OPENSTACK Building Block for Cloud Ng Hwee Ming Principal Technologist (Telco) APAC Office of Technology
ABOUT RED HAT
FROM COMMUNITY TO PRODUCT STABILIZ E INTEGRAT E PARTICIPATE INTEGRAT E STABILIZ E 3
WHAT IS OPENSTACK? An interoperability standard A development community A very active Open Source project Provides all of the building blocks to create an Infrastructureas-a-Service cloud Governed by the vendor agnostic OpenStack Foundation 4
Public References Red Hat has been largely involved with Red Hat OpenStack Platform (OSP) in many ETSI NFV PoCs......and now heavily involved in many OpenStack production deployments These deployments are for Telecom Operators but also in verticals like Finance, Social Security, Television/Media/Broadcasting, Gaming, Travels,... Also distributed through Network Equipment Provider (NEP) partners 5
PROVEN FOR PUBLIC CLOUDS, PRIVATE CLOUDS, AND NFV Red Hat OpenStack Platform gives us 35% greater operational efficiency than before. We can now scale to handle many more clients with the same staffing levels and quality of support. With Red Hat s open source solution, we now have the capability to alter our infrastructure based purely on code. We can deliver products to market more quickly than our competitors. It s a gamechanger. Red Hat OpenStack Platform allows us to be flexible in multiple senses. We can scale our clusters whenever we want, fully automate our deployments, and we have almost no downtime when we make changes in production. LAURO DE LAURO Founder and Chief Executive Officer Dualtec Cloud Builders PAUL CUTTER CTO Paddy Power Betfair MARCO HOCHSTRASSER Head of Cloud Platform Development Swisscom 6 INSERT DESIGNATOR, IF NEEDED
OPENSTACK POWERS DIGITAL BUSINESS Brings public cloud capabilities into your datacenter Provides massive on-demand (scale-out) capacity: 1,000 s 10,000 s 100k s of VMs Removes vendor lock-in Open source provides high-degree of flexibility to customize and interoperate Community development = higher feature velocity Features & functions you need, faster to market over proprietary software Greater automation, resource provisioning, and scaling 7
CLOUD INFRASTRUCTURE FOR CLOUD WORKLOADS Modular architecture Designed to easily scale out Based on set of core services MONITORING DATA PROCESSING ORCHESTRATION SHARED SERVICES DEPLOYMENT and MANAGEMENT IaaS+ IDENTITY DIRECTOR CEILOMETER SAHARA HEAT KEYSTONE COMPUTE STORAGE BLOCK STORAGE IMAGE STORAGE OBJECT STORAGE NETWORKING BARE-METAL PROVISIONING DASHBOARD IaaS NOVA CINDER GLANCE SWIFT NEUTRON IRONIC HORIZON TRIPLEO
CO-ENGINEERED WITH RHEL A typical OpenStack cloud is made up of at least 10 core services + plugins to interact with 3 rd party systems SUPPORTED GUESTS Virtualization Security Ecosystem Network Storage Windows Linux Windows Linux Windows OpenStack Security Enhanced Linux (SELinux) RHEL + KVM Ceph OVS KVM Network Stack Storage Network Device Drivers SERVERS LINUX KERNEL 9
INFORMATION AND COMMUNICATIONS TECHNOLOGIES ADDRESSING THE COMPLETE INDUSTRY NEED PERFORMANCE AVAILABILITY SECURITY MANAGEABILITY LIFECYCLE Enhanced Platform Awareness (EPA) SR- IOV, OVS/DPDK, vcpu, NUMA pinning, Huge pages, RT-KVM*... High Availability Fault Tolerant Design Enterprise Hardened Code Instance Availability End-to-End SELinux svirt Neutron Security Groups Block Encryption SSL/TLS on APIs Logging Performance Monitoring Operational Visibility Policy and Compliance OpenStack Lifecycle Updates/Patches 1 0
INFRASTRUCTURE FOR ALL WORKLOADS CIO Business, IT Operations CTO Business, Network Ops Traditional IT Infrastructure Hosting, Cloud, Managed Services NFV Control Plane NFV User Plane 11
WHY CONTAINERS? VS
Containers: Standards & Security CONTAINER APP RUNTIME SYSTEM LIBS HOST OS A format to package application processes including all its dependencies (Docker) A way to run such processes (Run-C) Red Hat full support (2nd contributor) Standardization through OCI Image scanning with Atomic Scan + OpenScap & Container image signing SELinux, cgroups & namespaces standards Linux Kernel technology
SECURITY IS DEFINED WITHIN CONTAINERS
Container Host - Lightweight & Container-Optimized RHEL Atomic Host - optimized for containers, minimal footprint & streamlined updates. Enhanced management with Cockpit for RHEL & RHEL Atomic Host SELinux support with OverlayFS (7.3.2) Package layering (Tech Preview) Containerized install of Kubernetes RHEL base image size optimization 15
CONTAINERS ON OPENSTACK Heat provides a path to opinionated deployment on OpenStack. Neutron provides each OpenShift node a floating IP and handles load balancing (LBaaS V1). OpenShift flannel networking in host only mode using Neutron for cross-mode transport. Cinder provides storage for masters, nodes, and registry. Designate, Octavia, Manila integration in future.
CloudForms Container Management Manage containers and OpenShift across a hybrid cloud environment Reports, metrics & alerts Container chargeback Vulnerability Scanning
Community Powered Innovation
THANK YOU plus.google.com/+redhat facebook.com/redhatinc linkedin.com/company/red-hat twitter.com/redhatnews youtube.com/user/redhatvideos