Transcript - Technology.UG

AUTOMATING A
PRODUCTION READY
CLOUD PLATFORM
Dag Sonstebo
Vir tualisation
Technology
User Group
26/02/15
ABOUT ME
 Cloud and vir tualization technical architect with back ground in
the banking and ser vice provider industr y.
 Specialize and great interest in:
 Virtualisation - VMware vSphere, Citrix XenServer, KVM, Hyper -V.
 Cloud orchestration – vCloud, OpenStack, CloudStack.
 LinkedIn: https://www.linkedin.com/in/dagsonstebo
 Blog: https://dsonstebo.wordpress.com
 Github: https://github.com/dagsonstebo
 Contact: dag@for seti consulting.co.uk
 The small print…
 Any opinion or view expressed are my own and do not in any way reflect the
opinions or views of my present or previous employers or clients.
OVERVIEW
 Why consider private cloud?
 What are your options?
 CloudStack
 History
 What is it and how does work?
 Automation and builds:
 Zero touch hypervisor builds
 Automated CloudStack builds
 CloudStack demo
 Q&A
PRIVATE CLOUDS
 Why consider private / hybrid cloud options?
 Choices:
 Do nothing – stick with traditional IT:
 Danger of shadow IT.
 Lack of automation and orchestration means increased turnaround time.
 Going fully public comes at a cost:
 AWS: Windows t2.medum @ 2vCPU + 4GB RAM costs ~£500 / year
 RackSpace: General purpose Windows @ 4GB RAM costs ~£1000 / year
 Azure: A2 Windows @ 2vCPU + 3.5GB RAM costs ~£660 / year
 Building own private clouds gives the benefit of quick self service,
automation and multi-tenancy within your own data centre.
BUILDING YOUR OWN CLOUD
 What are your choices?





VMware vCloud
OpenStack
CloudStack
Microsoft
A long list of others:







Flexiant
Eucalyptus
Joyent
OpenNebula
Nimbus
Abiquo
Etc….
 Or – build your own……
CLOUDSTACK – A BACKGROUND
 Launched in May 2010 as Vmops, rebranded to Cloud.com.
 Acquired by Citrix in July 2011 . Donated to the Apache Sof tware
Foundation in April 201 2 and continue being developed as an open
source Apache Sof tware Foundation project on the Apache License v2.
 Citrix maintain their own commercial fork from the the open source
project, and have rebranded this Citrix CloudPlatform.
 Citrix also developed the proprietar y CloudPor tal Business Manager to
provide a commercial front end for automated provisioning, billing,
metering and user management.
 Ver sion at time of writing:
 Apache CloudStack 4.4.2 development version
 Apache CloudStack 4.3.2 production version.
 Citrix CloudPlatform 4.5.
CLOUDSTACK USERS
 The list is long… http://cloudstack.apache.org/users.html
WHAT ARE OUR BUILDING BLOCKS?
Cloud Components
Self service
front end
Cloud
orchestration:
Resource
management
back end
Hypervisor
backend
Storage:
hypervisor
storage and
object stores
Data center
network
Reporting /
billing /
chargeback
CLOUDSTACK – FEATURES
Features:
•User friendly web GUI to manage IaaS resources on demand
•Native API with optional compatibility with Amazon EC2 / S3 API
•Automatic management and orchestration of all hypervisor resources, storage and networking
•Full multi tenancy segregation
•User / domain / project management and accounting / billing
•Single management role (compared to OpenStack which need 8-10 service to deliver the same functionality)
Hypervisors:
•Citrix XenServer 5.x + 6.x as well as Xen Project
•VMware ESXi 5.0, 5.1, 5.5
•KVM
•W2K12 Hyper-V
•LXC (experimental)
•Bare metal
Storage:
•NFS
•iSCSI
•FC
•VMFS (vSphere)
•SMB/CIFS (Hyper-V)
CLOUDSTACK – FEATURES
Network segregation and SDN technologies:
•Basic L3 networks
•VLANs
•VXLANS
•Nicira NVP
•Midonet
•OVS – Open vSwitch
End user network offerings:
•Basic networking with security groups (similar to Amazon EC2), provides
guest isolation on L3 networks hosted on single flat L2 network.
•Advanced networking providing L2 tenant isolation using VLANs and SDN.
•Per client routing, DHCP, DNS, VPN, firewall, NAT, port forwarding, VPC
•Loadbalancer and firewall integration with physical F5 / Netscaler / Juniper
SRX
HIGH LEVEL CLOUDSTACK BUILDING
BLOCKS




CloudStack management server(s)
MySQL server(s)
Hypervisors
Storage:
 Primary storage for hypervisor clusters
 Secondary storage for ISOs, templates and snapshots.
 Networking:
 Physical data centre networking
 Logical traffic types across physical networks
CLOUDSTACK HIERARCHY
Clusters:
•XenServer pools
•ESXi clusters
•Sets of KVM hosts
•Hyper-V clusters
•Primary storage: NFS / iSCSI / FC SAN / SMB-CIFS
(Hyper-V) / VMFS (vSphere)
Pods:
•A rack or row of racks including one or more
clusters
Availability zones:
•Typically single data center or part of DC
•Contains one or more pods and zone wide
secondary storage
Regions:
•Collection of one or more AZ’s in close proximity
managed by one or more management servers
Image courtesy of Apache.org
CLOUDSTACK SYSTEM VMS
 Virtual routers:
 Handles routing for guest networks, routes between guest isolated
network and public network.
 DHCP and DNS
 VPN, firewall, NATing, and port forwarding
 Secondary storage VM:
 Handles export and import of templates, ISOs and snapshots
 Console proxy VM:
 Provides console access to guest VMs.
CLOUDSTACK NETWORKS
Physical networks:
• Basic zone networking
• Advanced zone networking
Traffic types (tags):
• Guest: isolated VLAN or SDN networks.
• Management traffic
• Public: internet or internal intranet.
• Storage
Connecting to private LAN networks
• Client networks can be connected directly to e.g. enterprise LAN
networks.
NETWORK OVERVIEW (ADVANCED ZONE)
BUILDING HYPERVISORS AND
APACHE CLOUDSTACK
 What we’ll cover:
 Automating hypervisor builds
 Automating CloudStack build
 Other things to consider:
 Storage
 Data centre networking and associated cost
 Hardware choice – branded vs. white label kit
AUTOMATING YOUR HYPERVISOR BUILD
 Why automate?




CD install ….
Fast and consistent builds.
Quick RTO in DR / BCM scenarios
Compensates for less technical teams with little time and bandwidth
 Zero touch builds – why?
 Minimal input to build cuts out error prone operations
 Advance preparation
 CMDB / inventory DB / source control CI integration
 Scripting for hypervisors:




XenServer: relatively easy to create scripted installs due to full bash shell
ESXi: tricky due to low functionality ash shell
KVM: Linux build
Hyper-V: SCCM
ZERO TOUCH BUILDS
 Prerequisites:
 PXE: DHCP + TFTP/FTP/HTTP infrastructure
 Fully dynamic build scripts
 Per host answer files
 How do you detect individual hosts?
 Known MAC addresses supplied by vendor prior to delivery allows for true
zero touch builds.
 PXE menu host selection allows for single touch builds.
 Puppet Razor was developed to do builds based on policies around
hardware detection.
 Some examples:
 https://github.com/dagsonstebo/Citrix-Xenserver-6.2-zero-touch-buildscripts
 https://github.com/dagsonstebo/VMware-ESXi-5.5-zero-touch-buildscripts
ZERO TOUCH BUILDS PROCESS
HOST ANSWER FILE EXAMPLE
################################
# General settings
CFG_HOSTNAME="xs62cn1 .mylab.local";
CFG_IP="192.168.0.30";
CFG_NETMASK="255.255.255.0";
CFG_DG="192.168.0.1";
CFG_DNS1="192.168.0.2";
CFG_DNS2="192.168.0.3";
CFG_SEARCHDOMAIN="mylab.local";
CFG_NTP1="ntp.cis.strath.ac.uk";
C F G _ PA S S W O R D = " P a s s w o r d 1 2 3 " ;
CFG_SERVERROLE="POOLMASTER";
CFG_POOLNAME="XS62Pool1";
CFG_POOLMASTER="192.168.0.30";
CFG_POOLMASTERPWD="Password123";
CFG_DOM0MEM="";
CFG_INITIALNIC="eth0";
CFG_EDITION="free";
CFG_LICENSESRV="";
CFG_LICENSEPORT="";
################################
# CloudStack example
CFG_NW1_NAME="cloud -private";
CFG_NW1_DESC="Cloud private network";
CFG_NW1_T YPE="bond";
CFG_NW1_NICA="eth0";
CFG_NW1_NICB="eth1";
CFG_NW1_BONDMODE="active -backup";
CFG_NW1_MTU="";
CFG_NW1_VLAN="0";
CFG_NW1_IF="none";
CFG_NW2_NAME="cloud-public";
CFG_NW2_DESC="Cloud public network";
CFG_NW2_T YPE="bond";
CFG_NW2_NICA="eth2";
CFG_NW2_NICB="eth3";
CFG_NW2_BONDMODE="active -backup";
CFG_NW2_MTU="";
CFG_NW2_VLAN="0";
CFG_NW2_IF="none";
CFG_NW2_IFIP="none";
……….
ZERO TOUCH BUILDS
CLOUDSTACK BUILD RECAP
 Hypervisors
 Storage:
 Primary storage for hypervisor clusters
 Secondary storage for ISOs, templates and snapshots.
 Networking:
 Physical data centre networking
 Logical traffic types across physical networks
 CloudStack management server(s)
 MySQL server(s)
INSTALLING CLOUDSTACK
 Install documentation:
 Apache documentation
http://docs.cloudstack.apache.org/projects/cloudstack installation/en/latest/installation.html
 Citrix documentation
http://support.citrix.com/proddocs/topic/cloudplatform/clst wrapper.html
 Manual builds are straight forward - Linux.
 Automated builds ensure quick repeatable install.
HIGH LEVEL BUILD STEPS
Management / MySQL server prerequisites:
•64-bit CentOS/RHEL 6.3+ or Ubuntu 12.04 preferred, 4 GB of memory, CPU cores
according to load, 250 GB of local disk minimum,500 GB recommended.
Configuration of RPM / DEB repositories.
Installation using yum / apt-get.
MySQL
•Can be installed on the same node as CloudStack management, or running separately.
•Configuration of CloudStack DB
Prepare the system VM template on secondary storage
INSTALLING CLOUDSTACK USING
ANSIBLE
 Using Ansible:
 https://github.com/dagsonstebo/CloudStack -Ansible-Playbook
 All CloudStack installation steps in one Ansible playbook:
 –tags=base: NTP, Selinux, CloudStack and EPEL yum repos
 –tags=mysql: all MySQL and DB installation and configuration steps
 –tags=csmanagement: installs and configures base CloudStack build
CLOUDSTACK CONFIGURATION
 Base install is now complete – but needs configuration:




Regions, zones, pods and clusters
Primary and secondary storage
Network model – including network segregation mechanism
Public, private and guest network IP ranges, as well as VLAN / SDN
ranges
 How?
 Manually through the CloudStack GUI
 Using CloudMonkey
 Or again using Ansible – the following utilises CloudMonkey under
the bonnet:
https://github.com/dagsonstebo/CloudStack -AnsiblePlaybook/blob/master/cloudmonkey.yml
COMPLETED CLOUDSTACK INSTALL AND
CONFIGURATION
CLOUDSTACK – NEXT STEPS
 Expansion to further regions, zones, pods and clusters
 Add portal:
 Commercial offerings, e.g. Citrix CloudPlatform Business manager
 or you write your own…
 Configure reporting and billing
 Increase resilience:
 Add additional management servers
 Configure MySQL master/slave or MySQL / Galera cluster
 Integrate hardware load balancers:
 Netscalers
 Juniper SRX
 F5
CLOUDSTACK DEMO
QUESTIONS
Q&A….
MORE INFORMATION
Apache CloudStack site:
http://docs.cloudstack.apache.org/en/master/
Citrix CloudPlatform:
http://www.citrix.com/products/cloudplatform/tech-info.html
My blog: https://dsonstebo.wordpress.com
My Github repo: https://github.com/dagsonstebo
Contact: [email protected]