OpenStack Architecture

Introduction

OpenStack is an open-standard and free platform for cloud computing. Mostly, it is deployed as IaaS (Infrastructure-as-a-Service) in both private and public clouds where various virtual servers and other types of resources are available for users. This platform combines irrelated components that networking resources, storage resources, multi-vendor hardware processing tools, and control diverse throughout the data center. Various users manage it by the command-line tools, RESTful web services, and web-based dashboard.

In 2010, OpenStack began as the joint project of NASA and Rackspace Hosting. It was handled by the OpenStack Foundation which is a non-profit collective entity developed in 2012 September for promoting the OpenStack community and software. 50+ enterprises have joined this project.

Architecture of OpenStack

OpenStack contains a modular architecture along with several code names for the components.

OpenStack Architecture

Nova (Compute)

Nova is a project of OpenStack that facilitates a way for provisioning compute instances. Nova supports building bare-metal servers, virtual machines. It has narrow support for various system containers. It executes as a daemon set on the existing Linux server's top for providing that service.

This component is specified in Python. It uses several external libraries of Python such as SQL toolkit and object-relational mapper (SQLAlchemy), AMQP messaging framework (Kombu), and concurrent networking libraries (Eventlet). Nova is created to be scalable horizontally. We procure many servers and install configured services identically, instead of switching to any large server.

Because of its boundless integration into organization-level infrastructure, particularly Nova performance, and general performance of monitoring OpenStack, scaling facility has become a progressively important issue.

Managing end-to-end performance needs tracking metrics through Swift, Cinder, Neutron, Keystone, Nova, and various other types of services. Additionally, analyzing RabbitMQ which is applied by the services of OpenStack for massage transferring. Each of these services produces their log files. It must be analyzed especially within the organization-level infrastructure.

Neutron (Networking)

Neutron can be defined as a project of OpenStack. It gives "network connectivity as a service" facility between various interface devices (such as vNICs) that are handled by some other types of OpenStack services (such as Nova). It operates the Networking API of OpenStack.

It handles every networking facet for VNI (Virtual Networking Infrastructure) and various authorization layer factors of PNI (Physical Networking Infrastructure) in an OpenStack platform. OpenStack networking allows projects to build advanced topologies of the virtual network. It can include some of the services like VPN (Virtual Private Network) and a firewall.

Neutron permits dedicated static DHCP or IP addresses. It permits Floating IP addresses to enable the traffic to be rerouted.

Users can apply SDN (Software-Defined Networking) technologies such as OpenFlow for supporting scale and multi-tenancy. OpenStack networking could manage and deploy additional services of a network such as VPN (Virtual Private Network), firewalls, load balancing, and IDS (Intrusion Detection System).

Cinder (Block Storage)

Cinder is a service of OpenStack block storage that is used to provide volumes to Nova VMs, containers, ironic bare-metal hosts, and more. A few objectives of cinder are as follows:

  • Open-standard: It is any reference implementation for the community-driven APIs.
  • Recoverable: Failures must be not complex to rectify, debug, and diagnose.
  • Fault-Tolerant: Separated processes ignore cascading failures.
  • Highly available: Can scale to serious workloads.
  • Component-based architecture: Include new behaviors quickly.

Cinder volumes facilitate persistent storage for guest VMs which are called instances. These are handled by OpenStack compute software. Also, cinder can be used separately from other services of OpenStack as software-defined stand-alone storage. This block storage system handles detaching, attaching, replication, creation, and snapshot management of many block devices to the servers.

Keystone (Identity)

Keystone is a service of OpenStack that offers shared multi-tenant authorization, service discovery, and API client authentication by implementing Identity API of OpenStack. Commonly, it is an authentication system around the cloud OS. Keystone could integrate with various directory services such as LDAP. It also supports standard password and username credentials, Amazon Web Services (AWS) style, and token-based systems logins. The catalog of keystone service permits API clients for navigating and discovering various cloud services dynamically.

Glance (Image)

The glance service (image) project offers a service in which users can discover and upload data assets. These assets are defined to be applied to many other services. Currently, it includes metadata and image definitions.

Images

Image glance services include retrieving, registering, and discovering VM (virtual machine) images. Glance contains the RESTful API which permits querying of virtual machine metadata and retrieval of an actual image as well. Virtual machine images are available because Glance could be stored inside a lot of locations through common filesystems to various object-storage systems such as the OpenStack Swift project.

Metadata Definitions

Image hosts a metadefs catalog. It facilitates an OpenStack community along with a path to determine several metadata valid values and key names that could be used for OpenStack resources.

Swift (Object Storage)

Swift is an eventually consistent and distributed blob/object-store. The object store project of OpenStack is called Swift and it provides software for cloud storage so that we can retrieve and store a large amount of data along with a general API. It is created for scale and upgraded for concurrency, availability, and durability across the whole data set. Object storage is ideal to store unstructured data that could grow without any limitations.

Rackspace, in 2009 August, started the expansion of the forerunner to the OpenStack Object Storage same as a complete substitution for the product of Cloud Files. The starting development team includes nine developers. Currently, an object storage enterprise (SwiftStack) is the prominent developer for OpenStack Swift with serious contributions from IBM, HP, NTT, Red Hat, Intel, and many more.

Horizon (Dashboard)

Horizon is a canonical implementation of Dashboard of OpenStack which offers the web-based UI to various OpenStack services such as Keystone, Swift, Nova, etc. Dashboard shifts with a few central dashboards like a "Settings Dashboard", a "System Dashboard", and a "User Dashboard". It envelopes Core Support. The horizon application ships using the API abstraction set for many projects of Core OpenStack to facilitate a stable and consistent collection of reusable techniques for developers. With these abstractions, the developers working on OpenStack Horizon do not require to be familiar intimately with the entire OpenStack project's APIs.

Heat (Orchestration)

Heat can be expressed as a service for orchestrating more than one fusion cloud application with templates by CloudFormation adaptable Query API and OpenStack-native REST API.

Mistral (Workflow)

Mistral is the OpenStack service that handles workflows. Typically, the user writes the workflow with its language according to YAML. It uploads the definition of the workflow to Mistral by the REST API. After that, the user can begin the workflow manually by a similar API. Also, it configures the trigger for starting the workflow on a few events.

Ceilometer (Telemetry)

OpenStack Ceilometer (Telemetry) offers a Single Point of Contact for many billing systems, facilitating each counter they require to build customer billing around every future and current component of OpenStack. The counter delivery is auditable and traceable. The counter should be extensible easily for supporting new projects. Also, the agents implementing data collections must be separated from the overall system.

Trove (Database)

Trove is the database-as-a-service that is used to provision a non-relational and relational engine of the database.

Sahara (Elastic map-reduce)

Sahara can be defined as a component for rapidly and easily provisioning Hadoop clusters. Many users will define various parameters such as Hadoop version number, node flavor information (RAM and CPU settings, specifying disk space), cluster topology type, and more. After any user offers each parameter, Sahara expands the cluster in less time. Also, Sahara offers a means for scaling a pre-existing cluster of Hadoop by removing and adding worker nodes over demand.

Ironic (Bare metal)

Ironic is another project of OpenStack. It plans bare-metal machines rather than virtual machines. Initially, Ironic was forked through the driver of Nova Bare metal and has derived into an isolated project. It was the best idea as a plugin's set and bare-metal hypervisor API that collaborate with various bare-metal hypervisors. It will apply IPMI and PXE in concert for turning off and on and provisioning machines, although Ironic supports and could be developed with vendor-specific plugins for implementing additional functionality.

Zaqar (Messaging)

Zaqar is a service to provide a multi-tenant cloud messaging facility for many web developers. It offers a complete RESTful API that developers could apply for sending messages among several components of the mobile and SaaS applications by applying a lot of patterns of communication. This API is a powerful messaging engine developed with security and scalability in mind. Some other components of OpenStack can develop with Zaqar for various surface events and to interact with many guest agents that execute in an over-cloud layer.

Designate (DNS)

Designate can be defined as a REST API multi-tenant to manage DNS. It facilitates DNS as the Service. This component is compatible with various backend technologies such as BIND and PowerDNS. It doesn't offer the DND service as its goal is to interface using a DNS server (existing) for managing DNS zones based on per tenant.

Manila (Shared file system)

OpenStack Manila (Shared file system) facilitates an open API for managing shares within the vendor-agnostic structure. Standard primitives such as the ability to deny/give, delete, and create access to any share. It can be applied in a range of different or standalone network environments. Technical storage appliances through Hitachi, INFINIDAT, Quobyte, Oracle, IBM, HP, NetApp, and EMC data systems can be supported and filesystem technologies as well like Ceph and Red Hat GlusterFS.

Searchlight (Search)

Searchlight offers consistent and advanced search capabilities around many cloud services of OpenStack. It accomplishes it by offloading the queries of user search through other API servers of OpenStack by indexing the data into the ElasticSearch. This component is being developed into Horizon. Also, it offers a command-line interface.

Magnum (Container orchestration)

Magnum is an API service of OpenStack improved by the containers team of OpenStack making engines of container orchestration such as Apache Mesos, Kubernetes, and Docker Swarm available as initial class resources within the OpenStack. Magnum applies heat for orchestrating an operating system image that includes Kubernetes and Docker and executes that particular image in bare metal or virtual machine inside the cluster configuration.

Barbican (Key manager)

Barbican is the REST API developed for the management, provisioning, and secure storage of secrets. Barbican is focused on being helpful for each environment including huge ephemeral Clouds.

Vitrage (Root Cause Analysis)

Vitrage is an OpenStack Root Cause Analysis (RCA) service to expand, analyze, and organize OpenStack events and alarms, yielding various insights related to the problem's root cause and reducing the existence before these problems are detected directly.

Aodh (Rule-based alarm actions)

This service of alarming allows the ability for triggering tasks based on specified rules against event or metric data gathered by Gnocchi or Ceilometer.






Latest Courses