2. What is OpenStack
Provide scalable, elastic cloud
computing for both public and
private clouds, large and small
3. Defining OpenStack
• OpenStack is a virtualization platform
which abstracts out Compute, Storage and
Networking from the underlying Hardware
• All the components are managed through
a central Dashboard
5. OpenStack - Components
Component Component Function Definition
Nova Compute Provides virtual servers on demand
Glance Image Service Provides a catalog of images used to
create VMs
Swift Object Storage Provides Object Storage
Horizon Web based UI Provides a way to interact with other
OpenStack services
Quantum Networking Service Provides Network as a Service
Cinder Block Storage
Service
Provides Block Storage Service for guest
VMs
Keystone Identity Services Provides Authorization and
Authentication services for
7. OpenStack – Compute
• Tool to orchestrate cloud.
• Main Functions
– Manage running instances
– Manage access to the cloud through users and
tenants
• OpenStack compute relies in the underlying
hypervisors to spawn actual instances
8. OpenStack Computes
• Hypervisors Supported
Hypervisor
KVM Kernel Virtual Machine
Xen Based on Citrix Xen Server
vSphere 4.1, 5.1 VMWare’s hypervisor
QEMU Quick Emulator
LXC Linux Containers : User Control Packages for Linux
Containers
9. Users and Tenants
• OpenStack Compute is designed to be multi
tenant
– Role Based Access Assignment
– Quotas to control resource consumption are on a
per tenant basis
• Tenants are containers of resources
– Contain :VLANs, Users, volumes, instances, images
10. Images and Instances
• Images are templates of VM File Systems
• Instances are Virtual Machines running on
Physical Compute Nodes
12. Storage Types in Compute
• Ephemeral Storage
– Persistent storage on a local Compute Node
– Deleted with the instance
– Persisted across reboots of the VM
• Volume Storage
– Independent of the Instance
– Block Storage
– Attached to an instance
– Not shared among instances
13. OpenStack Block Storage
• Provides Persistent Block
Storage to be attached to
the Virtual Machines
• Similar to EBS in Amazon
EC2
• Not a NFS
• By Default it uses Cinder-
Volume Backend storage
Service
• Supports concept of a
Volume and a Snapshot
15. OpenStack Object Storage..1/2
• Provides a mechanism to store Object in
Containers
• Accounts and Account Servers
• Container Servers
• Object Storage Servers
17. What is Quantum
• Networking service to virtualize Network
Management
• Quantum is to networking what Nova for
Compute
18. Pluggin Architecture of OpenStack
Networking
• Open Stack Networking Follows a Pluggin
approach for the implementation of the APIs.
• Default implementation is with Open vSwitch
but there a host of implementations from
third party vendors
21. Identity Service
• Provides services for
– Identity : Provide Auth Validation and Data about
users
– Token : Validates and Manages Tokens
– Catalog : Provides and Endpoint Registry
– Policy : Rules Based authorization Engine
25. What is Quantum
• Networking service to virtualize Network
Management
• Quantum is to networking what Nova for
Compute
26. Why Quantum
• Enterprise Networks are complex
• Traditional Open Stack Networking has
limitations
• New Concepts like SDN and Tunneling
protocols need a more extendible model
27. Limitations of Nova-Network
• Single VLAN for all the VMs
• Limited by the number of
VLANs which can be
created – 4096
• Little or No Control
28. Quantum
• Provides tools and control for Enterprise class
Networking
– Services Firewalls, Load Balancers, Virtual Routers
• Provide APIs to build advanced network
Configurations
29. Challenges from Cloud on Networking
• Massive Scale
• Cost Effective
• Vendor Agnostic
• Dynamic and programmatic configuration
30. Quantum
• Embrace New technologies like SDN / Open
Flow
• Programmable Network
• Overcome limitation of Nova-Network
• Pluggin mechanism for multiple downstream
APIs
31. Quantum Basics
• Provides API for configuration of Virtual
Networks and connecting VMs
• Connect Virtual and Physical Switches
• Provide Pluggin mechanism for different
control components.
33. Quantum Basics (by analogy to Nova)
Nova Quantum
*-as-a-service Compute Network
Major API abstractions “virtual servers”:
represents a host with CPU,
memory, disk, and NICs.
“virtual networks”:
A basic L2 network segment.
“virtual ports”:
Attachment point for devices
connecting to virtual networks.
Interactions with other
OpenStack services.
virtual servers use “virtual
images” from Glance.
virtual ports are linked to vNICs on
“virtual servers”.
Supports different
back-end technologies
“virt-drivers” for KVM,
XenServer, Hyper-V,
VMWare ESX
“plugins” for Open vSwitch Cisco
UCS, Linux Bridge, Nicira NVP
API Extensibility for
new or back-end
specific features.
keypairs, instance rescue,
volumes, etc.
quality-of-service, port statistics,
security groups, etc.
35. Quantum Rest API Abstraction Details
• Virtual Networks:
– Equivalent to a “virtual VLAN”, a dedicated L2 segment.
– Example: quantum.foo.com/<tenant-id>/network/<network-
id>
• Virtual Ports:
– Where a virtual interface (e.g., Nova vNIC) attaches to a
network.
– Ports expose configuration and monitoring state via extensions
(e.g., ACLs, QoS policies, Packet Statistics)
– Example: quantum.foo.com/<tenant-id>/network/<network-
id>/port/<port-id>
36. Old Model: Static Nova Networking
Public Net
88.0.0.0/18
• Single network exists (per-project or global).
• VMs automatically get a vNIC on that single network on boot.
• Tenants have no control over IP addressing.
TenantA-VM1
88.0.0.2
TenantB-VM1
88.0.0.3
TenantA-VM2
88.0.0.4
TenantA-VM3
88.0.0.5
37. Quantum Model: Dynamic Network
Creation + Association
• Tenant can use API to create many networks.
• When booting a VM, define which network(s) it
should connect to.
• Can even plug-in instances from other services
(e.g., a load-balancing service).
Public Net
88.0.0.0/18
Tenant-A Net1
10.0.0.0/24
Tenant-A Net2
9.0.0.0/24
TenantA-VM1
10.0.0.2
TenantA-VM2
10.0.0.3 9.0.0.3
TenantA-VM3
10.0.0.2
38. Quantum API Abstractions : Network
• Layer 2 Broadcast domain
• It is the main entity : Subnets and Ports
associated with a Network
• Identified by a uuid
• Always associated with a tenant
• No of networks which can be created by a
tenant is configurable
39. Quantum API Abstractions : Subnet
• An IP Address block from which IP Addresses
are assigned
• Always associated with a CIDR
• Subnet is always associated with a Network
• Can also optionally have a gateway, a list of
dns name servers, and host routes
40. Quantum API Abstractions : Port
• Virtual Switch Port attached to a Virtual
Switch
• Associated with a mac address and an IP
Address
• Port is Associated with a Subnet
44. Quantum Principles
• Implementation Abstraction : Networking
implementation at Physical level is abstracted
• Association of an Interface with a Network is
an explicit step
• Plugins can expose extensions from the core
APIs
45. Plugin Architecture
• Allows Network/Port abstraction with multiple
implementations
– Process All API Calls and pass them to the
underlying Physical Layer
– Manage Virtual Switches – Triggered by Nova
interfaces being attached to a network