22 March 2013
18 March 2013
Our technology - An overview
We are currenty working on Openstack software and we think that at minimum we have to describe our underlying technology and make a better approach with our future customers:
Overview
OpenStack is an Infrastructure as a Service offering. It is an Open Source project, founded by RackSpace, NASA and it can be deployed as a public or private cloud.
The OpenStack projects are: CINDER, GLANCE, KEYSTONE, NOVA, QUANTUM, SWIFT.
OpenStack Compute: (NOVA)
Project NOVA, or OpenStack Compute, provisions and manages on-demand virtual machines and associated resources (just like an VMware ESX or Hyper-V hypervisor):
- CPU
- Memory
- Disk
- Network.
Virtual machines can be started, stopped, suspended, created and deleted, while network options for a virtual machine are static, DHCP, or IPv6. The virtual machines run on hypervisors such as XEN or KVM, but others are supported too - even VMware ESXi!
Users and administrators use the GUI to request virtual machines. To ensure a certain security level, there are security groups, similar to AWS, to control access to virtual machines and RBAC to govern user access by role and project.
Storage
Object Storage (project SWIFT)
Object Storage is a distributed storage system for static data such as files (graphics, movies) and virtual machine images. Objects and files are written to multiple disk drives, while OpenStack is responsible for ensuring data replication and integrity. Storage scales horizontally by adding new servers. If a server or hard drive fails, OpenStack replicates its content from other active servers to new servers in the cluster. Since OpenStack uses software to ensure data replication and distribution across servers, inexpensive servers can be used rather than expensive storage hardware.
Block storage (project CINDER)
Block storage is essentially volumes used by OpenStack virtual machines. Snapshots back up data stored on block storage volumes. Snapshots can be restored or used to create a new block storage volume.
Network (project QUANTUM)
OpenStack provides networking models to accommodate different applications or users. Standard network models include flat networks or VLANs to separate servers and network traffic. OpenStack Networking manages IP addresses, to allocate static or DHCP addresses. Floating IP addresses allow traffic to be dynamically rerouted to any compute resource, for example to redirect traffic during maintenance or in the case of a failure. OpenStack Networking has an extension framework to add intrusion detection systems (IDS), load balancing, firewalls and virtual private networks (VPN) .
Shared Services
Identity services (project KEYSTONE)
OpenStack Identity provides a central repository of users mapped to the OpenStack services they can access. OpenStack identity is a common authentication system and integrates with existing back-end directory services such as LDAP. It supports several forms of authentication including username and password, tokens and AWS (Amazon Web Services)-type logins. The identity service also provides a list of deployed services that can be queried in the OpenStack cloud and users can determine their level of access.
Users and administrators use the GUI to request virtual machines. To ensure a certain security level, there are security groups, similar to AWS, to control access to virtual machines and RBAC to govern user access by role and project.
Storage
Object Storage (project SWIFT)
Object Storage is a distributed storage system for static data such as files (graphics, movies) and virtual machine images. Objects and files are written to multiple disk drives, while OpenStack is responsible for ensuring data replication and integrity. Storage scales horizontally by adding new servers. If a server or hard drive fails, OpenStack replicates its content from other active servers to new servers in the cluster. Since OpenStack uses software to ensure data replication and distribution across servers, inexpensive servers can be used rather than expensive storage hardware.
Block storage (project CINDER)
Block storage is essentially volumes used by OpenStack virtual machines. Snapshots back up data stored on block storage volumes. Snapshots can be restored or used to create a new block storage volume.
Network (project QUANTUM)
OpenStack provides networking models to accommodate different applications or users. Standard network models include flat networks or VLANs to separate servers and network traffic. OpenStack Networking manages IP addresses, to allocate static or DHCP addresses. Floating IP addresses allow traffic to be dynamically rerouted to any compute resource, for example to redirect traffic during maintenance or in the case of a failure. OpenStack Networking has an extension framework to add intrusion detection systems (IDS), load balancing, firewalls and virtual private networks (VPN) .
Shared Services
Identity services (project KEYSTONE)
OpenStack Identity provides a central repository of users mapped to the OpenStack services they can access. OpenStack identity is a common authentication system and integrates with existing back-end directory services such as LDAP. It supports several forms of authentication including username and password, tokens and AWS (Amazon Web Services)-type logins. The identity service also provides a list of deployed services that can be queried in the OpenStack cloud and users can determine their level of access.
OpenStack
OpenStack Administrators can:
Image services (Project GLANCE)
The OpenStack Image Service provides discovery, registration and delivery services for disk and server images. Saved images can be used as a template to get new virtual servers up and running (especially useful for multiple servers of the same type and configuration). It can also be used to store and catalog an unlimited number of backups.
The image service stores private and public images in a variety of formats:
- Configure centralized policies across users and systems
- Create users and tenants and define permissions for compute, storage and networking resources using role-based access control (RBAC)
- Integrate with an existing directory like LDAP, allowing for a single source of identity authentication across the cloud.
Image services (Project GLANCE)
The OpenStack Image Service provides discovery, registration and delivery services for disk and server images. Saved images can be used as a template to get new virtual servers up and running (especially useful for multiple servers of the same type and configuration). It can also be used to store and catalog an unlimited number of backups.
The image service stores private and public images in a variety of formats:
- AMI
- qcow2 (Qemu/KVM)
- OVF (Open Virtualization Format)
- RAW
- VDI (VirtualBox)
- VHD (Hyper-V)
- VMDK (VMWare)
06 March 2013
Current projects
Hi everyone,
We are currently working on OpenStack.org IaaS and performing test implementations.
Current configurations include from an All-in-one server installation to a segregated and scaled implementation of multi-node server setup.
The development of infrastructure includes integration of NAS, SAN storage, quantum network computing and Vyatta(r) router configurations to implement a fully integrated Cloud solution.
Now we are looking for some more test implementations; if you are interested please contact us at: besmirzanaj@gmail.com.
We are currently working on OpenStack.org IaaS and performing test implementations.
Current configurations include from an All-in-one server installation to a segregated and scaled implementation of multi-node server setup.
The development of infrastructure includes integration of NAS, SAN storage, quantum network computing and Vyatta(r) router configurations to implement a fully integrated Cloud solution.
Now we are looking for some more test implementations; if you are interested please contact us at: besmirzanaj@gmail.com.
Subscribe to:
Posts (Atom)
Creating a new LDAP server with FreeIPA and configure to allow vSphere authentication
Was setting up a new FreeIPA sever for my homelab and found out that the default configuration in FreeIPA does not allow you to use VMware v...
-
Was setting up a new FreeIPA sever for my homelab and found out that the default configuration in FreeIPA does not allow you to use VMware v...
-
Managing Foreman recently and got bored to configure it each time I set it up from scratch. This blog post will cover initial foreman instal...
-
From: ENISA. This guide wants to assist SMEs understand the security risks and opportunities they should take into account when procuring ...