SlideShare uma empresa Scribd logo

OpenStack Days Krakow

V
Veronika Smidova

OpenStack Days Krakow

Software
1 de 66
Baixar para ler offline
BlackStor World's fastest & most reliable Cloud Native Software Defined Storage Michal Nemec Operations Director
PROZETA © 2017 PROZETA ➡ Cloud Builder & Service Provider ➡ IoT, Industry 4.0 & Security Division ➡ Data Center Hardware Reseller ➡ Group annual turnover 20M EUR (2015) ➡ Active in 20+ countries 2
PROZETA © 2017 Partners & Certifications 33
PROZETA © 2017 Network & Infrastructure 44
We started offering OpenStack ~2013 with following long-term goal: To provide high-performance enterprise-ready OpenStack cloud with tight SLAs. 5
Tier5 Cloud ➡ Full-featured Software Defined Datacenter ➡ Our Turn-key Private Cloud Product ➡ Hosted in our DCs or on-premise ➡ Covers all aspects of provisioning, management & 24/7 support ➡ Based on OpenStack ➡ Fully software-defined ➡ Extensive monitoring dashboards ➡ Standardized APIs
We did a lot of testing and few production installations with Ceph. But then… stuff happened. 7
PROZETA © 2017 ISSUE: recovery of Ceph storage stack became so CPU/memory-hungry that it caused repetitive crashes of OSD daemon… and ended up with broken objects RESULT: very hardly recoverable storage cluster metadata in RADOS, randomly broken objects everywhere, no other usable toolings around... SOLUTION: Can RedHat help? Maybe if we have few weeks/months for recovery… So a lot of scripting and low-level programming became reality… and SLAs. 8
PROZETA © 2017 Next to already known issues at that time... ➡ No compression, no deduplication (at that time) ➡ Ineffective thin provisioning ➡ Extremely CPU hungry ➡ Bad write performance / high latency - SLOOOOOOOOOW… High TCO due to the need for extra hardware, unpredictable performance 9
PROZETA © 2017 What was good about it? ➡ Perfect integration with OpenStack ➡ VERY stable (BUT very difficult to fix potential issues in a timely manner) 10
So what do we really need? 11
PROZETA © 2017 SDS Requirements ➡ High Stability ➡ High Reliability ➡ High and Predictable Performance ➡ Scaling options - both Horizontal & Vertical ➡ Modest resource use ➡ Simple to manage (plus ability to repair in case of disaster) ➡ Possible to get info for deep monitoring & metrics ➡ Extensible: features like Compression, Deduplication, Advanced Security Features... 12 We wanted SDS on the level of Enterprise storage BUT based on a cost-effective open-source technology we understand.
PROZETA © 2017 What Are The Options? ➡ IaaS = Volumes / Block Storage ➡ Servers + Disks + Software ➡ Local storage ⇀ not scalable ➡ iSCSI ⇀ software defined & redundant: hard to find ➡ GlusterFS, LizardFS, … ⇀ too complex to operate... 13 Goal: “Next year I’d like to try out a different storage software solution… ...and I can!”
PROZETA © 2017 Situation on the Storage market Open-source: ➡ Often re-inventing wheel ➡ Too old solutions ➡ Too complex solutions ➡ Over-engineered ➡ Often unstable Proprietary: ➡ Often very expensive ➡ Closed source ➡ Not future proof (Software-defined) ➡ What if something goes wrong? 14
Need Software Defined Everything... 15
Need True Cloud Storage... 16
...that is Fast, Reliable, Scalable 17
Definitely requires a solid underlying base technology … Something new, right? 18
And then we (re-) discovered DRBD! 19
PROZETA © 2017 What is DRBD? ➡ Technology for data replication over the network ➡ 15+ years on the market ➡ Developed by a stable company with great reputation ➡ More than 250.000 production installations worldwide ➡ Kernel modules (DRBD core) are standard part of Linux kernel ➡ Super-reliable and super-fast! 20
PROZETA © 2017 Why is it so freakin' fast? ➡ Native Linux block device - not a block device emulation on top of an object store ➡ Highly optimized meta data layout ➡ The SDS solution leverages on proven technology ⇀ LVM or ZFS’ zVols ➡ Very well suited for hyperconverged compute and storage 21
PROZETA © 2017 DRBD - Key Features ➡ automatic resync after node or connectivity failure ⇀ direction, amount, no full resync needed ➡ performs under a Linux kernel implementation ⇀ 160k IOPs measured (on SSDs, of course) ➡ multiple volumes per resource (replication group) ⇀ write order fidelity within resource comes with Pacemaker integration ➡ synchronous and async replication (LAN and WAN) ➡ In Linux upstream since 2.6.33 (released 2010) 22
PROZETA © 2017 DRBD New Features in 9.x ➡ Up to 32 nodes per resource ⇀ Fixes the drawbacks of stacking ➡ Auto promote ➡ Transport abstraction (TCP, SCTP, RDMA) ➡ DRBD Manage 23
Let's rock! 24
PROZETA © 2017 First implementation ➡ DRBD Kernel modules ⇀ DRBD Utils ⇀ DRBD Manage ➡ DRBD Cinder driver ➡ Monitoring & Metrics ➡ Backup 25
PROZETA © 2017 Stability & Reliability We have tried to totally break it a million times... with NO SUCCESS! Just what you would expect in a production environment. 26
So what now? 27
PROZETA © 2017 Building best SDS We decided to combine the best-of-breed open source: ➡ Linux kernel ➡ ZFS ➡ DRBD ➡ & many more for supporting systems We are improving stability, performance & features without additional involvement, almost every week. Not like others who are trying & failing to re-invent on-disk formats 28
World's fastest & most reliable Cloud Native Software Defined Storage
PROZETA © 2017 BlackStor 3030
What more to add? 31
PROZETA © 2017 Policy-driven storage ➡ Use simple policies to control: ⇀ Replication strategy ⇀ Data placement ⇀ Balance speed & data protection (RPO) ⇀ QoS & SLA ⇀ Backup ⇀ … and various other knobs ➡ Assign policies to / by: ⇀ Storage objects ⇀ Consumer objects ⇀ (OpenStack tenant, Cinder volume metadata, ...) 32
PROZETA © 2017 Multi-tenant & Multi-cloud Use the same storage pool for ➡ Multiple OpenStack tenants ➡ Multiple OpenStack clusters ➡ OpenStack & Docker ➡ ….. We have QoS, so no issues with multi-tenant environment Linked authentication ➡ Use Keystone for storage authentication ➡ Allows OpenStack users to manage resources (if allowed) 33
PROZETA © 2017 Scaling Horizontally: Scale-out ➡ Add nodes to grow cluster ➡ Hyper-converged nodes (more nodes, lower capacity per node) Vertically: Scale-up ➡ Low CPU usage ➡ High density storage (high capacity, high iops) ➡ 76 TB SSD & 1-2M IOPs in one node? Why not? Single volume striped across multiple nodes w/ read balancing ➡ Extra boost in performance 34
PROZETA © 2017 QoS ➡ Limit IOPs per ⇀ Volume ⇀ Volume group ⇀ Consumer object (OpenStack tenant, … ) ⇀ Consumer (OpenStack cluster for multi-cluster environment) ➡ Set priority ⇀ Set priority per policy ➡ Alpha version - many limitations but usable ➡ Bandwidth limitation not yet implemented 35
PROZETA © 2017 Backup & “Recycle Bin” ➡ Ability to roll-back without any actual recovery process ⇀ Storage snapshots (volume roll-back) ⇀ Deferred delete (volume undelete) ➡ Backup to another host ⇀ Running in background ⇀ Simple policies ⇀ No performance degradation ⇀ Encrypted over the wire ➡ Recover anything ⇀ Single volume ⇀ Full storage 36
PROZETA © 2017 Fully Cloud Aware Storage Everyone's talking about it, but there is none as of now! What it means? ➡ Bi-directional interfaces (OpenStack, Docker, etc…) ➡ BlackStor keeps all informations about your volumes & VMs inside ➡ Simply define QoS/SLA for OpenStack tenant or VM… …and see if SLA is not breached in the Web UI 37
PROZETA © 2017 Deep insight ➡ Cloud Native - Data + all metadata in one place ➡ CLI, Web UI ➡ Real-time status ➡ Metrics ⇀ IOPs, bandwidth ⇀ Latency distribution ⇀ Storage health (software, hardware) ⇀ … and many more 38
Is your data secure? 39
➞ Tough job! ➞ We’re sitting on tons of customers’ data ➞ Huge responsibility ➞ And GDPR makes it even worse ⇀ New rules for CSPs and up to 20M EUR fine for a breach... 40 Cloud Service Provider
Cloud Service Provider How to protect us? Encrypt all data & have no access!! 41
42 Cloud Service Provider How to protect us? Encrypt all data & have no access!! This is valid for service provider but it’s valid for internal service providers (internal IT teams) as well
PROZETA © 2017 Security ➡ Trusted Computing ➡ Full hardware life-cycle security management ➡ Data encryption, Trusted storage, Over-the-wire encryption ➡ Trusted logging - auditability, tampering detection ➡ Missing part in any cloud software. ➡ VMware just scratched the surface. GDPR-compliant? Yes! Because we don't necessarily need to be able to access the data... 43
How does it work in the real world? (It works in theory… does it work in practice?) 44
PROZETA © 2017 Performance DRBD by itself ➡ HW ⇀ 2x IBM 8247-22L ⇀ Power 8 2 sockets ⇀ 128 GB RAM ⇀ Mellanox 100GBps InfiniBand ⇀ HGST Ultrastart NVMe SSDs ➡ Ubuntu Xenial on bare metal ➡ DRBD 9.0.1 & RDMA Transport 2.0 ➡ fio 2.2.10 ➡ Random IO 45
PROZETA © 2017 Performance - DRBD itself 46 Write 2 node DRBDWrite Baseline 46
PROZETA © 2017 Performance - DRBD itself 4747 Read through DRBDRead baseline
PROZETA © 2017 Performance - DRBD itself 4848 DRBD with read balancingRead baseline
PROZETA © 2017 DRBD vs CEPH 4949 CPU usageSequential write (IOPS)
PROZETA © 2017 DRBD vs CEPH 5050 CPU usageRandom write (IOPS)
PROZETA © 2017 DRBD vs CEPH 5151 CPU usageRandom read (IOPS)
PROZETA © 2017 Line-rate Performance < 2 ms write latency (default config, SSD) < 1 ms write latency (tuned config, SSD) < 0.1 ms write latency (dedicated low latency log drives, SSD) That means consistent high performance under workload. All that will low CPU usage. 40x improvement over CEPH 52
New performance tests on latest Intel drives and CPUs to come in September 2018… 53
Let's sum it up! 54
Building a new cloud-native SDS is not an easy task... 55
...but we went for it anyway. Why? Because... there was nothing reliable out there great performance & production ready sweet spot between open source Ceph & expensive Enterprise storage 56
PROZETA © 2017 What do you get with this solution? ➡ Production ready ➡ Stable & Reliable ➡ Great & Predictable Performance ➡ Simple to implement & manage ➡ Includes deep metrics information ➡ Advanced security features (eg. for GDPR) ➡ With additional support options ...and the last but not least…. ➡ Fantastic TCO - it doesn't cost the Earth! 57
Q & A 58
59 PRO-ZETA a.s. Prague, Czech Republic prozeta@prozeta.eu www.prozeta.eu www.tier5.cloud PRO-ZETA Middle East Dubai, UAE prozeta@prozeta.ae www.prozeta.ae
Backup Slides 60
Data Encryption Parts needed: ➞ Run VM only on a trusted (attested) platform (HW, OS, hypervisor) ➞ Validate VM consistency ➞ Protect VM’s memory ➞ Monitor malicious activity Trusted platform? What does it mean? Technologies: ➞ TPM, Intel TXT, SGX, Xen Guest TPM 61
VM Encryption We are lost anyway unless we encrypt the VM’s memory because of the recent CPU bugs (Meltdown, Spectre) Hardware-based VM memory encryption: ➞ Intel SGX (Software Guard Extensions) ➞ AMD SME (Secure Memory Encryption) Workarounds: ➞ No admin access to the hypervisor ➞ Fully automated deployment ➞ Single-tenant hypervisor only 62
VM Encryption Implement using an Glance OS image with two partitions: 1. OS boot/initrd, untrusted part 2. OS root, trusted, encrypted Need to encrypt of the second (OS root) partition after the VM initialization... … or you always need to bootstrap the OS from the installation image Unfortunately you can’t rekey ZFS, dm-crypt or any other filesystem at the moment 63
Storage Efficiency Encryption? ➞ Forget compression ➞ Forget deduplication ➞ Not a big deal ○ hardware cost per GB decreases Y-to-Y ○ enable compression within the VM ➞ CSPs can’t hardly overprovision storage anyway 64
OpenStack? Encryption? ➞ Forget compression ➞ Forget deduplication ➞ Not a big deal ○ hardware cost per GB decreases Y-to-Y ○ enable compression within the VM ➞ CSPs can’t hardly overprovision storage anyway 65
OpenStack? VM Encryption ➞ Intel SGX: KVM/Qemu, Xen ➞ AMD SME: KVM/Qemu, Xen Key management ➞ Barbarican w/ Intel SGX secure enclave Don’t try this at home! 66

Recomendados

BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
Michal Němec
 
DRBD + OpenStack (Openstack Live Prague 2016)
DRBD + OpenStack (Openstack Live Prague 2016)DRBD + OpenStack (Openstack Live Prague 2016)
DRBD + OpenStack (Openstack Live Prague 2016)
Jaroslav Jacjuk
 
Accelerating NFV delivery with RedHat OpenStack
Accelerating NFV delivery with RedHat OpenStackAccelerating NFV delivery with RedHat OpenStack
Accelerating NFV delivery with RedHat OpenStack
Pratik Bandarkar
 
Ceph: A decade in the making and still going strong
Ceph: A decade in the making and still going strongCeph: A decade in the making and still going strong
Ceph: A decade in the making and still going strong
Patrick McGarry
 
In-Ceph-tion: Deploying a Ceph cluster on DreamCompute
In-Ceph-tion: Deploying a Ceph cluster on DreamComputeIn-Ceph-tion: Deploying a Ceph cluster on DreamCompute
In-Ceph-tion: Deploying a Ceph cluster on DreamCompute
Patrick McGarry
 
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Patrick McGarry
 
2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk
Patrick McGarry
 
ceph openstack dream team
ceph openstack dream teamceph openstack dream team
ceph openstack dream team
Udo Seidel
 

Recomendados

BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...
Michal Němec
 
DRBD + OpenStack (Openstack Live Prague 2016)
DRBD + OpenStack (Openstack Live Prague 2016)DRBD + OpenStack (Openstack Live Prague 2016)
DRBD + OpenStack (Openstack Live Prague 2016)
Jaroslav Jacjuk
 
Accelerating NFV delivery with RedHat OpenStack
Accelerating NFV delivery with RedHat OpenStackAccelerating NFV delivery with RedHat OpenStack
Accelerating NFV delivery with RedHat OpenStack
Pratik Bandarkar
 
Ceph: A decade in the making and still going strong
Ceph: A decade in the making and still going strongCeph: A decade in the making and still going strong
Ceph: A decade in the making and still going strong
Patrick McGarry
 
In-Ceph-tion: Deploying a Ceph cluster on DreamCompute
In-Ceph-tion: Deploying a Ceph cluster on DreamComputeIn-Ceph-tion: Deploying a Ceph cluster on DreamCompute
In-Ceph-tion: Deploying a Ceph cluster on DreamCompute
Patrick McGarry
 
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Ceph, Open Source, and the Path to Ubiquity in Storage - AACS Meetup 2014
Patrick McGarry
 
2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk
Patrick McGarry
 
ceph openstack dream team
ceph openstack dream teamceph openstack dream team
ceph openstack dream team
Udo Seidel
 
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini SummitRed hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
kimw001
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Walid Shaari
 
Inside Triton, July 2015
Inside Triton, July 2015Inside Triton, July 2015
Inside Triton, July 2015
Casey Bisson
 
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Docker, Inc.
 
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaSA complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
Dave Neary
 
Apps software development with Vert.X
Apps software development with Vert.XApps software development with Vert.X
Apps software development with Vert.X
Jose Juan R. Zuñiga
 
Evoluzione dello storage
Evoluzione dello storageEvoluzione dello storage
Evoluzione dello storage
Andrea Mauro
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStack
Dave Neary
 
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
Joe Clarke
 
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
Western Digital
 
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud
 
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
Ian Colle
 
Ceph and Openstack in a Nutshell
Ceph and Openstack in a NutshellCeph and Openstack in a Nutshell
Ceph and Openstack in a Nutshell
Karan Singh
 
Deploying (micro)services with Disnix
Deploying (micro)services with DisnixDeploying (micro)services with Disnix
Deploying (micro)services with Disnix
Sander van der Burg
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstream
Dave Neary
 
The NixOS project and deploying systems declaratively
The NixOS project and deploying systems declarativelyThe NixOS project and deploying systems declaratively
The NixOS project and deploying systems declaratively
Sander van der Burg
 
DNSaaS and FWaaS
DNSaaS and FWaaSDNSaaS and FWaaS
DNSaaS and FWaaS
Alex Baretto
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Công TÔ
 
Cncf storage-final-filip
Cncf storage-final-filipCncf storage-final-filip
Cncf storage-final-filip
Juraj Hantak
 
Hydra: Continuous Integration and Testing for Demanding People: The Basics
Hydra: Continuous Integration and Testing for Demanding People: The BasicsHydra: Continuous Integration and Testing for Demanding People: The Basics
Hydra: Continuous Integration and Testing for Demanding People: The Basics
Sander van der Burg
 
Getting started with Hadoop, Hive, Spark and Kafka
Getting started with Hadoop, Hive, Spark and KafkaGetting started with Hadoop, Hive, Spark and Kafka
Getting started with Hadoop, Hive, Spark and Kafka
Edelweiss Kammermann
 
WekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound AgainWekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound Again
inside-BigData.com
 

Mais conteúdo relacionado

Mais procurados

Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Walid Shaari
 
Inside Triton, July 2015
Inside Triton, July 2015Inside Triton, July 2015
Inside Triton, July 2015
Casey Bisson
 
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Docker, Inc.
 
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
Western Digital
 
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Công TÔ
 

Mais procurados (20)

Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini SummitRed hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
 
Inside Triton, July 2015
Inside Triton, July 2015Inside Triton, July 2015
Inside Triton, July 2015
 
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
Building a Secure and Resilient Foundation for Banking at Intesa Sanpaolo wit...
 
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaSA complete Open Source cloud: Storage, Virt, IaaS, PaaS
A complete Open Source cloud: Storage, Virt, IaaS, PaaS
 
Apps software development with Vert.X
Apps software development with Vert.XApps software development with Vert.X
Apps software development with Vert.X
 
Evoluzione dello storage
Evoluzione dello storageEvoluzione dello storage
Evoluzione dello storage
 
oVirt and OpenStack
oVirt and OpenStackoVirt and OpenStack
oVirt and OpenStack
 
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
3V0-622 objective-3.1-logical-physical with Joe Clarke @elgwhoppo
 
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
All-Flash Versus Hybrid VMware Virtual SAN™: Performance vs. Price
 
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
OVHcloud Tech Talks S01E09 - OVHcloud Data Processing : Le nouveau service po...
 
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
What is a Ceph (and why do I care). OpenStack storage - Colorado OpenStack Me...
 
Ceph and Openstack in a Nutshell
Ceph and Openstack in a NutshellCeph and Openstack in a Nutshell
Ceph and Openstack in a Nutshell
 
Deploying (micro)services with Disnix
Deploying (micro)services with DisnixDeploying (micro)services with Disnix
Deploying (micro)services with Disnix
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstream
 
The NixOS project and deploying systems declaratively
The NixOS project and deploying systems declarativelyThe NixOS project and deploying systems declaratively
The NixOS project and deploying systems declaratively
 
DNSaaS and FWaaS
DNSaaS and FWaaSDNSaaS and FWaaS
DNSaaS and FWaaS
 
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
Yechielthur1100red hat-cloud-infrastructure-networking-deep-dive-140417165107...
 
Cncf storage-final-filip
Cncf storage-final-filipCncf storage-final-filip
Cncf storage-final-filip
 
Hydra: Continuous Integration and Testing for Demanding People: The Basics
Hydra: Continuous Integration and Testing for Demanding People: The BasicsHydra: Continuous Integration and Testing for Demanding People: The Basics
Hydra: Continuous Integration and Testing for Demanding People: The Basics
 

Semelhante a OpenStack Days Krakow

WekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound AgainWekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound Again
inside-BigData.com
 
Implementing data and databases on K8s within the Dutch government
Implementing data and databases on K8s within the Dutch governmentImplementing data and databases on K8s within the Dutch government
Implementing data and databases on K8s within the Dutch government
DoKC
 
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
Cloud Native Day Tel Aviv
 
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storageWebinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
MayaData Inc
 
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
Databricks
 
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
Ron Munitz
 
LINBIT_HA_Business_Apr2016
LINBIT_HA_Business_Apr2016LINBIT_HA_Business_Apr2016
LINBIT_HA_Business_Apr2016
Alexandre Huynh
 
Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2
aspyker
 

Semelhante a OpenStack Days Krakow (20)

Getting started with Hadoop, Hive, Spark and Kafka
Getting started with Hadoop, Hive, Spark and KafkaGetting started with Hadoop, Hive, Spark and Kafka
Getting started with Hadoop, Hive, Spark and Kafka
 
WekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound AgainWekaIO: Making Machine Learning Compute Bound Again
WekaIO: Making Machine Learning Compute Bound Again
 
Implementing data and databases on K8s within the Dutch government
Implementing data and databases on K8s within the Dutch governmentImplementing data and databases on K8s within the Dutch government
Implementing data and databases on K8s within the Dutch government
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v final
 
Iperconvergenza come migliora gli economics del tuo IT
Iperconvergenza come migliora gli economics del tuo ITIperconvergenza come migliora gli economics del tuo IT
Iperconvergenza come migliora gli economics del tuo IT
 
Bridging Your Business Across the Enterprise and Cloud with MongoDB and NetApp
Bridging Your Business Across the Enterprise and Cloud with MongoDB and NetAppBridging Your Business Across the Enterprise and Cloud with MongoDB and NetApp
Bridging Your Business Across the Enterprise and Cloud with MongoDB and NetApp
 
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
Born to be fast! - Aviram Bar Haim - OpenStack Israel 2017
 
Container Attached Storage (CAS) with OpenEBS - SDC 2018
Container Attached Storage (CAS) with OpenEBS - SDC 2018Container Attached Storage (CAS) with OpenEBS - SDC 2018
Container Attached Storage (CAS) with OpenEBS - SDC 2018
 
Red hat Storage Day LA - Designing Ceph Clusters Using Intel-Based Hardware
Red hat Storage Day LA - Designing Ceph Clusters Using Intel-Based HardwareRed hat Storage Day LA - Designing Ceph Clusters Using Intel-Based Hardware
Red hat Storage Day LA - Designing Ceph Clusters Using Intel-Based Hardware
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storageWebinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
 
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
No More Cumbersomeness: Automatic Predictive Modeling on Apache Spark with Ma...
 
HPC DAY 2017 | HPE Storage and Data Management for Big Data
HPC DAY 2017 | HPE Storage and Data Management for Big DataHPC DAY 2017 | HPE Storage and Data Management for Big Data
HPC DAY 2017 | HPE Storage and Data Management for Big Data
 
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)
 
LINBIT_HA_Business_Apr2016
LINBIT_HA_Business_Apr2016LINBIT_HA_Business_Apr2016
LINBIT_HA_Business_Apr2016
 
Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2
 
2016-JAN-28 -- High Performance Production Databases on Ceph
2016-JAN-28 -- High Performance Production Databases on Ceph2016-JAN-28 -- High Performance Production Databases on Ceph
2016-JAN-28 -- High Performance Production Databases on Ceph
 
Predictable Big Data Performance in Real-time
Predictable Big Data Performance in Real-timePredictable Big Data Performance in Real-time
Predictable Big Data Performance in Real-time
 
Presentazione PernixData @ VMUGIT UserCon 2015
Presentazione PernixData @ VMUGIT UserCon 2015Presentazione PernixData @ VMUGIT UserCon 2015
Presentazione PernixData @ VMUGIT UserCon 2015
 
Webinar NETGEAR - Storage ReadyNAS, le novità
Webinar NETGEAR - Storage ReadyNAS, le novitàWebinar NETGEAR - Storage ReadyNAS, le novità
Webinar NETGEAR - Storage ReadyNAS, le novità
 

Último

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 

Último (20)

Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 

OpenStack Days Krakow

  • 1. BlackStor World's fastest & most reliable Cloud Native Software Defined Storage Michal Nemec Operations Director
  • 2. PROZETA © 2017 PROZETA ➡ Cloud Builder & Service Provider ➡ IoT, Industry 4.0 & Security Division ➡ Data Center Hardware Reseller ➡ Group annual turnover 20M EUR (2015) ➡ Active in 20+ countries 2
  • 3. PROZETA © 2017 Partners & Certifications 33
  • 4. PROZETA © 2017 Network & Infrastructure 44
  • 5. We started offering OpenStack ~2013 with following long-term goal: To provide high-performance enterprise-ready OpenStack cloud with tight SLAs. 5
  • 6. Tier5 Cloud ➡ Full-featured Software Defined Datacenter ➡ Our Turn-key Private Cloud Product ➡ Hosted in our DCs or on-premise ➡ Covers all aspects of provisioning, management & 24/7 support ➡ Based on OpenStack ➡ Fully software-defined ➡ Extensive monitoring dashboards ➡ Standardized APIs
  • 7. We did a lot of testing and few production installations with Ceph. But then… stuff happened. 7
  • 8. PROZETA © 2017 ISSUE: recovery of Ceph storage stack became so CPU/memory-hungry that it caused repetitive crashes of OSD daemon… and ended up with broken objects RESULT: very hardly recoverable storage cluster metadata in RADOS, randomly broken objects everywhere, no other usable toolings around... SOLUTION: Can RedHat help? Maybe if we have few weeks/months for recovery… So a lot of scripting and low-level programming became reality… and SLAs. 8
  • 9. PROZETA © 2017 Next to already known issues at that time... ➡ No compression, no deduplication (at that time) ➡ Ineffective thin provisioning ➡ Extremely CPU hungry ➡ Bad write performance / high latency - SLOOOOOOOOOW… High TCO due to the need for extra hardware, unpredictable performance 9
  • 10. PROZETA © 2017 What was good about it? ➡ Perfect integration with OpenStack ➡ VERY stable (BUT very difficult to fix potential issues in a timely manner) 10
  • 11. So what do we really need? 11
  • 12. PROZETA © 2017 SDS Requirements ➡ High Stability ➡ High Reliability ➡ High and Predictable Performance ➡ Scaling options - both Horizontal & Vertical ➡ Modest resource use ➡ Simple to manage (plus ability to repair in case of disaster) ➡ Possible to get info for deep monitoring & metrics ➡ Extensible: features like Compression, Deduplication, Advanced Security Features... 12 We wanted SDS on the level of Enterprise storage BUT based on a cost-effective open-source technology we understand.
  • 13. PROZETA © 2017 What Are The Options? ➡ IaaS = Volumes / Block Storage ➡ Servers + Disks + Software ➡ Local storage ⇀ not scalable ➡ iSCSI ⇀ software defined & redundant: hard to find ➡ GlusterFS, LizardFS, … ⇀ too complex to operate... 13 Goal: “Next year I’d like to try out a different storage software solution… ...and I can!”
  • 14. PROZETA © 2017 Situation on the Storage market Open-source: ➡ Often re-inventing wheel ➡ Too old solutions ➡ Too complex solutions ➡ Over-engineered ➡ Often unstable Proprietary: ➡ Often very expensive ➡ Closed source ➡ Not future proof (Software-defined) ➡ What if something goes wrong? 14
  • 17. ...that is Fast, Reliable, Scalable 17
  • 18. Definitely requires a solid underlying base technology … Something new, right? 18
  • 19. And then we (re-) discovered DRBD! 19
  • 20. PROZETA © 2017 What is DRBD? ➡ Technology for data replication over the network ➡ 15+ years on the market ➡ Developed by a stable company with great reputation ➡ More than 250.000 production installations worldwide ➡ Kernel modules (DRBD core) are standard part of Linux kernel ➡ Super-reliable and super-fast! 20
  • 21. PROZETA © 2017 Why is it so freakin' fast? ➡ Native Linux block device - not a block device emulation on top of an object store ➡ Highly optimized meta data layout ➡ The SDS solution leverages on proven technology ⇀ LVM or ZFS’ zVols ➡ Very well suited for hyperconverged compute and storage 21
  • 22. PROZETA © 2017 DRBD - Key Features ➡ automatic resync after node or connectivity failure ⇀ direction, amount, no full resync needed ➡ performs under a Linux kernel implementation ⇀ 160k IOPs measured (on SSDs, of course) ➡ multiple volumes per resource (replication group) ⇀ write order fidelity within resource comes with Pacemaker integration ➡ synchronous and async replication (LAN and WAN) ➡ In Linux upstream since 2.6.33 (released 2010) 22
  • 23. PROZETA © 2017 DRBD New Features in 9.x ➡ Up to 32 nodes per resource ⇀ Fixes the drawbacks of stacking ➡ Auto promote ➡ Transport abstraction (TCP, SCTP, RDMA) ➡ DRBD Manage 23
  • 25. PROZETA © 2017 First implementation ➡ DRBD Kernel modules ⇀ DRBD Utils ⇀ DRBD Manage ➡ DRBD Cinder driver ➡ Monitoring & Metrics ➡ Backup 25
  • 26. PROZETA © 2017 Stability & Reliability We have tried to totally break it a million times... with NO SUCCESS! Just what you would expect in a production environment. 26
  • 28. PROZETA © 2017 Building best SDS We decided to combine the best-of-breed open source: ➡ Linux kernel ➡ ZFS ➡ DRBD ➡ & many more for supporting systems We are improving stability, performance & features without additional involvement, almost every week. Not like others who are trying & failing to re-invent on-disk formats 28
  • 29. World's fastest & most reliable Cloud Native Software Defined Storage
  • 31. What more to add? 31
  • 32. PROZETA © 2017 Policy-driven storage ➡ Use simple policies to control: ⇀ Replication strategy ⇀ Data placement ⇀ Balance speed & data protection (RPO) ⇀ QoS & SLA ⇀ Backup ⇀ … and various other knobs ➡ Assign policies to / by: ⇀ Storage objects ⇀ Consumer objects ⇀ (OpenStack tenant, Cinder volume metadata, ...) 32
  • 33. PROZETA © 2017 Multi-tenant & Multi-cloud Use the same storage pool for ➡ Multiple OpenStack tenants ➡ Multiple OpenStack clusters ➡ OpenStack & Docker ➡ ….. We have QoS, so no issues with multi-tenant environment Linked authentication ➡ Use Keystone for storage authentication ➡ Allows OpenStack users to manage resources (if allowed) 33
  • 34. PROZETA © 2017 Scaling Horizontally: Scale-out ➡ Add nodes to grow cluster ➡ Hyper-converged nodes (more nodes, lower capacity per node) Vertically: Scale-up ➡ Low CPU usage ➡ High density storage (high capacity, high iops) ➡ 76 TB SSD & 1-2M IOPs in one node? Why not? Single volume striped across multiple nodes w/ read balancing ➡ Extra boost in performance 34
  • 35. PROZETA © 2017 QoS ➡ Limit IOPs per ⇀ Volume ⇀ Volume group ⇀ Consumer object (OpenStack tenant, … ) ⇀ Consumer (OpenStack cluster for multi-cluster environment) ➡ Set priority ⇀ Set priority per policy ➡ Alpha version - many limitations but usable ➡ Bandwidth limitation not yet implemented 35
  • 36. PROZETA © 2017 Backup & “Recycle Bin” ➡ Ability to roll-back without any actual recovery process ⇀ Storage snapshots (volume roll-back) ⇀ Deferred delete (volume undelete) ➡ Backup to another host ⇀ Running in background ⇀ Simple policies ⇀ No performance degradation ⇀ Encrypted over the wire ➡ Recover anything ⇀ Single volume ⇀ Full storage 36
  • 37. PROZETA © 2017 Fully Cloud Aware Storage Everyone's talking about it, but there is none as of now! What it means? ➡ Bi-directional interfaces (OpenStack, Docker, etc…) ➡ BlackStor keeps all informations about your volumes & VMs inside ➡ Simply define QoS/SLA for OpenStack tenant or VM… …and see if SLA is not breached in the Web UI 37
  • 38. PROZETA © 2017 Deep insight ➡ Cloud Native - Data + all metadata in one place ➡ CLI, Web UI ➡ Real-time status ➡ Metrics ⇀ IOPs, bandwidth ⇀ Latency distribution ⇀ Storage health (software, hardware) ⇀ … and many more 38
  • 39. Is your data secure? 39
  • 40. ➞ Tough job! ➞ We’re sitting on tons of customers’ data ➞ Huge responsibility ➞ And GDPR makes it even worse ⇀ New rules for CSPs and up to 20M EUR fine for a breach... 40 Cloud Service Provider
  • 41. Cloud Service Provider How to protect us? Encrypt all data & have no access!! 41
  • 42. 42 Cloud Service Provider How to protect us? Encrypt all data & have no access!! This is valid for service provider but it’s valid for internal service providers (internal IT teams) as well
  • 43. PROZETA © 2017 Security ➡ Trusted Computing ➡ Full hardware life-cycle security management ➡ Data encryption, Trusted storage, Over-the-wire encryption ➡ Trusted logging - auditability, tampering detection ➡ Missing part in any cloud software. ➡ VMware just scratched the surface. GDPR-compliant? Yes! Because we don't necessarily need to be able to access the data... 43
  • 44. How does it work in the real world? (It works in theory… does it work in practice?) 44
  • 45. PROZETA © 2017 Performance DRBD by itself ➡ HW ⇀ 2x IBM 8247-22L ⇀ Power 8 2 sockets ⇀ 128 GB RAM ⇀ Mellanox 100GBps InfiniBand ⇀ HGST Ultrastart NVMe SSDs ➡ Ubuntu Xenial on bare metal ➡ DRBD 9.0.1 & RDMA Transport 2.0 ➡ fio 2.2.10 ➡ Random IO 45
  • 46. PROZETA © 2017 Performance - DRBD itself 46 Write 2 node DRBDWrite Baseline 46
  • 47. PROZETA © 2017 Performance - DRBD itself 4747 Read through DRBDRead baseline
  • 48. PROZETA © 2017 Performance - DRBD itself 4848 DRBD with read balancingRead baseline
  • 49. PROZETA © 2017 DRBD vs CEPH 4949 CPU usageSequential write (IOPS)
  • 50. PROZETA © 2017 DRBD vs CEPH 5050 CPU usageRandom write (IOPS)
  • 51. PROZETA © 2017 DRBD vs CEPH 5151 CPU usageRandom read (IOPS)
  • 52. PROZETA © 2017 Line-rate Performance < 2 ms write latency (default config, SSD) < 1 ms write latency (tuned config, SSD) < 0.1 ms write latency (dedicated low latency log drives, SSD) That means consistent high performance under workload. All that will low CPU usage. 40x improvement over CEPH 52
  • 53. New performance tests on latest Intel drives and CPUs to come in September 2018… 53
  • 54. Let's sum it up! 54
  • 55. Building a new cloud-native SDS is not an easy task... 55
  • 56. ...but we went for it anyway. Why? Because... there was nothing reliable out there great performance & production ready sweet spot between open source Ceph & expensive Enterprise storage 56
  • 57. PROZETA © 2017 What do you get with this solution? ➡ Production ready ➡ Stable & Reliable ➡ Great & Predictable Performance ➡ Simple to implement & manage ➡ Includes deep metrics information ➡ Advanced security features (eg. for GDPR) ➡ With additional support options ...and the last but not least…. ➡ Fantastic TCO - it doesn't cost the Earth! 57
  • 59. 59 PRO-ZETA a.s. Prague, Czech Republic prozeta@prozeta.eu www.prozeta.eu www.tier5.cloud PRO-ZETA Middle East Dubai, UAE prozeta@prozeta.ae www.prozeta.ae
  • 61. Data Encryption Parts needed: ➞ Run VM only on a trusted (attested) platform (HW, OS, hypervisor) ➞ Validate VM consistency ➞ Protect VM’s memory ➞ Monitor malicious activity Trusted platform? What does it mean? Technologies: ➞ TPM, Intel TXT, SGX, Xen Guest TPM 61
  • 62. VM Encryption We are lost anyway unless we encrypt the VM’s memory because of the recent CPU bugs (Meltdown, Spectre) Hardware-based VM memory encryption: ➞ Intel SGX (Software Guard Extensions) ➞ AMD SME (Secure Memory Encryption) Workarounds: ➞ No admin access to the hypervisor ➞ Fully automated deployment ➞ Single-tenant hypervisor only 62
  • 63. VM Encryption Implement using an Glance OS image with two partitions: 1. OS boot/initrd, untrusted part 2. OS root, trusted, encrypted Need to encrypt of the second (OS root) partition after the VM initialization... … or you always need to bootstrap the OS from the installation image Unfortunately you can’t rekey ZFS, dm-crypt or any other filesystem at the moment 63
  • 64. Storage Efficiency Encryption? ➞ Forget compression ➞ Forget deduplication ➞ Not a big deal ○ hardware cost per GB decreases Y-to-Y ○ enable compression within the VM ➞ CSPs can’t hardly overprovision storage anyway 64
  • 65. OpenStack? Encryption? ➞ Forget compression ➞ Forget deduplication ➞ Not a big deal ○ hardware cost per GB decreases Y-to-Y ○ enable compression within the VM ➞ CSPs can’t hardly overprovision storage anyway 65
  • 66. OpenStack? VM Encryption ➞ Intel SGX: KVM/Qemu, Xen ➞ AMD SME: KVM/Qemu, Xen Key management ➞ Barbarican w/ Intel SGX secure enclave Don’t try this at home! 66