Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud Platform Engineering 1 November 5 th, 2013 Brian Chong and Shane Gibson An Evaluation of OpenStack Deployment Frameworks.

Published byRoderick Berwick Modified over 10 years ago

Similar presentations

Presentation on theme: "Cloud Platform Engineering 1 November 5 th, 2013 Brian Chong and Shane Gibson An Evaluation of OpenStack Deployment Frameworks."— Presentation transcript:

1 Cloud Platform Engineering 1 November 5 th, 2013 Brian Chong and Shane Gibson An Evaluation of OpenStack Deployment Frameworks

2 Agenda About Symantec and Us What is Symantec Doing? Proof-of-Concept Tools Requirements Success Criteria Testing Plan and Design Provisioning Evaluation – Frameworks Tested – Things Not Tested – The Tools Tested – Testing OpenStack Summary Appendix Cloud Platform Engineering 2

3 3 What is Symantec doing?

4 About Symantec and Us About Symantec Making the world more secure… Enterprise system and data protection Norton branded consumer protection (not just Antivirus) Tackling the big problems… Pioneered the Big Data approach to malware detection Significant cloud presence (Norton, MessageLabs, OCSP, etc.) About Brian Chong Infrastructure Architect for our OpenStack efforts Security & Network Focused Interested in securing OpenStack at all tiers About Shane Gibson Infrastructure Architect for our OpenStack efforts Focused on the big picture from bare metal to full OpenStack clusters Interested in compute and object storage SYMC Confidential 4

5 What is Symantec Doing? We are building a consolidated cloud platform that provides infrastructure and platform services to host Symantec SaaS applications – An exciting greenfield opportunity to re-invent our cloud infrastructure with strong executive leadership support – Building a global team in the US, Europe, and Asia of top-notch, open source minded engineers in the areas of cloud and big data Our development model is to use open source components as building blocks – Identify capability gaps and contribute back to the community We have selected OpenStack as one of the underlying infrastructure services layer We plan to analyze and improve the overall security posture of OpenStack components We are starting small, but will scale to thousands of nodes across multiple data centers Questions? Our contact details are in the Appendix! Cloud Platform Engineering 5

6 6 Proof-of-Concept Tools Requirements

7 Capabilities – Bare metal provisioning and lifecycle management – Hardware/Environment Pre-Install Check – Installation/ Post-Install Check – Step Based Notification/Logging Resilience – High Availability – Multi-Data Center Management – Multi-Zone (inter-DC, inter-region, etc.) Management Complexity – Ability to manage complex configurations – Network, Hardware, High Availability, OpenStack configuration Cloud Platform Engineering 7

8 8 Success Criteria

9 OpenStack running in our datacenter; on our hardware From bare metal to OpenStack running Add/Delete/Modify OpenStack cluster members Implementation with multi-network configuration As few manual steps as possible (automated installation) Ability to drive implementation via API Completely documented steps to re-replicate – Our staff must be able to reproduce an install on additional clusters OpenStack configuration validated via tests – Configuration/management via Horizon dashboard (smoke test) – Configuration/management via CLI API calls (in-house test harness) – Tempest tests run against installed configuration Cloud Platform Engineering 9

10 10 Testing Plan and Design

11 Cloud Platform Engineering 11 Provisioning Evaluation: Network Architecture Yes, thank you – we know these are not valid IP addresses. IP and VLAN scheme for demonstrations purposes only. Blah, blah blah.

12 Cloud Platform Engineering 12 Provisioning Evaluation: OpenStack Overview

13 Cloud Platform Engineering 13 Provisioning Evaluation

14 Results of Symantecs testing are based on features available during the test phase All tool chains are going through rapid development Many new features and capabilities have been implemented since Summer 2013 testing Sort of like OpenStack … Cloud Platform Engineering 14

15 Provisioning Evaluation: Frameworks Tested Cloud Platform Engineering 15 Fuel Web – ver 3.0.1 Primarily open source integrated tools Puppet for DevOps Crowbar – ver 1.6 Glues together Chef recipes Strong integration with Dell hardware MaaS/JuJu – ver 1.2/0.7 MaaS (Metal as a Service) provisioning JuJu Charms for deployment Foreman – ver 1.2.0 Uses Puppet for DevOps Strong enterprise features Rackspace Priv. Cloud – ver 4.1.0 OpenStack only Strong leader in OpenStack

16 Provisioning Evaluation: Things Not Tested Cobbler – pure imaging/boot system Ironic – OpenStack bare metal provisioning (still in incubation) Razor – pure imaging/boot system, young project, great potential COI – Cisco OpenStack Installer (puppet/cobbler tool) FAI – around a long time OpenQRM –strong HA design Cloudboot – boot/install from cloud resources Spacewalk – Red Hat/EL centric FogProject – more cloning than boot control Kickstart – general Red Hat/EL specific boot/install etc… Cloud Platform Engineering 16

17 Provisioning Evaluation: Fuel Web ver 3.0.1 Architecture – Combines many Open Source projects – Uses PostgreSQL internally – Automation workflow via syslog messages OpenStack Topology – Nova Compute, Nova Networking, Cinder, Horizon, Keystone, Glance – Swift all-in-one built by hand Comment – Fuel Web and Fuel CLI are now combined products – New Fuel product supports OpenStack HA deployments via Web UI Cloud Platform Engineering 17

18 Provisioning Evaluation: MaaS/JuJu ver 1.2/0.7 Architecture – MaaS has strong distributed model (regional capabilities) – JuJu Charms for deploying code OpenStack Topology – Nova Compute, Nova Networking, Cinder, Horizon, Keystone, Glance – Swift all-in-one built by hand Comment – Required 10 nodes minimum for successful clean deployment – MaaS deployments were excellent – Strong debugging capabilities in JuJu – Charms deployment of OpenStack needs work Cloud Platform Engineering 18

19 Provisioning Evaluation: Crowbar ver 1.6 Architecture – Tightly integrated with local Chef server, uses Crowbar databags for Chef recipes – Strong integration with Dell hardware (but not exclusively so) Server BIOS/Firmware settings and RAID configurations OpenStack Topology – Nova Compute, Neutron Networking, Cinder, Horizon, Keystone, Glance, Swift Comment – Good level of features bubbled up to UI of OpenStack parameters – Very fast time to full OpenStack cluster implementation out of the box – Crowbar 2 separates DevOps from framework, future support for other DevOps tools, implements large scale cluster builds with High Availability Symantec Cloud Platform Engineering 19

20 Provisioning Evaluation: Foreman ver 1.2.0 Architecture – Strong distributed model (via smart proxies) – Uses Puppet for OpenStack deployment OpenStack Topology – Nova Compute, Neutron Networking, Cinder, Horizon, Keystone, Glance, Swift Comment – Requires customization to build deployment framework – Well supported in community for deployment implementations – Integrates with Puppet (as ENC), and Rundeck Cloud Platform Engineering 20

21 Provisioning Evaluation: Rackspace Priv Cloud ver 4.1.0 Architecture – Implemented via Chef recipes – Requires provisioned host OS for deployment OpenStack Topology – Nova Compute, Nova Networking, Cinder, Horizon, Keystone, Glance, Swift Comment – Recommended install uses Nova Networking L3 agent in Neutron single point of failure – Did implement Neutron networking as well Cloud Platform Engineering 21

22 Provisioning Evaluation: The Results Cloud Platform Engineering 22 Tool TTC *Capabilities ResiliencyComplexityVersion Crowbarver 1.6 Fuel Webver 3.0.1 Rackspace P.C. N/A ver 4.1.0 MaaS/JuJuver 1.2/0.7 Foremanver 1.2.0 good support meets requirements minimum requirements missing features * TTC = time-to-cluster, the time it took deployment to be customized, documented, and repeated by Symantec staff bare metal prov. HW checks notification/logging deploy tool HA multi DC multi zone OpenStack HA hardware/BIOS/RAID physical networks OpenStack tuning

23 Cloud Platform Engineering 23 Testing OpenStack

24 – Nova Create & Manage Virtual Machines Create & Manage Direct Connection Networks Create & Manage Security and Availability Groups – Glance Manage and Deploy OS Images Boot from Volume – Neutron Create & Manage Virtual L2/L3 Networks, Routers and Switches Create and Manage Security Groups – Cinder Create & Manage Block Volumes Back Up & Restore Block Volumes Boot VMs from Volume w/ Glance Cloud Platform Engineering 24 – Keystone Create & Manage Projects Create & Manage Users Create & Manage RBAC for both Projects & Users Manage Security access between services – Swift Create Projects specifically to Swift Create & Manage Objects

25 Cloud Platform Engineering 25 Summary

26 Capabilities discussed are from the specific product we tested Different versions of the product supports different features – Eg. Fuel Web versus Fuel CLI Vendors are rapidly improving their products – Current feature sets of products have evolved significantly since test All vendors were strongly interested in feedback for product improvements Check features of each vendors deployment in depth before choosing a tool Test as many different deployment tools as you can!! Cloud Platform Engineering 26

27 Cloud Platform Engineering 27 Appendix

28 whatreferencepresentation QR code Symantec, Corp.http://www.symantec.com/ Brian Chongbrian_chong@symantec.com Shane Gibsonshane_gibson@symantec.com Appendix tool vendor support version tested current version *website CrowbarDell1.6 http://crowbar.github.com/ Fuel WebMirantis3.0.13.2 http://fuel.mirantis.com/ RPCRackspace4.1.04.1.2 http://www.rackspace.com/cloud/private/ ForemanRedhat1.2.01.3.0 http://theforeman.org/ MaaS/JuJuCanonicalver 1.2/0.71.6/1.16.0 http://www.ubuntu.com/cloud/ Cloud Platform Engineering 28 As of October 26, 2013

Download ppt "Cloud Platform Engineering 1 November 5 th, 2013 Brian Chong and Shane Gibson An Evaluation of OpenStack Deployment Frameworks."

Similar presentations

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.
VCS 5.0 for VMware ESX.

VCS 5.0 for VMware ESX.
Network Monitoring System In CSTNET Long Chun China Science & Technology Network.

Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
Configuration management

Configuration management
Virtualization & Disaster Recovery

Virtualization & Disaster Recovery
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.

1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.
Testing Workflow Purpose

Testing Workflow Purpose
The Platform as a Service Model for Networking Eric Keller, Jennifer Rexford Princeton University INM/WREN 2010.

The Platform as a Service Model for Networking Eric Keller, Jennifer Rexford Princeton University INM/WREN 2010.
ABC Technology Project

ABC Technology Project
INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.

INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.
© Copyright 2009 IMS Global Learning Consortium All Rights Reserved. 1 Building the Standards for Learning Functionality Mashup IMS Learning Tool Interoperability.

© Copyright 2009 IMS Global Learning Consortium All Rights Reserved. 1 Building the Standards for Learning Functionality Mashup IMS Learning Tool Interoperability.
1 Cloud Services Professionals ReadySpace IDA Cloud Computing Call 6.

1 Cloud Services Professionals ReadySpace IDA Cloud Computing Call 6.
© 2005 AT&T, All Rights Reserved. 11 July 2005 AT&T Enhanced VPN Services Performance Reporting and Web Tools Presenter : Sam Levine-866-624-2008 x111.

© 2005 AT&T, All Rights Reserved. 11 July 2005 AT&T Enhanced VPN Services Performance Reporting and Web Tools Presenter : Sam Levine x111.
Vasinee Siripoonya Kasidit Chanchio

Vasinee Siripoonya Kasidit Chanchio
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Introduction to Computer Administration Introduction.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Introduction to Computer Administration Introduction.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
25 seconds left…...

25 seconds left…...
What’s New in WatchGuard Dimension v1.2

What’s New in WatchGuard Dimension v1.2
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.

VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.

Similar presentations

Ads by Google