VMworld 2013
Scott Lowe, VMware
Dan Wendlandt, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
HTML Injection Attacks: Impact and Mitigation Strategies
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud Environment
1. Deploying vSphere with OpenStack:
What It Means to Your Cloud Environment
Scott Lowe, VMware
Dan Wendlandt, VMware
VSVC5511
#VSVC5511
2. 22
Agenda
What is OpenStack?
• How does it fit into puzzle? Why are people interested in it?
• What are common misconceptions?
VMware + OpenStack
• Deep-dive demo of OpenStack with vSphere and NSX
• What are VMware’s future plans for OpenStack?
4. 44
Anatomy of a Cloud Management Platform
Hardware Infrastructure
Software Infrastructure
API Layer
CMP Logic
(governance, workflow, placement)
Driver Layer
Web GUI CLI SDK
Applications
Cloud Management Platform
Tools for self-
service +
automation, built
on top of API
Models available
resources.
Handles requests
to create/
destroy/update
and view current
statusVaries greatly by
CMP: determines
whether a request is
allowed, updates
external systems,
decides what part of
underlying
infrastructure will
host the workload
Communicates to
software
infrastructure to
create/destroy
/update the real
resources
backing the
request
Identity
5. 55
Anatomy of OpenStack
Hardware Infrastructure
Software Infrastructure
Web
GUI
Linux
CLIs
Python
SDKs
Applications
Compute & Images API
Compute Logic
(quotas, scheduling)
Compute Drivers
(vSphere, KVM)
Network API
Network Logic
(quotas, scheduling)
Compute Drivers
(NSX, Cisco)
Block Storage API
Block Storage Logic
(quotas, scheduling)
Block Storage Drivers
(vSAN, EMC)
User authentication,
authorization
Nova / Glance Neutron (Quantum) Cinder
KeystoneHorizon
OpenStack CMP
6. 66
$ glance image-list
+---------------------+-------------+
| ID | Name |
+---------------------+--------------+
| a8f0eaa9-bb23-40a6-b70f | Ubuntu-12.04 |
| 7b91c0d1-1619-4769-9cc4 | Windows-7 |
| be102fab-0467-4c8f-b8ff | RHEL-6.3 |
$
Example of Using OpenStack API Abstractions
Dev1
10.0.0.0/24
webserver-1
10.0.0.3
webserver-
210.0.0.4
Glance Image Catalog
$ neutron net-list
+---------------------+-------------+
| ID | Name |
+---------------------+--------------+
| a8f0eaa9-bb23-40a6-b70f | public-net | 18.0.72.0/24
$ neutron net-create dev1
$ neutron subnet-create dev1 10.0.0.0/24
$ neutron net-list
+---------------------+-------------+
| ID | Name |
+---------------------+--------------+
| a8f0eaa9-bb23-40a6-b70f | public-net | 18.0.72.0/24
| b3493f5e-7ffb-4fa2-b996 | dev1 | 10.0.0.0/24
$
Flavors
Small
1-vCPU
2 GB RAM
Medium
2-vCPU
4 GB RAM
Large
4-vCPU
8 GB RAM
$ nova flavor-list
+--- +-----------+----------+--------+
| ID | Name | vcpus | mem |
+----+-----------+----------+--------+
| 0 | small | 1 | 2048 |
| 1 | medium | 2 | 4096 |
| 2 | large | 4 | 8192 |
$ nova boot webserver –flavor 0 –count 2
–image a8f0eaa9-bb23-40a6-b70f
–nic net=b3493f5e-7ffb-4fa2-b996
$ nova list
+---------------------+-------------+-------------------------+
| ID | Name | Networks |
+---------------------+--------------+------------------------+
| 0b738e51-4c6c | webserver-1 | dev1=10.0.0.3
| cda4d7b4-42a6 | webserver-2 | dev2=10.0.0.4
$
$ cinder create 20 –display-name vol-1
$ cinder create 20 –display-name vol-2
$ cinder list
+---------------------+-------- +--------------------+
| ID | name | size | status |
+---------------------+---------+--------------------+
| 0b738e51-4c6c | vol-1 | 20 GB | avail |
| cda4d7b4-42a6 | vol-2 | 20 GB | avail |
$ nova volume-attach 0b738e51-4c6c 0b738e51-4c6c
$ nova volume-attach cda4d7b4-42a6 cda4d7b4-42a6
$ cinder list
+---------------------+-------- +--------------------+
| ID | name | size | status |
+---------------------+---------+--------------------+
| 0b738e51-4c6c | vol-1 | 20 GB | in-use |
| cda4d7b4-42a6 | vol-2 | 20 GB | in-use |
20 GB20 GB
7. 77
What Makes OpenStack Interesting?
Hardware Infrastructure
Software Infrastructure
Horizon CLI SDK
Applications
Keystone
Nova Neutron Cinder
OpenStack CMP
Self-service tools
OK for simple use
cases, lack
richness. Power
users often build
their own.
Basic “run wild
within quota”
governance.
Simple placement,
no workflows to
integration with
external systems.
Meh…. Neat!
API Layer
Scheduling & Quotas
Driver Layer
A vendor
independent
IaaS API
Large set of
vendors
contributing
drivers, etc.
Your developers
can write code
to customize
cloud behavior.
8. 88
But What About…..
Free/open source CMPs are nothing new:
• Eucalyptus, OpenNebula, CloudStack are older, with similar capabilities
It is never free to ensure smooth operation of complex software infrastructure
Comes down to:
• Build up large internal team able to troubleshoot/fix OpenStack issues. But still
need to find a way to support lower layers of software infrastructure (e.g.,
hypervisor, storage)
• Buy support from a vendor (e.g., use of enterprise distros with “free” Linux).
Free!!!
Free!!!
Free!!!
Free!!!
Free!!!
Free!!!
Free!!!
Free!!!
Free!!!
9. 99
Misconception: OpenStack is a Product
No, it is an open source codebase, managed by OpenStack
Foundation
• Manages process around changes to the open source code base
• Provides marketing / promotion of OpenStack, manages trademark.
OpenStack is/will be available in many different forms, including:
“Roll your own”:
Download framework
source code, build
internal team to do
almost everything.
“Distro”:
Packaged framework
code with install/config
mgmt bundled with
OS. Pay for support.
“Core+”:
Commercial product,
uses OpenStack code
and APIs, but often
also include
proprietary addons.
“API Compat”:
Existing product adds
OpenStack API
compatibility.
Tradeoffs
- Flexible / Customizable
- Vendor Agnostic
- Complex + resource
intensive to operate.
- Missing mgmt tools.
- Less Flexible
- Vendor Specific
- Easier to adopt + operate
- Includes mgmt. tools
10. 1010
Misconception: With OpenStack API, lower layers don’t matter.
OpenStack is a framework.
Always talk about "OpenStack on X".
Your underlying infrastructure matters:
• Compute: issues with noisy-neighbors like AWS?
• Network: limited by VLANs?
• Storage: provide SLAs to guarantee IOPS?
• Management: proactively identify & quickly fix issues?
Cloud Architects
& Cloud Admins
What infrastructure technologies meets my needs for
advanced features, price, scale, reliability, monitoring,
performance, SLAs, troubleshooting, etc?
11. 1111
Misconception: OpenStack Releases are like Product Releases
Time-based releases, every 6 months.
Inclusion in OpenStack is primarily based on code review + unit tests. Not
functional testing, much less scale/performance/stress testing.
Time-based release. More like an “early beta”.
• Users or distros do additional testing on what they care about, report/fix bugs,
and decide when it is “good enough’
Significant variations in the amount of testing, ranging from:
• “well worn path” of basic functionality with common drivers/configurations
• “tested once” by vendor who wanted “checkbox” of OpenStack compatibility
Extends to things like documentation, upgrades, etc.
Essex Folsom Grizzly Havana Icehouse
2012.1 2012.2 2013.1 2013.2 2014.1
12. 1212
Misconception: The OpenStack API is a “Standard”
No. Today “OpenStack” is any cloud based on some
variant of the OpenStack software. This provides:
• A vendor neutral API
• Shared knowledge/concepts and similar tools
But is not a “standard” in terms of interoperability
Relying on “similar code” allows for significant variation:
• API extensions lead to fragmentation (e.g., criticism of RAX + HP
by the foundation)
• Running different OpenStack versions or services (nova-network vs. Neutron)
• Running with different configuration options
• Drivers may have subtle differences in implementation
(e.g. L2 broadcast in Neutron)
How to get closer to real interoperability?
• Some in community already pushing conformance testing,
real API specifications
• Expect to see VMware get involved in these efforts moving forward
The “standard kilogram”
13. 1313
Misconception: Choosing between OpenStack and VMware
Reality: OpenStack can run on top of
compute/network/storage/mgmt:
• entirely from VMware ecosystem
• entirely from other sources
• a mix of VMware ecosystem + other sources
OpenStack can co-exist with other
CMPs in the same VMware stack. Ex:
• Use OpenStack to give developers
programmatic self-service access to a slice of
your vSphere capacity
• Use vCenter or vCAC to manage IT
workloads that require significant governance
14. 1414
Misconception: OpenStack is only for Service Providers
Has “roots” in SPs, but some large enterprises act like SPs:
• View their cloud platform itself as a key point of competitive differentiation.
• Have their own large internal development teams building cloud software.
• See OpenStack as a flexible platform they can customize + use.
SP roots & framework complexity can be stumbling blocks for
majority of enterprises:
• focus on “new cloud apps” weak enterprise features (e.g., SLAs).
• Limited admin tools to configure, monitor, troubleshoot etc.
• Standalone design: no integration into existing enterprise workflows
• Very Linux-centric, with lots of different services to install/manage.
Wider enterprise adoption will depends on integration OpenStack
being integrated + sold as part of an enterprise-grade product.
OpenStack on VMware:
Devops + Enterprise IT on a single platform
15. 1515
VMware Philosophy on OpenStack
SOFTWARE-DEFINED
DATACENTER (SDDC)
+
CUSTOMER CHOICE
VMware’s Mission:
• Building best-of-breed technologies for
compute/network/storage/mgmt to enable SDDC.
• Making sure customers have many ways to leverage VMware
technology when designing their cloud architecture.
VMware is Embracing OpenStack as:
• A flexible framework for building a cloud management
platform from best-of-breed components.
• A promising potential API standard for developer-centric IaaS.
16. 1616
Best-of-Breed VMware Technologies and OpenStack
Tenant-Side
Admin/Operator-Side
Benefits of
OpenStack API &
Framework
Choice of best-in-
class virtualization
& management
technologies
Horizon
( Web Portal )
vSphere &
vCenter
CLI Tools & Scripts
(DevOps Automation)
vCAC
Application Director
Nova Neutron Cinder Glance
NSX
Datastores
3rd-party /
vSAN
vCenter
templates
Cloud Operator Tools
(vCenter, vCOPs, Log Insight etc.)
Third Party Operator tools
(Puppet/Chef, scripts, nagios...)
OpenStack or 3rd Party Component
VMware Component
17. 1717
Live Demo of OpenStack on vSphere + NSX
Nova
(compute)
vSphere
driver
Horizon
Cinder
(block storage)
vSphere
datastore
driver
Neutron
(network)
NSX
driver
vCenter
NSX
Controller
vSphere
NSX
vSwitch VMFS
CPU 1 CPU n…
Physical Network
18. 1818
VMware + OpenStack: Current Status
Grizzly 2013.1 Havana 2013.2
Neutron
NVP/NSX already
recognized as leading
driver for production use.
New features available
in OpenStack when
added to NSX…
Nova
Initial vSphere
support, with
vMotion/HA/DRS
Early
customer
“beta”
Validated platform
with reference
designs
Cinder Basic
iSCSI
driver
VMFS datastore driver,
FiberChannel driver
Includes contributions from:
19. 1919
VMware + OpenStack: What’s Next?
Continued OpenStack contributions, focused on:
• Enabling more rich VMware functionality via OpenStack APIs.
• Helping community push toward a true API standard + validation.
Expand OpenStack touch-points for VMware management stack:
• Including vCenter, vCAC, vCOPs, and Log Insight.
Simplified options for leveraging OpenStack + VMware products:
• Ex: Canonical + VMware joint support for OpenStack + vSphere/NSX
Make the vCloud Suite the best and easiest way to run OpenStack
20. 2020
Agenda
What is OpenStack?
• How does it fit into puzzle? Why are people interested in it?
• What are common misconceptions?
VMware + OpenStack
• Deep-dive demo of OpenStack with vSphere and NSX.
• What are VMware’s future plans for OpenStack?
A cloud management
platform, enabling self-
service + automation
A vendor independent
API and driver model
and flexible code base
Highlighted integration of
best of breed VMware
components to enable
enterprise-grade OpenStack
OpenStack API enhancements for
advanced features, plans to great
simplify getting started with
OpenStack + vSphere
21. 2121
A “fling” brought to you by Team OpenStack @ VMware…
Goal: a “dead-simple” way to enable hands-on
learning about OpenStack + vSphere.
• Not a product, not for production workloads…
• Many limitations, absolutely no guarantees…
Download, ask questions, and provide feedback at:
https://communities.vmware.com/community/vmtn/openstack
Keep an eye out for updates!
Introducing “VOVA”
• A single OVF file containing a full OpenStack install.
• Deploy VMs via OpenStack to an existing cluster.
• Just import, answer a few questions, and go!
• OpenStack on vSphere in under 20 minutes.
22. 2222
Thanks!
To learn more about OpenStack + VMware, please:
Attend additional sessions:
• Paypal talk on Grizzly with vSphere (12:30 today, 1:30 Thurs).
• NSX Multi-Hypervisor + OpenStack (repeat session Thurs @ 11am)
Visit our booths: vSphere + OpenStack, NSX multi-hypervisor,
software-defined storage.
https://communities.vmware.com/community/vmtn/openstack
Follow @scott_lowe and @danwendlandt for updates.
Questions?