Presentation is loading. Please wait.

Presentation is loading. Please wait.

CERN Cloud Infrastructure Report 2 Arne Wiebalck for the CERN Cloud Team HEPiX Autumn Meeting Lincoln, Nebraska, U.S. Oct 17, 2014 Arne Wiebalck: CERN.

Published byCassandra Williamson Modified over 9 years ago

Similar presentations

Presentation on theme: "CERN Cloud Infrastructure Report 2 Arne Wiebalck for the CERN Cloud Team HEPiX Autumn Meeting Lincoln, Nebraska, U.S. Oct 17, 2014 Arne Wiebalck: CERN."— Presentation transcript:

1

2 CERN Cloud Infrastructure Report 2 Arne Wiebalck for the CERN Cloud Team HEPiX Autumn Meeting Lincoln, Nebraska, U.S. Oct 17, 2014 Arne Wiebalck: CERN Cloud Infrastructure Report Numbers Operations Issues WIP

3 CERN Cloud Recap CERN Cloud Service one of the three major components in IT’s AI project - Policy: Servers in CERN IT shall be virtual Based on OpenStack - Production service since July 2013 - Performed two rolling upgrades since, now on “Icehouse” - Nova, Glance, Keystone, Horizon, Cinder, Ceilometer 3Arne Wiebalck: CERN Cloud Infrastructure Report

4 CERN Cloud in Numbers (1) 3’000 hypervisors at the moment - Vast majority qemu/kvm on SLC6 (~100 Hyper-V hosts) - 550 HVs at Wigner in Hungary (so far only for the batch service) - 220 HVs on critical power (currently being deployed) - 2’000 HVs used by batch, rest shared by users, services, experiments - Additional 2’250 hypervisors will be added early 2015 8’000 VMs - Batch: 2’000 64k Cores 128 TB RAM 4Arne Wiebalck: CERN Cloud Infrastructure Report

5 CERN Cloud in Numbers (2) 1’100 images/snapshots - Backed by Ceph - Finger trouble led to loss of 246 images (44 restored from caches) 600 volumes - Backed by Ceph - Increasingly popular with users: Space, Tunable IOPS, Attach/Detach 700 active projects - Personal and shared 5Arne Wiebalck: CERN Cloud Infrastructure Report

6 Operations: Cells Relying on “cell” feature - Structures our deployment - Needed for scale-out - 7 cells, size range: 4 … 1500 nodes - Inter-cell consistency Top level controllers - Run multiple components - Currently being split to allow for easier per-component scale-out and independent upgrades H/W allocation non-trivial - Shared vs. dedicated - Physical location - Critical power - Hardware models: (10)GbE, SSDs, different generations … 6Arne Wiebalck: CERN Cloud Infrastructure Report

7 Operations: Updates Rolling upgrade to ‘Icehouse’ just finished! - Patches needed to be ported, mostly for Nova - Careful testing of each component, non-trivial e.g. for Nova - Risk-management: Sequential, component-wise updates - Service incidents - Shift of priorities, e.g. allocation of new resources Juno on RDO RHEL6? Not planned at the moment … - In touch with the community to see what can be done - CERN CentOS 7 in testing already 7Arne Wiebalck: CERN Cloud Infrastructure Report

8 Operations: Consultancy “I cannot use virtual servers for my service.” - Most worries around VM IO performance - Explain service offering, suggest tests, tune - See my talk on the “lxplus problem” later Requests for special flavors - Bigger disks, more RAM per core, a lot of RAM - Make VM packing a hard problem Requests for special services - Virtualization service vs Cloud service misunderstanding - Not everything that is technically doable should be done 8 “Users learn how to use the service while we learn how to run it.” Arne Wiebalck: CERN Cloud Infrastructure Report

9 Before we come to some issues … 9Arne Wiebalck: CERN Cloud Infrastructure Report OpenStack is a solid cloud management product. The CERN Cloud is a stable production service. No VMs were harmed during any of the following incidents!

10 Issues: Rabbit Standard problem: unconsumed messages Compute node stops acting Watcher logic now in place Has been improved with recent upgrades Incident spread over several days: Problem on Hadoop cluster Rabbit kept data in memory Flushed to disk at some point Filled up disks (but stopped “in time”) Something else filled the disk Rabbit crashed, restart did not bring back queues Restart of the whole service Queues found corrupted, queues needed deletion Restart of (all) OpenStack services eventually … Messaging (so far) was a time-consuming component. 10Arne Wiebalck: CERN Cloud Infrastructure Report

11 Issues: smartd vs. mdadm Symptom: VMs spend large fraction in IOwait - Hypervisor seemed more or less OK 11 - Started during weekend … - Various VMs affected … - Not at the same hour … - Not on all machines … - Regular SMART tests introduced some days before! (spread out over the day) - Mdadm scrubs starts by default on Sunday night at 1 am! - Both at the same time plus multiple VMs on the HV break things … CPU Utilization on an ATLAS PanDa VM during the incident Arne Wiebalck: CERN Cloud Infrastructure Report

12 Issues: Unsolved so far … Spontaneous VM shutdowns - For OpenStack, these look like normal shutdowns Unkillable libvirtd processes - In state ‘R’ qemu/kvm crashes of two-volume VMs - No usable dump yet ksmd creating high load - Long standing or new issue? … 12Arne Wiebalck: CERN Cloud Infrastructure Report

13 WIP: External Authentication (1) User requirements Secure way to authenticate (Kerberos, X.509) Enable federated use-cases (SSO) Service requirements Only available on Keystone API v3 Backwards compatible and transparent to end-users - Client only supports one API version in the Cloud Community based Working actively on a solution Involves several projects (CLIs and services) 13Arne Wiebalck: CERN Cloud Infrastructure Report

14 WIP: External Authentication (2) CERN Release planned for end of Oct 2014 - Close to upcoming community solution 14 v2 v3 Kerberos X.509 SSO basic load balancer catalog Arne Wiebalck: CERN Cloud Infrastructure Report

15 WIP: Cloud Federation 1 15 Use several clouds with a federated identity - E.g.: combine resources of CERN IT’s private cloud with experiments’ clouds in the pit - Authentication done only against one IdP selected from a set Arne Wiebalck: CERN Cloud Infrastructure Report

16 WIP: Cloud Federation 2 16 OpenStack support for identity federation - Available with Icehouse - OpenStack Identity Service (Keystone) acts as a Service Provider mapping SAML assertions to roles - Support for SAML2 (OpenID and ABFAB to come) Cloud federation status at CERN - Collaboration with Rackspace - Successfully tested with INFN’s IdP - CERN to join EduGAIN federation, providing cloud resources to other federation members Outlook - Native Web SSO support - Inter cloud image sharing, Inter cloud SDNs Arne Wiebalck: CERN Cloud Infrastructure Report

17 WIP: Orchestration with Heat (1) 17 Heat provides a mechanism for orchestrating OpenStack resources through templates - Analogous to AWS cloud formation Auto-scaling feature is main plus Arne Wiebalck: CERN Cloud Infrastructure Report

18 WIP: Heat HOT template example 18Arne Wiebalck: CERN Cloud Infrastructure Report … cpu_alarm_high: type: OS::Ceilometer::Alarm properties: description: Scale-up if the average CPU > 50% for 1 minute meter_name: cpu_util statistic: avg period: 60 evaluation_periods: 1 threshold: 50 alarm_actions: - {get_attr: [web_server_scaleup_policy, alarm_url]} matching_metadata: {'metadata.user_metadata.stack': {get_param: "OS::stack_id"}} comparison_operator: gt … web_server_scaleup_policy: type: OS::Heat::ScalingPolicy properties: adjustment_type: change_in_capacity auto_scaling_group_id: {get_resource: web_server_group} cooldown: 60 scaling_adjustment: 1 …

19 WIP: Orchestration with Heat (2) 19 Current Status - Heat test environment connected to production infrastructure available only for Cloud team - Missing features (auto-scaling, load balancers) due to identity constraints Deployment Plan - OpenStack Juno release will enable multiple identity drivers for different domains (LDAP, SQL) Arne Wiebalck: CERN Cloud Infrastructure Report

20 Summary 20 Cloud service at CERN still growing rapidly - +6’000 VMs in the past year - We will double the capacity in the next 6 months We’re exploring options to address user expectations and requests - Performance of physical hardware is expected - Cloud-style of running services Clearly a learning process for users and operations team Arne Wiebalck: CERN Cloud Infrastructure Report

21 21 Questions? Arne Wiebalck: CERN Cloud Infrastructure Report

Download ppt "CERN Cloud Infrastructure Report 2 Arne Wiebalck for the CERN Cloud Team HEPiX Autumn Meeting Lincoln, Nebraska, U.S. Oct 17, 2014 Arne Wiebalck: CERN."

Similar presentations

OpenStack Open Source Cloud Software. OpenStack: The Mission To produce the ubiquitous Open Source cloud computing platform that will meet the needs.

OpenStack Open Source Cloud Software. OpenStack: The Mission "To produce the ubiquitous Open Source cloud computing platform that will meet the needs.
Profit from the cloud TM Parallels Dynamic Infrastructure AndOpenStack.

Profit from the cloud TM Parallels Dynamic Infrastructure AndOpenStack.
11 HDS TECHNOLOGY DEMONSTRATION Steve Sonnenberg May 12, 2014 © Hitachi Data Systems Corporation 2014. All Rights Reserved.

11 HDS TECHNOLOGY DEMONSTRATION Steve Sonnenberg May 12, 2014 © Hitachi Data Systems Corporation All Rights Reserved.
Apache CloudStack Evolution Proposal Alex Huang Software Architect, Citrix Systems.

Apache CloudStack Evolution Proposal Alex Huang Software Architect, Citrix Systems.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.
1 © Copyright 2010 EMC Corporation. All rights reserved. EMC RecoverPoint/Cluster Enabler for Microsoft Failover Cluster.

1 © Copyright 2010 EMC Corporation. All rights reserved. EMC RecoverPoint/Cluster Enabler for Microsoft Failover Cluster.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
24 February 2015 Ryota Mibu, NEC

24 February 2015 Ryota Mibu, NEC
1© Copyright 2011 EMC Corporation. All rights reserved. EMC RECOVERPOINT/ CLUSTER ENABLER FOR MICROSOFT FAILOVER CLUSTER.

1© Copyright 2011 EMC Corporation. All rights reserved. EMC RECOVERPOINT/ CLUSTER ENABLER FOR MICROSOFT FAILOVER CLUSTER.
Next Generation of Apache Hadoop MapReduce Arun C. Murthy - Hortonworks Founder and Architect Formerly Architect, MapReduce.

Next Generation of Apache Hadoop MapReduce Arun C. Murthy - Hortonworks Founder and Architect Formerly Architect, MapReduce.
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Next generation of virtual infrastructure with Hyper-V Michal Kwiatek, Juraj Sucik, Rafal.

CERN IT Department CH-1211 Genève 23 Switzerland t Next generation of virtual infrastructure with Hyper-V Michal Kwiatek, Juraj Sucik, Rafal.
CERN Cloud Infrastructure Report 2 Bruno Bompastor for the CERN Cloud Team HEPiX Spring 2015 Oxford University, UK Bruno Bompastor: CERN Cloud Report.

CERN Cloud Infrastructure Report 2 Bruno Bompastor for the CERN Cloud Team HEPiX Spring 2015 Oxford University, UK Bruno Bompastor: CERN Cloud Report.
Cloud Computing Why is it called the cloud?.

Cloud Computing Why is it called the cloud?.
Virtualization and Cloud Computing Research at Vasabilab Kasidit Chanchio Vasabilab Dept of Computer Science, Faculty of Science and Technology, Thammasat.

Virtualization and Cloud Computing Research at Vasabilab Kasidit Chanchio Vasabilab Dept of Computer Science, Faculty of Science and Technology, Thammasat.
Opensource for Cloud Deployments – Risk – Reward – Reality

Opensource for Cloud Deployments – Risk – Reward – Reality
Components of Windows Azure - more detail. Windows Azure Components Windows Azure PaaS ApplicationsWindows Azure Service Model Runtimes.NET 3.5/4, ASP.NET,

Components of Windows Azure - more detail. Windows Azure Components Windows Azure PaaS ApplicationsWindows Azure Service Model Runtimes.NET 3.5/4, ASP.NET,
Status of WLCG Tier-0 Maite Barroso, CERN-IT With input from T0 service managers Grid Deployment Board 9 April 2014 9-Apr-2014 Maite Barroso Lopez (at)

Status of WLCG Tier-0 Maite Barroso, CERN-IT With input from T0 service managers Grid Deployment Board 9 April Apr-2014 Maite Barroso Lopez (at)
Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.

Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.
Appendix B Planning a Virtualization Strategy for Exchange Server 2010.

Appendix B Planning a Virtualization Strategy for Exchange Server 2010.

Similar presentations

Ads by Google