OpenStack is an open source cloud computing management platform project, which is composed of several main components to accomplish specific tasks. OpenStack supports almost all types of cloud environments, and the goal of the project is to provide a cloud computing management platform with simple implementation, large-scale expansion, richness and unified standards. OpenStack provides Infrastructure as a Service (IaaS) solutions through various supplementary services, and each service provides an API for integration.
OpenStack is an open source project, which aims to provide software for the construction and management of public and private clouds. Its community has more than 130 enterprises and 1350 developers, and these institutions and individuals all regard OpenStack as the common front end of Infrastructure as a Service (IaaS) resources. The primary task of OpenStack project is to simplify the deployment process of cloud and bring it good scalability. This article hopes to help you set up and manage your own public or private cloud by providing necessary guidance information.
OpenStack cloud computing platform helps service providers and enterprises realize cloud infrastructure services (IaaS) similar to Amazon EC2 and S3. OpenStack consists of two main modules: Nova and Swift. The former is a virtual server deployment and business computing module developed by NASA. The latter is a distributed cloud storage module developed by Rackspace, which can be used together or separately. In addition to Rackspace and NASA's strong support, OpenStack has also received contributions and support from heavyweight companies such as Dell, Citrix, Cisco and Canonical. , which is developing very fast, has the trend of replacing another industry-leading open source cloud platform Eucalyptus.
Basic introduction Chinese name: OpenStack cloud computing management platform mbth: OpenStack Developer: NASA, Rackspace programming language: Python follows the standards: openness, AMQP, SQLAlchemy application scope, vendor support, technical data, projects, core projects, community projects, market trends, large users, detailed content, building private cloud, service center, overview, system composition, service content, service experience, service value, member enterprises and application scope. OpenStack is IaaS (Infrastructure as a Service). In addition, OpenStack is also used to build a "private cloud" in the firewall to provide resources for all departments in an organization or enterprise. Manufacturers support NASA's nebula computing platform. Nasa nebula computing platform. At present, large hardware manufacturers that support OpenStack project include IBM, AMD, Intel, Dell and so on. In June 20 10, Microsoft expressed its support for the integration of OpenStack and Windows Server 2008 R2. On February 20 1 1, Cisco system officially joined the OpenStack project, focusing on the development of OpenStack network services. Ubuntu's future cloud networking solution in stacking. 20 12 April, IBM announced its participation in the OpenStack project as the main sponsor. 20 12 10, Viacloud internet cloud platform joined OpenStack project to develop OpenStack public cloud platform and private cloud platform. At the IBM Pulse conference held in 20 13, IBM announced that it would provide private cloud services and related applications based on OpenStack. Technical data are written in Python programming language, integrated with Tornado web server, and the nebula computing platform uses Twisted software framework, following the standards supported by virtual machine software such as open virtualization format, AMQP, SQLAlchemy, including KVM, Xen, VirtualBox, QEMU, LXC, etc. OpenStack, the core project of the project, covers network, virtualization, operating system, server and other aspects. It is a cloud computing platform project under development, which is divided into core projects, incubation projects, supporting projects and related projects according to maturity and importance. Each project has its own committee and technical director, and each project is not static. Incubation projects can be transformed into core projects according to the maturity and importance of development. Up to the version of Icehouse, 10 core projects (namely OpenStack service) are listed below. Calculation): Nova. A group of controllers is used to manage the whole life cycle of a single user or a virtual machine instance that uses a group, and provide virtual services according to the needs of users. Responsible for virtual machine creation, startup, shutdown, suspension, pause, adjustment, migration, restart, destruction and other operations, configuration of CPU, memory and other information specifications. Integrate into the project from Austin version. Object storage): Swift. A system that stores objects in a large-scale scalable system through built-in redundancy and high fault tolerance mechanisms, allowing files to be stored or retrieved. You can provide mirror storage for Glance and volume backup service for Cinder. The image service integrated into the project in Austin version: Glance. A virtual machine image search and retrieval system supports multiple virtual machine image formats (AKI, AMI, ARI, ISO, QCOW2, Raw, VDI, VHD, VMDK), and has the functions of creating and uploading images, deleting images and editing basic information of images. Integrate into the project from the Bexar version. Identity service): Keystone. Provide authentication, service rules and service tokens for other OpenStack services, and manage domains, projects, users, groups and roles. Integrated into the project from Essex version. Network and Address Management (NEORK): Neutron. Provide network virtualization technology for cloud computing and network connection service for other OpenStack services. Provide users with interfaces, define Neork, Sub and router, configure DHCP, DNS, load balancing and L3 services, and the network supports GRE and VLAN. Plug-in architecture supports many mainstream network vendors and technologies, such as OpenvSwitch. Integrate into the project from the Folsom version. Block storage): cinder. It provides stable block storage services for running instances, and its plug-in driver architecture is conducive to the creation and management of block devices, such as creating and deleting volumes, mounting and dismounting volumes on instances. Integrate into the project from the Folsom version. UI dashboard): horizon. The Web management portal of various services in OpenStack is used to simplify users' operations on services, such as starting instances, assigning IP addresses, and configuring access control. Integrated into the project from Essex version. Measurement): cloud altimeter. It is like a funnel, which can collect almost all events that happen inside OpenStack, and then provide data support for services such as billing and monitoring. Into the Havana version of the project. Deployment arrangement): heat. This paper provides a template-defined collaborative deployment mode to realize the automatic deployment of cloud infrastructure software operating environment (computing, storage and network resources). Into the Havana version of the project. Database service): Trove. Provide users with extensible and reliable relational and non-relational database engine services in OpenStack environment. Integrate into the project from the icehouse version. Community project (14) load balancing: Atlas-LB(Rackspace) message queue: Burrow(Piston) cloud management tool: Clanavi(Drupal) automatic deployment: Crowbar(Dell) service deployment: Juju(Ubuntu) relational database: RedDwarf(Rackspace). Market trend Rackspace's private cloud business based on OpenStack has an annual revenue of 700 million US dollars, with a growth rate of over 20%. Although some aspects of OpenStack are still immature, it has the support of a large number of organizations around the world and the participation of a large number of developers, and it has developed rapidly. There are many public clouds, private clouds and hybrid clouds built by OpenStack in the world, such as RackspaceCloud, HP Cloud, MercadoLibre IT Infrastructure Cloud, AT & amp; T's CloudArchitec, Dell's OpenStack solution and so on. In China, the popularity of OpenStack is gradually heating up. Huasheng Tiancheng, JD.COM, Gaode Map, Alibaba, Baidu, ZTE and Huawei. Have developed a strong interest in OpenStack and participated in it. Since 20 10 was founded, it has released 10 versions. Among them, the version of Icehouse has 120 organizations and 1202 code contributors, and the latest version is Juno. OpenStack is likely to occupy a leading position in the future infrastructure as a service (IaaS) resource management and become a big user of the "cloud operating system" standard for public cloud, private cloud and hybrid cloud management. The DAIR (Digital Aerator for Innovation and Research) project of CANARIE Network, a semi-official organization of the National Aeronautics and Space Administration of Canada, provides a research and development environment for universities and small and medium-sized enterprises. DAIR users can quickly establish network topology as needed. HP Cloud (using Ubuntu Linux) MercadoLibre's IT infrastructure cloud currently uses OpenStack to manage more than 6,000 virtual machines. At&T Company. T's "Cloud Architect" will provide cloud services in Dallas, San Diego and New Jersey. Creating a virtual machine requires the interaction and collaboration of various services. The following figure shows the typical environment architecture of OpenStack, and the interaction and functions between various services. OpenStack OpenStack's typical environment architecture is open because of openness, flexible because of components, and inclusive and broad. There are computing, network, object storage, block storage, identity, mirror service, portal, measurement, deployment arrangement, database service and other components. Some components can be installed as required, and the networking structure is flexible and diverse. It has achieved access support for many mainstream virtual machine software: KVM, LXC, QEMU, Hyper-V, VMware, XenServer, and can also develop plug-ins to access other virtualization software. OpenStack Compute (Nova) is a set of controllers used to start virtual machine instances for a single user or usage group. It can also be used to set up a network for a specific project with multiple instances. OpenStack Compute is comparable to Amazon EC2 in public cloud processing and not inferior to VMware products in private cloud. In the public cloud, this management mechanism will provide a prefabricated image or storage mechanism for the image created by users, so that users can start the image in the form of virtual machines. OpenStack object storage (Swift) is a set of systems used to realize object storage in large-scale scalable systems through built-in redundancy and fault tolerance mechanisms. These objects can be recovered through REST API or a client that can store the object API like Cyberduck. OpenStack Mirror Service (Glance) is a virtual machine mirror search and retrieval system. It can be configured in three forms: using OpenStack object storage mechanism to store images; Use Amazon's simple storage solution (S3 for short) to store information directly; Or combine S3 storage with object storage as a connector for S3 access. OpenStack image service supports various virtual machine image formats, including VMware(VMDK), Amazon image (AKI, ARI, AMI) and various disk formats supported by VirtualBox. The container formats of mirror metadata include AKI, ARI and AMI information of Amazon, standard OVF format and binary big data. The development cycle of OpenStack is to release two new versions every year, and when each new version of software is released, developers and project technical leaders are already planning the details of the next version. These developers come from more than 70 organizations around the world, with more than 1600 people. They use advanced tools and development methods to review the code, constantly integrate, test and develop the architecture, so that the version can grow rapidly while ensuring stability. The first step in building a private cloud is to set up the correct hardware and network environment. Although OpenStack allows everything to be deployed on a single plane network, it is not safe from a security point of view. Depending on the hypervisor and virtual network interface you use, it will allow guests to sniff management traffic. It is recommended to use at least two networks: one for traffic management and one for conversations between virtual machines. This means that in all cloud computing nodes, you need two network cards (one running instance) and a network administrator. These should run in different IP ranges. The network of compute nodes and instances also needs to support VLAN tagging, because it is a mechanism for isolating traffic between "projects". A project is equivalent to your Amazon EC2 account, but you can't create and distribute it at will. Each project has its own administrators and users, and all instances in a given project can communicate with each other. Assign each project its own VLAN address pool and internal and external IP address pools. Once the hardware and network are set up, the next step is to determine where to deploy all OpenStack components. A standard deployment should have a controller and a series of compute nodes. The controller runs the message server, database and other components to arrange the cloud, and the computing nodes run instances. But you can also decompose the controller into geographical parts to improve performance, such as putting MySQL in different physical boxes. For safety, the most important thing is to ensure that each part is installed on a safe host. You just need to connect it to the network and let the cloud run. Only two parts need to be exposed to the outside world (even if it is only your company network): API server /Web console (if it is open) and network administrator. These servers need to be very hard, and you can even use a third-party network interface to isolate the traffic generated by the back-end management user connection. If you follow the default installation instructions, these components may not be as safe as they should be. Here are some specific changes: * The MySQL server uses the specified user account instead of the root MySQL administrative account. This account and password will be made public on every cloud node, even if certificate-based authentication is used, so all nodes need to access this database server. * In MySQL configuration file, access to the server is restricted, and OpenStack user account is the only authorized IP address. * Remove any unnecessary operating system components and ensure that the server you set only supports key-based login via SSH. * By default, MySQL and RabbitMQ (Message Server) traffic are not encrypted. If you isolate the management network from reliable hosts, this should not be a bad risk. If your cloud network is easily sniffed (for example, it shares the network with other servers), you need to encrypt the traffic. You can use OpenSSL for MySQL and RabbitMQ processing. (I haven't tested it myself, so the configuration may be a bit difficult. ) Next, remember that SSL is not applicable by default if the Web management console is supported. Service Center Overview China OpenStack Service Center 2065438+On June 8, 2003, the "China Cloud Computing Industry Promotion Conference and China OpenStack Service Center Launching Conference" was held in Nanjing. At the meeting, Huasheng Tiancheng officially announced the launch of the first OpenStack service center in China. OpenStack is an open source project involving global developers, aiming at realizing a "cloud operating system", that is, a platform capable of deploying and managing public, private and hybrid cloud infrastructures. 1. Establish and operate the first and possibly the only Openstack support center in China. 2. Provide rich online and on-site professional support services and consulting services for Openstack researchers, developers and users, and eliminate customers' worries about using open source software. 3. Improve the quantity and quality of domestic cloud computing practitioners and popularize the spirit and technology of open source software. 4. Break the monopoly of cloud computing construction, greatly reduce the construction and operation costs of cloud computing platforms, and promote and guarantee the vigorous development of domestic cloud computing platforms. The system consists of 800 telephone support center (100 seats), Web online support platform (100 seats), service electronic sales platform knowledge base, CRM system professional consulting team (10 people), professional on-site technical support team (50 people) and professional customized development team (100 people) Provide complete online and on-site services for L 1, L2 and L3 laboratories, 24*7 telephone consultation/support services, Web online consultation/support service version release and upgrade services, and on-site installation and testing services. Upgrade/adjust service customization, develop service training service knowledge base * * * Enjoy service operation and maintenance service, electronic transaction service experience 1. Customers can get help in the support center 24 hours a day by phone or online, including cloud technology consultation, data request and service package purchase. 2. Charged service packages are divided into grades (for example, basic service package (5*8 telephone support service), standard service package (7*24 telephone support service+on-site service) and advanced service package (7*24*6 platform maintenance guarantee). Professional service options (examples) System integration service, dedicated service, system tuning service, system migration service, detection service, operation and maintenance management service, emergency response service and training service, with the service value of 1, provide users and potential users of open source cloud computing with access to knowledge, guidance and technical support, and solve the embarrassing situation that technical backing cannot be found when applying open source cloud technology. It provides a high-level technical team to provide users with installation, configuration, development, optimization and operation and maintenance services, so that the cloud computing platform can be correctly deployed and used, and truly generate benefits. 2. For the Openstack industrial chain, it will promote Openstack to take root and blossom in China. Solved the embarrassment of seeing flowers in the fog of Openstack. 3. For the support center itself, get a lot of customer information and project opportunities, and get high-profit service business. A large number of technical resources in the aggregation industry form a technical resource pool, which makes the industrial chain grow together through the aggregation effect. 4. Greatly promote the pace of social-oriented cloud construction, reduce IT operating costs, improve business agility, save energy and reduce emissions, and promote industrial upgrading. Member enterprise Huasheng Tiancheng Intel Canonical Rackspace China Open Source Cloud Alliance