2. $ whoami
# OpenSource Evangelist and FOSS promoter
since 2004
# Founder of LOAD (Linux On A Desktop) project.
# SysAdmin, DBA and an Ethical Hacker
# And yeah, I love to be on Cloud
3. $ whoareu
# Experience with Cloud ?
# Experience with CloudStack ?
# Which other IaaS platforms do you use ?
# Any expectations ? :)
5. $ Agenda
• Overview of CloudStack
• CloudStack Architecture
• Demo of CloudStack
• Q&A
6. $ What is Cloud Computing?
Cloud
Virtualization
7. Server Virtualization++
Cloud
•
•
•
10x more
scaleable
2-5x lower
cost
100% more
open
Built for traditional
enterprise apps & clientserver compute
Designed around big data,
massive scale & next-gen
apps
• Enterprise arch for 100s of
hosts
• Scale-up (server clusters)
• Apps assume reliability
• IT Mgmt-centric [1:Dozens]
• Proprietary vendor stack
• Cloud architecture for 1000s
of hosts
• Scale-out (multi-site server
farms)
• Apps assume failure
• Autonomic [1:1,000’s]
• Open, value-added stack
Think: vCloud Director
Enterprises should, and
will, make SV 1.0 more
cloud-like…
Think: AWS, RAX, zCloud,
eBay, etc.
…but adoption of new
cloud architecture is the
future
8. $ What is CloudStack?
• Secure, multi-tenant cloud
orchestration platform
Build your cloud the way the
world’s most successful
clouds are built
– Turnkey platform for delivering
IaaS clouds
– Hypervisor agnostic
– Massively scalable, secure and
open
– Open source, open standards
– Deploys on premise or as a
hosted solution
• Deliver cloud services
faster and at a fraction of
the cost
9. $ CloudStack Background
• OpenSource IaaS platform, now under ASL 2.0
license
• A proven cloud platform
– Developed since 2008 by Cloud.com
– Acquired by Citrix in 2011
– Citrix donated to Apache Software Foundation (ASF) in
April 2012
– Version 4.2.0 available for download at
http://cloudstack.apache.org/downloads.html
– Powering some of the world’s largest clouds today.
10. $ Architecture / Language
• Java application
• Tomcat6, Axis2, Maven build + ant
– Ant going away in 4.1
• Moving towards a plugin architecture
11. $ CloudStack Supports Multiple
Cloud Strategies
Private Clouds
Public Clouds
Hosted
Enterprise
Cloud
On-premise
Enterprise
Cloud
•
•
•
•
Dedicated
resources
Security & total
control
Internal network
Managed by
Enterprise or 3rd
party
•
•
•
•
Dedicated
resources
Security
SLA bound
3rd party
owned and
operated
Multi-tenant
Public Cloud
•
•
•
•
Mix of shared
and dedicated
resources
Elastic scaling
Pay as you go
Public
internet, VPN
access
12. CloudStack Provides On-demand
Access to Infrastructure Through a
Self-Service Portal
Org A
Org B
Admin
End User
Admin
Users
Users
Users
Compute
Network
Admin
Citrix Confidential - Do Not Distribute
Storage
13. $ What About OpenStack?
“CloudStack 3.0 is open
source, but it is NOT based
on OpenStack”
15. $ Massively Scalable Infrastructure
Management
• CloudStack can manage tens of thousands of servers
installed in multiple geographically distributed datacenters
• The centralized management server scales linearly,
eliminating the need for intermediate cluster-level
management servers
• No single component failure can cause cloud-wide outage
• Periodic maintenance of the management server can be
performed without affecting the functioning of virtual
machines running in the cloud
16. $ Multiple Hypervisor Support
• A single cloud deployment can contain multiple
hypervisors
• Including Citrix XenServer, Oracle VM, KVM and
vSphere
• Freedom to choose the right hypervisor for
the workload
17. $ Automatic Configuration Management
• CloudStack automatically configures each guest
virtual machine’s networking and storage settings
• CloudStack internally manages a pool of virtual
appliances to support the cloud itself
• These appliances offer services such as
firewalling, routing, DHCP, VPN access, console
proxy, storage access, and storage replication
18. $ Graphical User Interface
• CloudStack offers an administrator's
Web interface, used for provisioning
and managing the cloud
• Also used as an end-user's Web
interface for running VMs and
managing VM templates
• The UI can be customized to reflect
the desired service provider or
enterprise look and feel
19. $ API and Extensibility
• CloudStack provides an API that gives
programmatic access to all the management
features available in the UI
• The API enables the creation of command line
tools and new user interfaces to suit particular
needs
20. $ High Availability
• The CloudStack platform has a number of features to increase
the availability of the system
• The Management Server may be deployed in a multi-node
installation where the servers are load balanced
• The CloudStack Database may be configured to use replication
to provide for a manual failover in the event of database loss
• For the Hosts, the CloudStack platform supports NIC bonding
and the use of separate networks for storage as well as iSCSI
Multipath
22. $ Create Custom Virtual Machines
via Service Offerings
Select Operating
System
• Windows, Linux
Select Compute
Offering
• CPU & RAM
Select Data Disk
Offering
• Volume Size
Select Network Offering
• Network & Services
Create VM
23. $ Dashboard Provides Overview of
Consumed Resources
•
Running, Stopped &
Total VMs
•
Public IPs
•
Private networks
•
Latest Events
Citrix Confidential - Do Not Distribute
24. $ Virtual Machine Management
Users
VM Operations
Start
Stop
Restart
Destroy
Console Access
VM Status
Change
Service Offering
•
CPU Utilized
2 CPUs
4 CPUs
•
Network Read
1 GB
RAM
4 GB
RAM
•
Network Writes
20 GB
200 GB
20
Mbps
100
Mbps
25. $ Volume & Snapshot Management
Add / Delete
Volumes
Create Templates
from Volumes
Schedule
Snapshots
View Snapshot
History
VM 1
Volume
Volume
Template
Hourly
Weekly
Daily
Monthly
Now
….
12/2/2012 7.30 am
2/2/2012 7.30 am
26. $ Network & Network Services
•
Create Networks and attach
VMs
•
Acquire public IP address for
NAT & load balancing
•
Control traffic to VM using
ingress and egress firewall
rules
•
Set up rules to load balance
traffic between VMs
28. $ Open Platform to Suit Customer Needs
Compute
Hypervisor
XenServer
Storage
Oracle VM
KVM
Bare metal
Fiber
Channel
NFS
Swift
Load
balancer
VPN
Block & Object
Local Disk
Network
VMware
iSCSI
Network & Network Services
Network
Type
Isolation
Firewall
29. $ Multi-tenancy & Account Management
•
Domain can have
arbitrary levels of subdomains
•
A Domain can have
one or more accounts
•
Resources
Domain is a unit of
isolation that
represents a customer
org, business unit or a
reseller
•
Cloud
An Account represents
one or more users and
is the basic unit of
isolation
•
Admin can limit
resources at the
Account or Domain
VMs, IPs,
Snapshots…
Domain
Org A
Admin
Domain
Reseller A
Admin
Resources
VMs, IPs,
Snapshots…
Sub-Domain
Org C
Admin
Account
Group A
Account
Group B
User 1
User 2
30. $ Architecture
• A CloudStack installation consists of two parts
• The Management Server
• The cloud infrastructure that it manages
Managem
ent
Server
Hyperviso
r
Machine 1
Machine 2
Simplified view of a basic
deployment
31. $ The Management Server
• Manages the assignment of guest VMs to
particular hosts
• Manages the assignment of public and private IP
addresses to particular accounts
• Manages the allocation of storage to guests as
virtual disks
• Manages snapshots, templates, and ISO
images, possibly replicating them across data
centers
• Provides a single point of configuration for the
32. $ The Management Server
• Provides the web user interface for the
administrator and a reference user interface for
end users
• Provides the APIs for the CloudStack platform
33. $ CloudStack Management Server
Database
• All CloudStack objects are stored in the
CloudStack Database
• CloudStack tracks changes in the database
• CloudStack uses MySQL for the database
• Multiple DB servers & replication is possible
34. $ Cloud Infrastructure - Host
• A host is a single computer
• Hosts provide the computing
resources that run the guest virtual
machines
• Each host has hypervisor software
installed to manage guest VMs
• The host is the smallest
organizational unit within a
CloudStack deployment
35. $ Cloud Infrastructure - Cluster
• A clusters consists of one or more hosts
• Provides a way to group hosts
• With one primary storage server
V
M
• One primary storage server per cluster is typical
• Can use local storage on each host
• The hosts in a cluster:
•
•
•
•
Have identical hardware
Run the same hypervisor
Are on the same subnet
Access the same shared primary storage
• Virtual machine instances can be live-migrated
from one host to another within the same cluster
Primary
Storage
Cluster
36. $ Cloud Infrastructure - Pod
• A pod consist of one or more
clusters
• A pod often represents a single
rack
• Hosts in the same pod are in the
same subnet
Pod
37. $ Cloud Infrastructure - Zone
• A zone consists of one or more pods
• Plus secondary storage
• Shared by all the pods in the zone
• Often corresponds to a single
datacenter, but multiple zones are
permitted
• Organizing infrastructure into zones
provides physical isolation and
redundancy
Secondar
y
Storage
Zone
38. $ Cloud Infrastructure – Primary Storage
• Primary storage is associated with a
cluster
• Stores the disk volumes for all the VMs
running on hosts in a cluster
• Shared storage is normally
recommended
• NFS
• iSCSI
• Fibre Channel
• But, some situations use local storage
• Where high availability isn't needed
• Where greater disk I/O is needed
39. $ Cloud Infrastructure – Secondary
Storage
•Secondary storage is Associated with a zone
• Stores:
• Templates - OS images used to create VMs
• ISO Images - Images that can be bootable or
non-bootable
• Disk volume snapshots (saved copies of VM
data)
• Secondary storage available to all
hosts in the zone
• Secondary storage must be NFS
• Or NFS + Swift
40. $ Cloud Infrastructure Summary
CloudStack
Management
Server
• One or more hosts grouped
into a cluster
Second
ary
Storag
e
• One or more clusters
grouped into a pod
• One or more pods grouped
into a zone
• One or more zones
controlled by one
management server
Pod
Zone
41. $ Cloud Infrastructure – Basic
Networking
• Basic Shared Public
Network
• All zone tenants share a single flat
Intern
public network
et
• Tenant isolation provided by
Security Groups
Physica
• Hypervisor level firewall IP Address filtering
l Router
• Layer 3 Isolation
• Scales much better than VLANs
Public Network
• CloudStack virtual system router
provides
VM
VM
VM
VM
VM
VM
CS
• DHCP
3
2
1
2
3
1
Virtual
• DNS
192.168.1.55
192.168.1.56192.168.1.57 192.168.1.58192.168.1.59 192.168.1.60
Router
Customer 1
Customer 2
42. $ Cloud Infrastructure – Advanced
Networking
• Advanced networking provides:
• Multiple VLANs for isolation
• L2TP-based VPN
• Virtual router is gateway
• Load balancer available
• 1:1 NAT
• Metering data
• One virtual router per account
• Does not scale as well
Intern
et
Physica
l Router
Public Network
CS
Virtual
Router
VLAN 100
VM
1
CS
Virtual
Router
Customer Private
Networks
VM
VM
2
3
Customer 1
VLAN 200
VM
VM
VM
2
3
1
Customer 2
43. $ Cloud Infrastructure – Small-Scale
Network
192.168.10.12
192.168.10.15
Management
Server
Primary
Storage
Public IP
50.43.51.125
Second
ary
Storage
192.168.10.0/24
Internet
Router &
Firewall
Layer-2
Switch
192.168.1
0.21
IP addresses are
192.168.1
0.22
192.168.1
0.23
Computing Nodes
192.168.10
.24
44. $ Cloud Infrastructure – Large-Scale
Redundant Network
Internet
Internet
Layer-3 switches with
firewall modules
Layer-2 switches
Computing Nodes
NFS
Secondary
Storage
Primary
Storage
Primary
Storage
Primary
Storage Servers
Primary
Storage
Primary
Storage
Pod 2
Secondary
Storage Servers
NFS
Secondary
Storage
Pod 1
Managemen
t Server
Cluster
45. $ Cloud Infrastructure – Multi-Site
Deployment
• Single Management Server can
manage multiple zones
• Zones can be geographically
distributed
• Low latency links required
• 5-10K hosts per Management
Server
• Multiple MS nodes can be
deployed as cluster for scale or
redundancy
46. $ Cloud Infrastructure – Multi-Site
Deployment
Primary
Managemen
t Server
Secondar
y
Mgmt
Server
MySQL
Replication
Data Center
2
Availabi
lity
Zone 1
Availability
Zone 4
Data Center
4
Data Center 1
Availability
Zone 2
Availability
Zone 3
Data Center 3
48. $ CloudStack Requirements
• CloudStack requires at a
minimum:
admin
• A server to host the Management Server
Console
• A PC for the management console
• A Hypervisor or Bare Metal machine
• NFS shared storage
• A 1GB or above network
Primary
Storage
Secondar
y Storage
NFS Server
CloudStack
Management
Server
49. $ Management Server (Minimum
Requirements)
• Operating system: RHEL/CentOS 6.2 64-bit only
• 64-bit x86 CPU (more cores results in better
performance)
• 4 GB of memory
• 250 GB of local disk Minimum (500 GB is
recommended)
• At least 1 NIC (Gigabit Network is recommended)
• Statically allocated IP address
• Fully qualified domain name as returned by the
50. $ Storage Requirements
• CloudStack needs two types of storage
• Primary storage is used for storing the guest VM
root disks as well as additional data disk volumes
• Secondary storage is used for templates ISOs &
snapshots
• Primary Storage can be any storage (including
local) that is supported by the hypervisor
• Secondary Storage must be NFS or NFS+Swift
51. $ Hosts (Hypervisors) Requirements
• Hardware should be supported by hypervisor
vendor
• Memory and CPU should planned like any
capacity planning
• Citrix XenServer® 6.0.0 + CSP
• VMware vSphere 4.1™/ VMware vSphere 5 ™
with at least Standard license (with vMotion)
• KVM running on Red Hat Enterprise Linux 6.2
• OVM Server v2.3
52. $ Network Requirements
• 1 GB or 10 GB Network
• IP range for Private Network & Public Network excluded
from local DHCP
• Managed Switches with VLAN Trunking (if using
Advanced Network)
• Static IPs for all major components (CloudStack, Hosts,
NFS server)
• Connectivity between CloudStack, hosts and NFS
• NTP setup on all servers is highly recommended
53. $ Prepare the Operating System
• Configure the hostname
– hostname --fqdn
• Configure the network
– ping cloudstack.org
• Change mode of SELinux to ‘permissive’
54. $ Configure the YUM repo
vi /etc/yum.repos.d/cloudstack.repo
[cloudstack]
name=cloudstack
baseurl=http://cloudstack.apt-get.eu/rhel/4.1/
enabled=1
gpgcheck=0
56. $ Storage Configuration
• Export /primary and /secondary from the
Management server.
• Enable rpcbind & nfs to start at boot.
– chkconfig nfs rpcbind on
• showmount -e