.3xlarge 32 60 320 ~80 flavors in total (swap, additional/large ephemerals, core-to- RAM, ) 30

Basic Building Blocks: Volume Types Name IOPS b/w [MB/s] feature Location Backend standard 100 80 GVA io1 500 120 fast GVA cp1 100 80 critical GVA cpio1 500 120 critical/fast GVA cp2 n.a. 120 critical/windows GVA wig-cp1 100 80 critical WIG wig-cpio1 500 120 critical/fast WIG m2.* flavor family plus volumes as basic building blocks for services 31

Automate provisioning with Automate routine procedures - Common place for workflows - Clean web interface - Scheduled jobs, cron-style - Traceability and auditing - Fine-grained access control - Disable compute node Disable nova-service Switch Alarms OFF Update Service-Now ticket Procedures for - OpenStack project creation - OpenStack quota changes - Notifications of VM owners - Usage and health reports - Notifications Other tasks Send e-mail to VM owners Save intervention details Send calendar invitation Add remote AT job Post new message broker 32

Operations: Retirement Campaign About 1 600 nodes to retire from the service by 3Q16 - ~1 200 from compute, ~400 with services (hosting ~5000 VMs) We have gained quite some experience with (manual) migration - Live where possible and cold where necessary - Works reliably (where it can) We have developed a tool that you can instruct to drain hypervisor (or simply migrate given VMs) - Main tasks are VM classification and progress monitoring - The nova scheduler will pick the target (nova patch) We are using the IP service bridging to handle CERN network specifics 33

Operations: Network Migration We ll need to replace nova-network - It s going to be deprecated (really really really this time) New potential features (Tenant networks, LBaaS, Floating IPs, ) We have a number of patches to adapt to the CERN network constraints - We patched nova for each release - neutron allows for out-of-tree plugins! 34

Operations: Neutron Status We have ~5 Neutron cells in production - Neutron control plane in Liberty (fully HA) - Bridge agent in Kilo (nova) And it is very stable All new cells will be Neutron cells As mentioned, there is currently no way to cleanly migrate from nova-network to neutron. - All efforts to establish a general migration path failed so far - Should be OK for us, various options (incl. in-place, w/ migration, ) 35

Operations: Containers Magnum: OpenStack project to treat Container Orchestration Engines (COEs) as 1 st class resources Pre-production service available - Support for Docker Swarm, Kubernetes, Mesos Many users interested, usage ramping up - GitLab CI, Jupyter/Swan, FTS, 36

Operations: Federated Clouds Public Cloud such as Rackspace or IBM Many Others on Their Way NecTAR Australia Brookhaven National Labs ALICE Trigger 9K cores CERN Private Cloud 160K cores INFN Italy ATLAS Trigger 28K cores CMS Trigger 13K cores Access to EduGAIN users via Horizon - Allow (limited) access given appropriate membership 37

CPU Performance Issues The benchmarks on full-node VMs was about 20% lower than the one of the underlying host - Smaller VMs much better Investigated various tuning options - KSM*, EPT**, PAE, Pinning, +hardware type dependencies - Discrepancy down to ~10% between virtual and physical Comparison with Hyper-V: no general issue - Loss w/o tuning ~3% (full-node), <1% for small VMs - NUMA-awareness! *KSM on/off: beware of memory reclaim! **EPT on/off: beware of expensive page table walks! 44

CPU: NUMA NUMA-awareness identified as most efficient setting - Full node VMs have ~3% overhead in HS06 EPT-off side-effect - Small number of hosts, but very visible there Use 2MB Huge Pages - Keep the EPT off performance gain with EPT on More details in this talk 45

Operations: NUMA/THP Roll-out Rolled out on ~2 000 batch hypervisors (~6 000 VMs) - HP allocation as boot parameter reboot - VM NUMA awareness as flavor metadata delete/recreate Cell-by-cell (~200 hosts): - Queue-reshuffle to minimize resource impact - Draining & deletion of batch VMs - Hypervisor reconfiguration (Puppet) & reboot - Recreation of batch VMs Whole update took about 8 weeks - Organized between batch and cloud teams - No performance issue observed since 46

Future Plans Investigate Ironic (Bare metal provisioning) - OpenStack as one interface for compute resource provisioning - Allow for complete accounting - Use physical machines for containers Replace Hyper-V by qemu/kvm - Windows expertise is a scarce resource in our team - Reduce complexity in service setup 47

Summary OpenStack at CERN in production since 3 years - We re working closely with the various communities - OpenStack, Ceph, RDO, Puppet, Cloud service continues to grow and mature - While experimental, good experience with Nova cells for scaling - Experience gained helps with general resource provisioning - New features added (containers, identity federation) - Expansion planned (bare metal provisioning) Confronting some major operational challenges - Transparent retirement of service hosts - Replacement of network layer http://openstack-in-production.blogspot.com (read about our recent 2M req/s Magnum & Kubernetes!) 48

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback