The Microsoft cloud ecosystem evolved considerably in recent years to interoperate with a wide range of open source technologies, including hardware (Open Compute), cloud software platforms (OpenStack), networking (Open vSwitch, OpenDaylight) and orchestration (Juju, Heat). During this session we will show how to deploy in no time an entire OpenStack cloud based on Microsoft Hyper-V using MaaS and Juju. Networking is going to be based on Open vSwitch, which brings OVSDB and VXLAN to Hyper-V, allowing full interoperability with KVM and other hypervisors. To conclude, we are going to orchestrate with Juju on top of our OpenStack cloud some of the most common Microsoft workloads, including Active Directory, IIS, SQL Server, SharePoint and Exchange, side by side with open source applications.

1. March 9, 2015
San Jose
Compute Engineering Workshop

2. ENGINEERING WORKSHOP
Compute Engineering Workshop
Building a Microsoft cloud with
open technologies
Alessandro Pilotti
Cloudbase Solutions
CEO

3. ENGINEERING WORKSHOP
Compute Engineering Workshop
Agenda
OpenStack
Open vSwitch
OpenDaylight

4. ENGINEERING WORKSHOP
OCS + OpenStack design goals
▪ Scalability
▪ Fullautomation
▪ Easy&fastdeployment
▪ IntegratewithOCSdesign
▪ Supportformultiplecomputenodeoptions:
▪ Hyper-V,KVM,etc

5. ENGINEERING WORKSHOP
Open Compute Server v2 and clouds
▪ “Cattle” vs “Pets”
▪
▪ OCS servers focuses mostly on cattle
▪ Limited BMC / IPMI
▪ The server is the unit of failure

6. ENGINEERING WORKSHOP
OpenStack
▪ OpenStack focuses on “cattle” as well
▪ Perfect fit for OCS
▪ Question becomes:
▪ How to easily automate OpenStack node provisioning and
orchestration

7. ENGINEERING WORKSHOP
OpenStack components
▪ Compute - Nova (Hyper-V, KVM, etc)
▪ Networking - Neutron (Open vSwitch, Hyper-V SDN)
▪ Identity - Keystone (integrated with Active Directory)
▪ Template - Glance
▪ Block Storage - Cinder (SMB3 and iSCSI)
▪ Object Storage - Swift
▪ Telemetry - Ceilometer
▪ Dashboard- Horizon

8. ENGINEERING WORKSHOP
Hyper-V
▪ Microsoft’s hypervisor
▪ Used in multiple scenarions, including:
▪ Windows, Azure, Xbox one
▪ 100% free SKU available
▪ No limitations
▪ Current version: 2012 R2
▪ Supported guest OSs: Windows, Linux, BSD

9. ENGINEERING WORKSHOP
Microsoft OCS - Chassis Manager
▪ Shared management host
▪ TPM for SecureBoot
▪ REST API
▪ Power on / off
▪ Open Source:
▪ https://github.com/MSOpenTech/ChassisManager

10. ENGINEERING WORKSHOP
Bare metal options
▪ TripleO / Ironic
▪ Part of OpenStack core (WiP for OCS support)
▪ Ubuntu MAAS + Juju
▪ Good integrated support, great enterprise choice
▪ OCS support included

11. ENGINEERING WORKSHOP
MAAS (Metal as a Service)
▪ Takes care of the bare metal deployment for all nodes
▪ enlisting
▪ commissioning
▪ deployment (via Juju in our case)
▪ MAC addresses are discovered automatically by MAAS
▪ Rules can be applied to determine the usage based on the MAC
▪ Only the nodes BMC initial address and credentials are needed
▪ MAAS creates automatically a dedicated BMC user

12. ENGINEERING WORKSHOP
Power adapters
▪ MAAS can use a wide range of BMCs to power on/off
▪ IPMI
▪ Intel vPro / AMT
▪ Cisco UCS
▪ HP Moonshot
▪ MSFT OCS - Chassis Manager
▪ etc

13. ENGINEERING WORKSHOP
Deployment steps
1. Deploy MAAS node
▪ E.g. via v-magine, a portable standalone executable
▪ No need for a pre-configured jump box
2. Enlist / Commission bare metal nodes
3. Deploy OpenStack charm
▪ VMs on the MAAS node
▪ all bare metal compute nodes
▪ storage nodes

14. ENGINEERING WORKSHOP
Juju
▪ OpenStack deployment managed by Juju charm bundle
▪ Charms are the rough equivalent of a Puppet manifest
▪ Main advantages over Puppet, Chef, Salt, etc:
▪ Relationships between charms
▪ Easy integration with different providers: MAAS, OpenStack, etc
▪ Great CLI and GUI

15. ENGINEERING WORKSHOP
MAAS and Juju Windows support
▪ Windows / Hyper-V porting and support provided by
▪ Cloudbase Solutions
▪ Including Juju charms for:
▪ OpenStack Hyper-V, Active Directory, IIS, SQL Server,
SharePoint, Exchange, Lync

16. MAAS deployment

17. ENGINEERING WORKSHOP
Networking with Hyper-V SDN
▪ NVGRE
▪ Hardware offloading supported by Mellanox on OCS
▪ Overlay allows minimal physical network config
▪ VLAN
▪ Most performant option with less that 4096 networks
▪ Still, simple trunk mode switch requirement
▪ Full interoperability in OpenStack with OVS
▪ No need for additional components

18. ENGINEERING WORKSHOP
Open vSwitch
▪ OVSDB
▪ VXLAN
▪ Hyper-V vswitch forwarding extension
▪ Full interoperability with other hypervisors
▪ Support for:
▪ NSX
▪ OpenDaylight
▪ See: http://www.youtube.com/watch?v=Sdu1Ej6A6C0
▪ Same CLI on Windows and Linux

19. ENGINEERING WORKSHOP
ovs-vsctl.exe show - sample output

20. ENGINEERING WORKSHOP
Open vSwitch architecture

21. ENGINEERING WORKSHOP
Open vSwitch installer
▪

22. ENGINEERING WORKSHOP
OpenDaylight + Hyper-V
▪ OpenDaylight is an open platform for network programmability
to enable SDN and NFV for networks at any side and scale
▪ Integrates well with Open vSwitch (OVS) and OpenStack
▪ Since OVS has been ported to Hyper-V, it is now possible to
include Hyper-V in OpenDaylight + OpenStack scenarios
▪ http://www.youtube.com/watch?v=Sdu1Ej6A6C0

23. ENGINEERING WORKSHOP
Block storage
▪ Hyper-V supports SMB3, iSCSI and FC
▪ iSCSI
▪ Simplest interoperable option
▪ SMB3
▪ Recommended, supported on Hyper-V and KVM

24. ENGINEERING WORKSHOP
Orchestration
▪ On top of the OpenStack deployment or on bare metal
▪ Juju or Heat
▪ Most common Windows and Linux support
▪ Cloudbase provides:
▪ AD, IIS, SQL Server, SharePoint, Exchange, Lync

25. ENGINEERING WORKSHOP
How to build Windows cloud images?
▪ https://github.com/cloudbase/windows-openstack-
imaging-tools
▪ Need to add all required drivers
▪ Images can be periodically updated adding Windows
updates

26. ENGINEERING WORKSHOP
Validating the deployment
▪ OpenStack is using state of the art CI testing
▪ Microsoft and Cloudbase run the Nova/Neutron/Cinder CI
▪ Every CI run includes almost 2000 compute Tempest
tests
▪ After an OpenStack deployment, we can run a Tempest
run to validate it

27. ENGINEERING WORKSHOP
Cloudbase-Init
▪ 100% Python
▪ Windows service
▪ Supports:
▪ OpenStack
▪ EC2
▪ CloudStack
▪ OpenNebula
▪ MAAS

28. ENGINEERING WORKSHOP
Cloudbase-Init actions (examples)
▪ Create user / set password / add to group(s)
▪ Set host password
▪ Set SSH public keys
▪ Extend volumes
▪ User data (including multi-part)
▪ License activation / KMS

29. ENGINEERING WORKSHOP
Windows OpenStack evaluation images

30. ENGINEERING WORKSHOP
Windows remote management
▪ Passwords are complicated to manage
▪ PowerShell remoting / WinRM
▪ Nova and Cloudbase-Init allow client generated
passwords
▪ Error prone
▪ Solution: X509 certificate authentication

31. ENGINEERING WORKSHOP
Windows SSH equivalent?
▪ WinRM
▪ Command execution over HTTP/HTTPS
▪ PowerShell remoting is based on it
▪ Supports Basic, Kerberos and X509 authentication
▪ Linux example:
▪ wsmancmd.py -H 10.228.163.11 -s -a certificate -c
~/.ssl/winrm_client_cert.pem -k
~/.ssl/winrm_client_cert.key “dir c:”

32. ENGINEERING WORKSHOP
Monitoring
▪ Nagios
▪ Sensu
▪ Windows Hyper-V support being added

33. Demo

34. March 9, 2015
San Jose
Compute Engineering Workshop