VMware Integrated OpenStack 3.0 Technical Overview

Hassan HamadeJulienne Pham

2

Why OpenStack on VMware?

…industry leading data center technologies that enterprise IT already

knows how to operate

An open and vendor-neutral ecosystem that gives developers the

APIs and tools they want…

The best enterprise solution for OpenStack

CONFIDENTIAL

…industry leading data center technologies that enterprise IT already

knows how to operate

One of the largest contributors to the OpenStack project. Contribute

Differentiate

Enable

The most powerful OpenStack cloud available, with fastest time-to-value and lowest total cost-of-ownership.

Easy path to deploy + operationalize OpenStack + VMware.

“Congress” Policy

201420132010 2011 2012

Strong, Comprehensive OpenStack Engagement

3

OpenStack Project Created by Rackspace &

NASA

Open vSwitch Project Created

by Nicira

OpenStack Networking

“Neutron” project started, led by

Nicira.

VMware acquires Nicira,

Joins OpenStack Foundation as Gold

member.

VMware Integrated

OpenStack (VIO) Beta

Announced.

NSX+Neutron

vSphere+Nova

vSphere+Cinder

vSphere+Glance

vSphere+Ceilometer

OpenStack Distros Partners announce

plans to support vSphere & NSX.

EcosystemPartnerships

Upstream Contributions

VIO – vSphere and NSX Interaction – High Level

Nova Compute Nova Services

NSX Manager

Neutron Plugin

Neutron Server Heat

Glance RabbitMQ

vCenter

ESXi-2

vSphere Plugin

NSX

VIO

ESXi-1

NSX

KeystoneCinder

VMDK Driver

VMDK Driver

Management ClusterEdge Cluster

VM

VM

VM

VM

VM

VM

VM

VM

Compute 1 Compute N

vCenter Server

NSX ManagerController Cluster VIO

InfrastructureVXLAN Transport Zone Spanning Compute and Edge Clusters

Management, Compute and Edge VDS

vSphere Host

vSphere Host

Compute Cluster 1

vSphere Host

Compute Cluster N

vSphere Host

vSphere Host

vSphere Host

vSphere Design Requirements for VIO – VDS and Transport ZoneVIO VMVIO

VM

VIO VMVIO

VMESGDLR CVM

NSX Edges

vSphere Host

vSphere Host

Compute VDS Management and Edge VDS

VDS Option 1

VDS Option 2

Single Transport

Zone

NSX Plugin vDS PluginProvider Networks leveraging VLANs API/Management Plane High Availability DC-Wide Control Plane Scale High Limited

Layer 3/NAT High Availability & Scale -

Full Neutron feature-set• Private Logical Network Identifier Independent of VLANs• Highly Available DHCP Service• Security Groups • Metadata Service Integration & Support• L3/NAT & Floating IP Support

-

Enterprise Features• Micro-segmentation with line-rate Stateful distributed firewall• Provider-side security via Service Insertion• In-kernel distributed routing• Many more….

-

vCenter Operations & Log Insight Content Packs -

VMware VIO Networking Options

NSX Neutron Plugin – Supported Topologies

Use Case NotesVLAN Backed Micro-segmentation only No overlays. Security Groups

leverage Distributed Firewall policies.

VLAN Backed L3 Leverage VLANs for L2, NSX Edge for L3

No overlays. L3 provided by NSX Edge. No Distributed Routing support. Static Routes only.

L2/L3 Overlay, no NAT Enterprise Customers that don’t need overlapping IP addresses

Can use DLR and/or NSX Edge. No overlapping IPs allowed. Static Routes only. Very efficient. Enterprise preferred model.

L2/L3 overlay, NAT Enterprise customers that need overlapping IPs

Can use DLR and/or NSX Edge. Static Routes only. Very efficient. Cloud Provider/Service Provider preferred model.

What’s New in VMware Integrated OpenStack 3.0

8CONFIDENTIAL

• VIO 3.0 distribution is now based on the latest OpenStack release - Mitaka

• VIO management control plane has been optimized and architected to run in a compact architecture

• Existing vSphere VMs can be imported and managed via VIO OpenStack APIs

Mitaka-Based CompactControl Plane

Import Existing Workloads

Leverage the latest features and

enhancement of the Mitaka Release

Reduce infrastructure and

costs required to run an OpenStack Cloud

Quickly start consuming existing

VMs through OpenStack

CONFIDENTIAL 9

VIO 3.0: Mitaka OpenStack Release• Latest OpenStack Release

• Tons of improvements– Improved day-to-day experience for cloud admins and administrators. – Simplified configuration for Nova compute service.– Streamlined Keystone identity service is now a one-step process for setting up the identity management

features of a cloud network. – Keystone now supports multi-backend allowing local authentication and AD accounts simultaneously.– Heat’s convergence engine optimized to handle larger loads and more complex actions for horizontal

scaling for improved performance for stateless mode.– Enhanced OpenStack Client provides a consistent set of calls for creating resources no longer requiring

the need to learn the intricacies of each service API. – Support for software development kits (SDKs) in various languages.– New “give me a network,” feature capable of creating a network, attaching a server to it, assigning an IP

to that server, and making the network accessible, in a single action

Hardware Resource Requirement

Component VMs vCPU vRAM(GB) vDisk Space

Controller 1 8 16 80

Compute 1 2 4 20

Total 2 10 20 100+20

Day 1

Component VMs vCPU vRAM(GB) vDisk Space

Ceilometer 1 2 4 20

Database (MongoDB) 3 6 12 60

Total 4 8 16 80+16

Day 2

CONFIDENTIAL 11

VIO 3.0: Slimmer Full HA Architecture• Reduced footprint on management cluster

• Full HA: No service downtime

• Database replication: No data loss

• 6000+ VMs

• 200+ Hypervisors

Controller 1

VIO Control Plane

Database 1 Database 2 Database 2

Controller 2

LB 1 LB 2

Management Server

12

External Admin/Users

API Access Network

OpenStackController

Public IP

Internal IP

Memcache

DBRabbitMQ1

Compute 1Compute 2

VIO manager

VIO Template

Management Network

VIO VM OpenStack VM Active Node

Compute (1..N)

Architecture

CONFIDENTIAL 13

VIO 3.0: Compact Mode• Ideal for multiple small deployments

• Attractive in relaxed SLA scenarios

• Database backed up in real time: No data loss

Database(Real time Backup)

LB

Controller

Database

Man

agem

ent

Ser

ver

VIO Control Plane

Binary Log

Replication

CONFIDENTIAL 14

Demo

CONFIDENTIAL 15

VIO 3.0: Import vSphere Workloads

• Quickly import vSphere VMs into VIO

• Start managing vSphere VMs through standard OpenStack APIs

vCenter

VMware Integrated OpenStack

NovaInstance

NovaInstance

NovaInstance

NovaInstance

CONFIDENTIAL 16

Demo• DCLI Command

Troubleshooting – vRealize Log Insight• NSX Content Pack for Log Insight – available now.

• OpenStack Content Pack for Log Insight (planned).

Troubleshooting – vRealize Operations Manager• NSX Management Pack for vROPS – available now.

• OpenStack Management Pack for vROPS – available now.

CONFIDENTIAL 19

Troubleshooting with VRNI• Demo

Thank You