Short refresh on OpenStack architecture and services

turned-on MacBook Pro wit programming codes displayWhile OpenStack is already a well-known and proven private cloud solution, there will always be some questions about the architecture and the components. So, to help you find your way with OpenStack, we have summarized some of the often used components for you in this blog.

The various OpenStack community projects and the services they implement are modular in nature and generally capable of being used independently. They are intended to knit together into a net capability greater than the sum of the individual parts. The architectural components of a typical OpenStack infrastructure can look like this:

No alt text provided for this image

What are the key components of OpenStack?

This OpenStack infrastructure consists of multiple software components with a modular architecture and various code names. Let’s have a brief look at some core components of OpenStack.

Horizon, the user GUI in OpenStack.

Horizon Deshboard

Nova, chief computing engine to handle multiple virtual machines and computing tasks. OpenStack enables enterprises and service providers to offer on-demand computing resources, by provisioning and managing large networks of virtual machines. Compute resources are accessible via APIs for developers building cloud applications and through web interfaces for administrators and users. The compute architecture is designed to scale horizontally on standard hardware. OpenStack Compute is architected to avoid inherent proprietary hardware or software requirements and the ability to integrate with existing systems and third-party technologies. It is designed to manage and automate pools of compute resources and can work with widely available virtualization technologies, as well as bare metal and high-performance computing configurations.

Neutron ensures efficient connectivity between components during deployment. OpenStack Networking is a pluggable, scalable and API-driven system for managing networks and IP addresses. Like other aspects of the cloud operating system, it can be used by administrators and users to increase the value of existing data center assets. OpenStack Networking ensures the network is not the bottleneck or limiting factor in a cloud deployment and provides users self-service over their own network configurations. The pluggable backend architecture lets users take advantage of basic commodity gear or advanced networking services from supported vendors. Administrators can take advantage of software-defined networking (SDN) technology like OpenFlow to allow high levels of multi-tenancy and massive scale. OpenStack Networking has an extension framework allowing additional network services, such as intrusion detection systems (IDS), load balancing, firewalls and virtual private networks (VPN) to be deployed and managed.

Keystone, a central identity list of all OpenStack cloud users and provides various mapping techniques to access methods against Keystone. OpenStack Identity provides a central directory of users mapped to the OpenStack services they can access. It acts as a common authentication system across the cloud operating system and can integrate with existing backend directory services (for example, LDAP). It supports multiple forms of authentication including standard user name and password credentials, token-based systems and AWS-style logins. Additionally, the catalog provides a list of all of the services deployed in an OpenStack cloud in that can be queried in a single registry. Users and third-party tools can programmatically determine which resources they can access. OpenStack Identity enables:

  • Configuration of centralized policies across users and systems.
  • Creation of users and tenants and define permissions for compute, storage and networking resources through the use of role-based access control (RBAC) features.
  • Integration with existing directories, allowing for a single source of identity authentication.
  • As a user, get a list of the services that you can access and make API requests or log into the web dashboard to create resources owned by your account.
  • Tenant is a group of users and an alternative term for project where projects are organizational units in cloud processing.
  • Role is the position to which a user is mapped (the authorization level). Roles are usually assigned to project-user duos.

Glance, image service provider where images are the virtual copies of hard disks. The OpenStack Image Service provides discovery, registration and delivery services for disk and server images. The ability to copy or snapshot a server image and immediately store it away is a powerful capability of the OpenStack cloud operating system. Stored images can be used as a template to get new servers up and running quickly and more consistently if you are provisioning multiple servers than installing a server operating system and individually configuring additional services. It can also be used to store and catalog an unlimited number of backups. The Image Service can store disk and server images in a variety of back-ends, including through NFS and Object Storage. The Image Service API provides a standard REST interface for querying information about disk images and lets clients stream the images to new servers. A multiformat image registry allowing uploads of private and public images in a variety of formats.

Ceilometer, component providing billings services and other telemetry services to cloud users. OpenStack Telemetry provides common infrastructure to collect usage and performance measurements within an OpenStack cloud. Its primary initial targets are monitoring and metering, but the framework is expandable to collect data for other needs.

Heat (Orchestration Engine), allows developers to orchestrate/illustrate and store the cloud application requirements and resources needed in a file, thereby maintaining the cloud infrastructure. OpenStack Orchestration implements a service to orchestrate multiple composite cloud applications that use the Amazon Web Services (AWS) CloudFormation template format, through both an OpenStack-native and CloudFormation-compatible API. It is intended, in part, to facilitate movement of workloads from AWS to OpenStack deployments.

Ceph storage. Ceph provides the private cloud with object, block, and file system storage in a single unified storage cluster—making Ceph flexible, highly reliable and easy to manage. OpenStack supports all kind of storage solutions. Although OpenStack offers strong support and integration with existing hardware storage solutions, Ceph still is the way to go for most OpenStack users. You can find more information about the most used storage solutions in one of my previous blogs here: https://www.linkedin.com/pulse/fast-facts-statistics-openstack-michiel-manten

Within the storage layer the following types of storage can be find:

  • Object storage: to access binary objects through the REST API.
  • Block storage: offers access-to-block storage devices by affixing volumes their current VM instances.
  • Shared File System storage: provides a set of services to manage multiple files together for storage and exchange with multiple users at one time.

Our blogs and articles are here to help you, but just in case you do not have the desire, capacity or capability to take care of your OpenStack environment, we at Fairbanks have got our team of professionals ready to assist you in what you need. Feel free to contact us when you have questions.