OPENSTACK – Building Block for Cloud
Ng Hwee Ming
Principal Technologist (Telco)
APAC Office of Technology
ABOUT RED HAT
#TTO #OpenStack3
PARTICIPATEINTEGRAT
ESTABILIZ
ESTABILIZ
EINTEGRAT
E
FROM COMMUNITY TO PRODUCT
#TTO #OpenStack4
WHAT IS OPENSTACK ?
● An interoperability standard
● A development community
● A very active Open Source project
● Provides all of the building blocks to create an Infrastructure-
as-a-Service cloud
● Governed by the vendor agnostic OpenStack Foundation
#TTO #OpenStack5
Public ReferencesRed Hat has been largely involved with Red Hat OpenStack Platform (OSP)
● in many ETSI NFV PoCs...
● ...and now heavily involved in many OpenStack production deployments
These deployments are for Telecom Operators but also in verticals like Finance, Social
Security, Television/Media/Broadcasting, Gaming, Travels,...
Also distributed through Network Equipment Provider (NEP) partners
INSERT DESIGNATOR, IF NEEDED6
LAURO DE LAURO
Founder and Chief Executive Officer
Dualtec Cloud Builders
PAUL CUTTER
CTO
Paddy Power Betfair
MARCO HOCHSTRASSER
Head of Cloud Platform Development
Swisscom
“Red Hat OpenStack Platform gives us 35% greater
operational efficiency than before. We can now
scale to handle many more clients with the same
staffing levels and quality of support.”
“With Red Hat’s open source solution, we now have
the capability to alter our infrastructure based
purely on code. We can deliver products to market
more quickly than our competitors. It’s a game-
changer.”
“Red Hat OpenStack Platform allows us to be flexible
– in multiple senses. We can scale our clusters
whenever we want, fully automate our
deployments, and we have almost no downtime
when we make changes in production.”
PROVEN FOR PUBLIC CLOUDS, PRIVATE CLOUDS, AND NFV
#TTO #OpenStack7
OPENSTACK POWERS DIGITAL BUSINESS
Brings public cloud capabilities into your datacenter
Provides massive on-demand (scale-out) capacity:
1,000’s 10,000’s 100k’s of VMs
Removes vendor lock-in
Open source provides high-degree of flexibility to customize and interoperate
Community development = higher “feature velocity”
Features & functions you need, faster to market over proprietary software
Greater automation, resource provisioning, and scaling
#TTO #OpenStack
CLOUD INFRASTRUCTURE FOR CLOUD WORKLOADS
Modular architecture Designed to easily scale out Based on set of core services
IaaS+
IaaS
MONITORING ORCHESTRATION
CEILOMETER SAHARA HEAT
DATA
PROCESSING
COMPUTE
NOVA
NETWORKING
NEUTRON IRONICCINDER GLANCE SWIFT
STORAGE
BLOCK STORAGE IMAGE STORAGE OBJECT STORAGE
BARE-METAL
PROVISIONING
HORIZON TRIPLEO
DASHBOARD
SHARED SERVICES
IDENTITY
KEYSTONE
DIRECTOR
DEPLOYMENTand
MANAGEMENT
#TTO #OpenStack9
CO-ENGINEERED WITH RHEL
Windows Windows WindowsLinuxLinux
SUPPORTED GUESTS
OpenStack
RHEL + KVMCeph OVS
Storage Network
SERVERS
Virtualization Security Ecosystem Network Storage
KVM Network Stack
Device Drivers
LINUX KERNEL
Security Enhanced Linux (SELinux)
A typical OpenStack cloud is made up of at least 10 core
services + plugins to interact with 3rd party systems
#TTO #OpenStack1
0
INFORMATION AND COMMUNICATIONS TECHNOLOGIESADDRESSING THE COMPLETE INDUSTRY NEED
PERFORMANCE AVAILABILITY SECURITY MANAGEABILITY LIFECYCLE
Enhanced Platform
Awareness (EPA) SR-
IOV, OVS/DPDK, vCPU,
NUMA pinning, Huge
pages, RT-KVM*...
High Availability
Fault Tolerant Design
Enterprise Hardened Code
Instance Availability
End-to-End
SELinux sVirt
Neutron Security Groups
Block Encryption
SSL/TLS on APIs
Logging
Performance Monitoring
Operational Visibility
Policy and Compliance
OpenStack Lifecycle
Updates/Patches
#TTO #OpenStack11
INFRASTRUCTURE FOR ALL WORKLOADS
Traditional IT Infrastructure
Hosting, Cloud, Managed Services
NFV Control Plane NFV User Plane
CIO Business, IT Operations CTO Business, Network Ops
#TTO #OpenStack
WHY CONTAINERS?
VS
#TTO #OpenStack
Containers: Standards & Security
● Red Hat full support (2nd contributor)
● Standardization through OCI
● Image scanning with Atomic Scan + OpenScap & Container image signing
● SELinux, cgroups & namespaces standards
● Linux Kernel technology
HOST OS
CONTAINER
SYSTEM LIBS
RUNTIME
APP
A format to package application processes including all its dependencies (Docker)
A way to run such processes (Run-C)
SECURITY IS DEFINED WITHIN CONTAINERS
#TTO #OpenStack
Container Host - Lightweight & Container-Optimized
● RHEL Atomic Host - optimized for containers, minimal footprint & streamlined updates.
● Enhanced management with Cockpit for RHEL & RHEL Atomic Host
● SELinux support with OverlayFS (7.3.2)
● Package layering (Tech Preview)
● Containerized install of Kubernetes
● RHEL base image size optimization
15
#TTO #OpenStack
CONTAINERS ON OPENSTACK
Heat provides a path to opinionated deployment on OpenStack.
Neutron provides each OpenShift node a floating IP and handles load balancing (LBaaS V1).
OpenShift flannel networking in “host only” mode – using Neutron for cross-mode transport.
Cinder provides storage for masters, nodes, and registry.
Designate, Octavia, Manilaintegration in future.
#TTO #OpenStack
CloudForms Container Management
Manage containers and OpenShift across a hybrid cloud environment
● Reports, metrics & alerts
● Container chargeback
● Vulnerability Scanning
#TTO #OpenStack
Community Powered Innovation
THANK YOU
plus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHatNews