10. Components > nova-conductor
nova-api nova-conductor
nova-scheduler nova-computequeue
database
Database Proxy!
Acting as an intermediary between the compute
node and the database node and the database.
11. Components > nova-conductor
Why?
Auditing database operations, revoking access privileges.
That’s Difficult!
They host tenant instances.
Compute nodes are the least trusted of the services in OpenStack.
12. Components > nova-conductor
They strongly recommends
Be isolated to a management network,
Use SSL,
Create unique user accounts per service endpoint.
13. Restrict services to executing with parameters, …
Prevent directly accessing or modifying.
Unfortunately, it complicates fine-grained access control
and audit data access.
Because, it Focus on improving Security, effectively modifying.
Components > nova-conductor
-> Compute nodes are the least trusted
of the services in OpenStack. Because they host tenant instances.
-> Do not deploy it on Compute Nodes.
15. Components > nova-scheduler
nova-api nova-conductor
nova-scheduler nova-computequeue
database
Scheduler!
Takes VM requests from the queue.
Determine on which compute node host it.
16. Components > nova-scheduler
nova-api nova-conductor
nova-scheduler queue
mysql
nova-compute1
nova-compute2
nova-compute3
NEW Instance
Instance B
takes
determines
Create Instance
17. Components > nova-compute
nova-api nova-conductor
nova-scheduler nova-computequeue
database
Worker Daemon!
Creates and terminates VMs through hypervisor APIs,
such as Xen, QEMU, KVM, Vmware, ….
18. It Supports multiple hypervisors.
Because, it Has an abstraction layer, Driver.
Components > nova-compute
nova-compute
Compute Agent
(KVM)
libvirt
KVM
VM VM
nova-compute
Compute Agent
(Hyper-v)
Hyper-v
VM VM
nova-scheduler
nova-compute
Abstraction layer,
Driver
any hypervisor
VM VM