Nova: Openstack Compute-as-a-service
-
Upload
pratik-bandarkar -
Category
Technology
-
view
737 -
download
1
Transcript of Nova: Openstack Compute-as-a-service
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Nova: Openstack Compute-as-a-service
Pratik [email protected] Hat Openstack and Ceph Meetup, Pune 28th November 2015
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ Agenda● What is NOVA ?
● NOVA architecture
● How instance are spawned in Openstack ?
● Interaction of nova with other openstack projects like neutron, glance and cinder.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ OpenStack Components:
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ What is NOVA ?
○ Nova is responsible for the life cycle management of instance.○ Nova is built on a shared-nothing, messaging-based
architecture.○ Supports multiple hypervisors (KVM, Xen, LXC, Hyper-V, ESX)○ Nova itself is not any virtualization software.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ NOVA components:
NOVA API
NOVA Conductor
NOVA Compute
NOVA ConsoleAuth
NOVA novncproxy
NOVA Scheduler
mes
sage
que
ue● Supported queueing backends: RabbitMQ, Qpid and ZeroMQ
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ NOVA API:
○ nova-api is responsible to provide an API for users and services to interact with NOVA
○ For ex. Spawning the instance from Horizon / NOVA CLI.
2015-11-03 09:23:40.831 30260 DEBUG nova.api.openstack.wsgi [req-9ef90fc4-4b74-410d-9d95-e60cbab2d4da 69425be5606c49738cdfb25cda921cf6 ae986eddd92746b2bf38faf60f64b28e - - -] Action: 'create', calling method: <bound method Controller.create of <nova.api.openstack.compute.servers.Controller object at 0x66b78d0>>, body: {"server": {"name": "pbandark", "imageRef": "ac6818ea-0a99-4949-8581-dff1f6441254", "flavorRef": "1", "max_count": 1, "min_count": 1, "networks": [{"uuid": "0264f5cf-f327-4760-b0e4-13843545bdec"}]}} _process_stack /usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py:780
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ NOVA Scheduler:○ Using Filters dispatches requests for new instance to the correct node.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ openstack-nova-compute:○ Acts as a compute agent. Interacts with the Hypervisor to launch/manage instances
and ensures that the state is maintained in the Compute database.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ openstack-nova-conductor: Provides database-access support for Compute nodes (thereby reducing security risks).
➢ openstack-nova-consoleauth: Handles console authentication.
➢ openstack-nova-novncproxy: Provides a VNC proxy for browsers (enabling VNC consoles to access virtual machines).
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Launch New Instance from Horizon
Flavor ?
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
What is flavor ?➢ Virtual hardware templates are called "flavors" in OpenStack, defining sizes for RAM, disk,
number of cores, and so on..
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Launch New Instance from Horizon
keypair ?
security group ?
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
What is keypair and security group ?
➢ Keypair: On standard cloud images of Linux operating systems like Ubuntu and Fedora SSH access is restricted to public key authentication. Instead of authenticating with a password you authenticate with a private key that corresponds to a public key that is installed on the instance.
➢ Security groups are sets of IP filter rules that are applied to an instance's networking. i.e. we can filter the network traffic which should allow/deny. For ex. Deny “ssh” access to any specific instance.They are project specific, and project members can edit the default rules for their group and add new rules sets. All projects have a "default" security group, which is applied to instances that have no other security group defined.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Launch New Instance from Horizon
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ Required details to boot instance:○ instance name○ glance image○ flavor ID○ network ID
➢ NOVA call to boot an instance:[root@dhcp209-220 ~]# nova boot --flavor 1 --image 2d946232-5773-48df-b8bb-7677f8b6e0fe --nic net-id=97bd405a-77e3-4ef8-836e-8ad1ddb3ee63 pratik_test_instance
➢ Various other operations can be performed by NOVA:○ nova resize○ nova migrate○ nova live-migration(shared storage/non-shared storage)○ nova host-evacuate○ nova rebuild○ nova suspend○ nova image-create○ nova reboot (hard/cold)
[...]
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
REQ: curl -i 'http://10.65.234.1:5000/v2.0/tokens' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "{SHA1}121c3faea23dd4467fc992f1b77f6eacf8587ed5"}}}'
➢ NOVA call for authentication with keystone:
○ It provides authentication token along with service catalog.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ Keystone response(token + service catalog) :
RESP BODY: {"access": {"token": {"issued_at": "2015-05-30T11:05:03.054462", "expires": "2015-05-30T12:05:03Z", "id": "{SHA1}7781e321bfbfbf909ae44027ef60cb92ccce8f2e", "tenant": {"enabled": true, "description": "admin tenant", "name": "admin", "id": "97787e34dc0d4f2b8fc04034eed3594c"},
"serviceCatalog": [{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "region": "RegionOne", "publicURL": "http://10.65.234.1:8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "internalURL": "http://10.65.234.1:8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "id": "42142cca01fd4bc382ac9f95c204e116"}], "type": "compute", "name": "nova"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:9696/", "region": "RegionOne", "publicURL": "http://10.65.234.1:9696/", "internalURL": "http://10.65.234.1:9696/", "id": "466354cac1094127ac0617cf75dd1494"}], "type": "network", "name": "neutron"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:9292", "region": "RegionOne", "publicURL": "http://10.65.234.1:9292", "internalURL": "http://10.65.234.1:9292", "id": "43c49fe7dd8f4315af848b48a53021c1"}], "type": "image", "name": "glance"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "region": "RegionOne", "publicURL": "http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "internalURL": "http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "id": "30ce33a6d05e4a80b8a0e22ada52abdb"}], "type": "volume", "name": "cinder"},[...]
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
➢ What can be different options to store instance disk ?i.e Backend for NOVA:○ Locally on the compute node○ NFS○ Distributed Storage (CEPH/Gluster)
_____________________________________________________________________________________[root@dhcp209-220 ~(keystone_admin)]# ls /var/lib/nova/instances/f79f233c-d8a6-44ca-9b3b-334752b9f2f3/console.log disk disk.info libvirt.xml
[root@dhcp209-220 ~(keystone_admin)]# qemu-img info diskimage: diskfile format: qcow2virtual size: 100.0G (107374182400 bytes)disk size: 2.5Mcluster_size: 65536backing file: /var/lib/nova/instances/_base/1c7dfed9069cbb5d99fe7ebfb8f45bbc5ab93585Format specific information:
compat: 1.1lazy refcounts: false
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Communication flow when you spawn new instance
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Horizon Keystone
Nova API Database
Nova Conductor
Nova Scheduler
NOVA Compute
‘A’
NOVA Compute
‘B’
NOVA Compute ‘C’
Glance Server
Cinder Server
Neutron Server
-openstack-glance-api-openstack-glance-registry
-openstack-cinder-api-openstack-cinder-scheduler-openstack-cinder-volume
-neutron-server-neutron-l3-agent-neutron-dhcp-agent
-l2 agent-openstack-nova-compute-neutron-openvswitch-agent
3. Sending API request
1. Authentication Request
2. Authentication ACK & validates if provided data is correct.
4. Update DB
7. Selects compute Host
5.
6.
8. Update DB
Update DB
9. Request f
or glance im
age
10.Glance Image download
11. create port(allocate MAC - IP)
12. Notify L2 agent
13. configure local VLAN, OVS flows
15. port up(RPC: Neutron to NOVA)
iscsi session
14. send port up notification (RPC: l2 agent to Neutron)16. instance booted.
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]
Nova/Cinder/Glance
librbd
librados
OSDs Monitors
Placement Groups
Communication flow with CEPH backend for Nova/Cinder/Glance
Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | [email protected]