OPENSTACK – Building Block for Cloud

Ng Hwee Ming

Principal Technologist (Telco)

APAC Office of Technology

ABOUT RED HAT

#TTO #OpenStack3

PARTICIPATEINTEGRAT

ESTABILIZ

ESTABILIZ

EINTEGRAT

E

FROM COMMUNITY TO PRODUCT

#TTO #OpenStack4

WHAT IS OPENSTACK ?

● An interoperability standard

● A development community

● A very active Open Source project

● Provides all of the building blocks to create an Infrastructure-

as-a-Service cloud

● Governed by the vendor agnostic OpenStack Foundation

#TTO #OpenStack5

Public ReferencesRed Hat has been largely involved with Red Hat OpenStack Platform (OSP)

● in many ETSI NFV PoCs...

● ...and now heavily involved in many OpenStack production deployments

These deployments are for Telecom Operators but also in verticals like Finance, Social

Security, Television/Media/Broadcasting, Gaming, Travels,...

Also distributed through Network Equipment Provider (NEP) partners

INSERT DESIGNATOR, IF NEEDED6

LAURO DE LAURO

Founder and Chief Executive Officer

Dualtec Cloud Builders

PAUL CUTTER

CTO

Paddy Power Betfair

MARCO HOCHSTRASSER

Head of Cloud Platform Development

Swisscom

“Red Hat OpenStack Platform gives us 35% greater

operational efficiency than before. We can now

scale to handle many more clients with the same

staffing levels and quality of support.”

“With Red Hat’s open source solution, we now have

the capability to alter our infrastructure based

purely on code. We can deliver products to market

more quickly than our competitors. It’s a game-

changer.”

“Red Hat OpenStack Platform allows us to be flexible

– in multiple senses. We can scale our clusters

whenever we want, fully automate our

deployments, and we have almost no downtime

when we make changes in production.”

PROVEN FOR PUBLIC CLOUDS, PRIVATE CLOUDS, AND NFV

#TTO #OpenStack7

OPENSTACK POWERS DIGITAL BUSINESS

Brings public cloud capabilities into your datacenter

Provides massive on-demand (scale-out) capacity:

1,000’s 10,000’s 100k’s of VMs

Removes vendor lock-in

Open source provides high-degree of flexibility to customize and interoperate

Community development = higher “feature velocity”

Features & functions you need, faster to market over proprietary software

Greater automation, resource provisioning, and scaling

#TTO #OpenStack

CLOUD INFRASTRUCTURE FOR CLOUD WORKLOADS

Modular architecture Designed to easily scale out Based on set of core services

IaaS+

IaaS

MONITORING ORCHESTRATION

CEILOMETER SAHARA HEAT

DATA

PROCESSING

COMPUTE

NOVA

NETWORKING

NEUTRON IRONICCINDER GLANCE SWIFT

STORAGE

BLOCK STORAGE IMAGE STORAGE OBJECT STORAGE

BARE-METAL

PROVISIONING

HORIZON TRIPLEO

DASHBOARD

SHARED SERVICES

IDENTITY

KEYSTONE

DIRECTOR

DEPLOYMENTand

MANAGEMENT

#TTO #OpenStack9

CO-ENGINEERED WITH RHEL

Windows Windows WindowsLinuxLinux

SUPPORTED GUESTS

OpenStack

RHEL + KVMCeph OVS

Storage Network

SERVERS

Virtualization Security Ecosystem Network Storage

KVM Network Stack

Device Drivers

LINUX KERNEL

Security Enhanced Linux (SELinux)

A typical OpenStack cloud is made up of at least 10 core

services + plugins to interact with 3rd party systems

#TTO #OpenStack1

0

INFORMATION AND COMMUNICATIONS TECHNOLOGIESADDRESSING THE COMPLETE INDUSTRY NEED

PERFORMANCE AVAILABILITY SECURITY MANAGEABILITY LIFECYCLE

Enhanced Platform

Awareness (EPA) SR-

IOV, OVS/DPDK, vCPU,

NUMA pinning, Huge

pages, RT-KVM*...

High Availability

Fault Tolerant Design

Enterprise Hardened Code

Instance Availability

End-to-End

SELinux sVirt

Neutron Security Groups

Block Encryption

SSL/TLS on APIs

Logging

Performance Monitoring

Operational Visibility

Policy and Compliance

OpenStack Lifecycle

Updates/Patches

#TTO #OpenStack11

INFRASTRUCTURE FOR ALL WORKLOADS

Traditional IT Infrastructure

Hosting, Cloud, Managed Services

NFV Control Plane NFV User Plane

CIO Business, IT Operations CTO Business, Network Ops

#TTO #OpenStack

WHY CONTAINERS?

VS

#TTO #OpenStack

Containers: Standards & Security

● Red Hat full support (2nd contributor)

● Standardization through OCI

● Image scanning with Atomic Scan + OpenScap & Container image signing

● SELinux, cgroups & namespaces standards

● Linux Kernel technology

HOST OS

CONTAINER

SYSTEM LIBS

RUNTIME

APP

A format to package application processes including all its dependencies (Docker)

A way to run such processes (Run-C)

SECURITY IS DEFINED WITHIN CONTAINERS

#TTO #OpenStack

Container Host - Lightweight & Container-Optimized

● RHEL Atomic Host - optimized for containers, minimal footprint & streamlined updates.

● Enhanced management with Cockpit for RHEL & RHEL Atomic Host

● SELinux support with OverlayFS (7.3.2)

● Package layering (Tech Preview)

● Containerized install of Kubernetes

● RHEL base image size optimization

15

#TTO #OpenStack

CONTAINERS ON OPENSTACK

Heat provides a path to opinionated deployment on OpenStack.

Neutron provides each OpenShift node a floating IP and handles load balancing (LBaaS V1).

OpenShift flannel networking in “host only” mode – using Neutron for cross-mode transport.

Cinder provides storage for masters, nodes, and registry.

Designate, Octavia, Manilaintegration in future.

#TTO #OpenStack

CloudForms Container Management

Manage containers and OpenShift across a hybrid cloud environment

● Reports, metrics & alerts

● Container chargeback

● Vulnerability Scanning

#TTO #OpenStack

Community Powered Innovation

THANK YOU

plus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHatNews