WHITEPAPER OPENSTACK IN THE ENTERPRISE Best practices for deploying enterprise-grade OpenStack implementations Vinny Valdez INTRODUCTION 64% of IT managers have OpenStack on their technology roadmaps. 1 Using industry best practices to deploy OpenStack can help you build an effective, efficient, enterprise-grade cloud faster. Modern IT organizations must adapt to a new business-focused role to meet growing expectations for new services that deliver a competitive advantage. Cloud technologies, which revolutionize the way IT services are developed, managed, and delivered, are an essential tool for IT organizations moving into their new strategic role. OpenStack is gaining popularity as the cloud platform of choice, and many enterprises are considering OpenStack deployments within their datacenters. Implementing an enterprise cloud with OpenStack can be a complex process. The modular, scale-out design of OpenStack includes many interlocking components to choose from, as shown in Figure 1. And, because business needs vary, each OpenStack implementation is different. Consideration for the number and type of workloads and business operations and partnerships must be taken into account when planning your enterprise OpenStack environment. The first in a series from Red Hat Consulting, this whitepaper examines the unique demands of implementing an enterprise OpenStack environment and describes best practices for availability, scalability, networking, and management. This is the first white paper in a series from Red Hat Consulting that examines considerations for OpenStack deployment in enterprise environments. Figure 1. OpenStack includes many interlocking components to deliver different functionality. HIGH AVAILABILITY FOR CRITICAL BUSINESS OPERATIONS Enterprise IT infrastructure and operations must be available at all times. In many cases, if critical IT systems are down, business suffers. Deploying a highly available OpenStack environment requires increased reliability in several key components: database, messaging service, API services, storage, and applications. facebook.com/redhatinc @redhatnews linkedin.com/company/red-hat 1 IDG, CIO QuickPulse Survey: OpenStack Hype vs. Reality, July 2013 redhat.com
An enterprisegrade OpenStack environment requires highly available databases, messaging service, API services, storage, and applications. DATABASE FOR OPENSTACK SERVICES In OpenStack, the database provides data services for applications running in the environment. If data is unavailable, applications go down and productivity declines. To maintain the highest database availability, operate three database servers in an active-active configuration. In an active-active setup, each of the databases is self-contained and synced with the others. Application requests for data are load-balanced between the three databases, which improves performance and failover time in the event of a database failure. You can also use an active-passive configuration consisting of one master database and two standby databases, all sharing the same storage. However, failover times will be longer than that of an active-active setup. MESSAGING SERVICE The messaging service provides communications between other OpenStack services regarding job requests and scheduling. To build a highly available messaging service, use Advanced Message Queuing Protocol (AMQP) in an active-passive or active-active setup. An active-passive configuration uses a hot standby and provides typical failover times of less than 10 seconds. An active-active setup improves performance and failover times through load balancing. API SERVICES API services receive and process requests to the different components in the OpenStack environment. For highly available and high performance operation, set up your OpenStack API services servers in a horizontally scaling, active-active configuration. Load balancing between the servers improves performance, and you can easily add more resources as your environment expands or higher performance is required. STORAGE The storage infrastructure provides Glance image storage, Cinder block storage, and Swift or Ceph object storage services to the OpenStack environment. To build an enterprise-grade OpenStack storage infrastructure, use a minimum of two, and ideally four, non-legacy storage systems in a high availability setup. A RAID 6 configuration within each storage server provides additional robustness. APPLICATIONS Application high availability is not handled directly by OpenStack. However, cloud-enabled applications manage their own availability without manual intervention. For high application availability in your OpenStack environment, use cloud-enabled applications wherever possible and re-architect legacy applications to be cloud-aware. Additionally, the Heat orchestration service in OpenStack lets you automatically administer the infrastructure and resources needed by cloud-enabled and cloud-aware applications. This streamlines management and further increases availability. Organizing your OpenStack environment into functional groups lets you scale more efficiently as your business grows. SCALABILITY FOR IMPROVED PERFORMANCE AND FUTURE EXPANSION Massive scalability is one of the main tenets of OpenStack. When designed appropriately, OpenStack can easily scale to meet growing performance needs. To simplify scaling in enterprise deployments, segregate your OpenStack cloud into functional groups of cells, regions, and availability zones. Cells. Cells divide your entire cloud into multiple Nova compute deployments. Use cells when you need a single API endpoint for compute or you require a second level of scaling. For example, cells can split a cloud into multiple sites so you can schedule a virtual machine on a particular site or wherever resources are available. The Keystone identity service and Nova-api service are shared between the cells, though each cell contains an otherwise full Nova compute installation. The Nova cells service is also required to use cells. 2
Choose the OpenStack networking service with the features that matter most to you. The Nova network service is simple to install, while the Neutron service gives you access to the latest networking technologies. Automating common hardware and application life cycle management tasks streamlines operations and reduces the risk of errors. Regions. Like cells, regions segregate your cloud into multiple Nova compute deployments. Regions should be used when you need separate API endpoints without coordination between regions. For example, use regions to divide a shared-infrastructure cloud into multiple sites so you can schedule virtual machines to a particular site. Regions share the Keystone identity service, but each have a different API endpoint and a full Nova compute installation. Availability zones. Unlike cells and regions, availability zones simply divide a single Nova compute deployment. They can also divide Cinder volume storage implementations. Availability zones should be used for logical separation within your cloud for physical isolation and redundancy. For example, use availability zones to partition a single-site cloud with equipment fed by separate power supplies. Availability zones share the Keystone identity service and all Nova compute services, but changes to Nova.conf are required. NETWORKING CHOICES TO MEET YOUR NEEDS OpenStack provides two options for building your cloud network Nova-network and OpenStack Networking (Neutron) networking services. Either can be used in an enterprise OpenStack deployment, but each has features that make it more suitable for certain use cases. Nova-network is straightforward to install and configure, and provides basic, proven network operations with limited networking topologies. Use Nova-network in cases where simplified, highly scalable networking is needed and you want to design and set up your OpenStack network by yourself. Neutron is more complex, and often requires expert guidance to set up and tune, but includes the newest technologies, such as software-defined networking (SDN), NVGRE tunneling, and -as-a-service deployment of VPN, firewall, and load-balancing services. It also provides rich networking topologies, third-party plugins, overlapping IP ranges, and self-tenant network provisioning. Use Neutron if you need access to the latest developments in networking or increased flexibility from SDN. AUTOMATED MANAGEMENT FOR STREAMLINED OPERATIONS Manually managing hardware and application life cycles can be time-consuming and prone to errors. By using tools to automate common administrative tasks, you can accelerate provisioning and deployment, streamline management, and reduce the risk of mistakes. The Puppet-based OpenStack Foreman Installer module allows you to efficiently manage hardware provisioning and administration. You can provision bare-metal infrastructure and manage grouped hosts in bulk, regardless of their location. A plugin allows you to extend Foreman management to your existing servers. Using Foreman, you can deploy highly available configurations for enterprise environments. Change tracking and reporting permits you to quickly troubleshoot issues and audit configurations. Additionally, Foreman helps enforce consistent host configurations with checks at 30-minute intervals. Similar management tools, such as Red Hat CloudForms, are available for applications and can be used to simplify and accelerate application management. ENTERPRISE OPENSTACK FROM RED HAT Red Hat Enterprise Linux OpenStack Platform and Red Hat Cloud Infrastructure provide an ideal platform for your enterprise OpenStack implementation. Enterprise features, combined with Red Hat s expert consulting and training services, allow you to quickly deploy a highly available cloud environment. Red Hat Enterprise Linux OpenStack Platform. Designed specifically to meet enterprise needs, Red Hat Enterprise Linux OpenStack Platform incorporates stability, reliability, security, and support into the innovation of community-developed OpenStack. Vigorous testing, commercial hardening, and integration with Red Hat Enterprise Linux ensure you have the most secure and reliable OpenStack distribution available. A longer, eighteen-month life cycle, with ongoing bug 3
Drawing on its experience and methodology with enterprise Linux, Red Hat is bringing to market a commercially supported and tested version of OpenStack [for] customers that want an enterpriseready distribution of OpenStack. IDC, OPENSTACK AND RED HAT, JULY 2013 fixes and security patches, gives you the stability to deploy OpenStack without needing to constantly upgrade your environment. Enterprise-grade support lets you focus on delivering value to your business instead of worrying about your cloud infrastructure. Plus, Red Hat s growing ecosystem of partners lets you choose the complementary applications and hardware that meet your needs today and in the future. Red Hat Cloud Infrastructure. Red Hat provides a complete cloud solution with Red Hat Cloud Infrastructure, which includes Red Hat Enterprise Virtualization, Red Hat CloudForms, and Red Hat Enterprise Linux OpenStack Platform. Red Hat Enterprise Virtualization provides high-performance virtualization capabilities for traditional workloads. Red Hat Enterprise Linux OpenStack Platform handles cloud-enabled applications. Plus, Red Hat CloudForms provides endto-end environment management and orchestration through a single interface, allowing you to drastically simplify infrastructure operations. Red Hat Consulting services. Red Hat can help you build your OpenStack environment quickly and cost-effectively, so you can take advantage of your cloud investment faster. Services include infrastructure assessment, cloud planning, installation, testing, and mentoring. Red Hat training and certification. The Red Hat OpenStack Administration training course (CL210) teaches system administrators how to build a cloud using Red Hat Enterprise Linux OpenStack Platform and prepares them for the Red Hat Certified OpenStack Administrator Exam (EX210). Topics are explored through hands-on labs and include installation, configuration, and maintenance. Successful completion of the training course and exam earns candidates the Red Hat Certified System Administrator in Red Hat OpenStack certification. CONCLUSION OpenStack gives modern IT organizations the tools they need to be strategic partners in their businesses. By using these practices, you can build an OpenStack environment that meets your enterprise needs. Red Hat Enterprise Linux OpenStack Platform and Red Hat Cloud Infrastructure give you a proven, supported, enterprise-grade cloud platform that streamlines deployment, simplifies management, and lets you focus on delivering business value. Plus, Red Hat s consulting and training services help you build your cloud faster and take advantage of all OpenStack has to offer. Contact your Red Hat sales representative to find out more about building your enterprise OpenStack environment with Red Hat. 4
WHITEPAPER OpenStack in the enterprise ABOUT THE AUTHOR Vinny Valdez is a principal cloud architect in Red Hat s Cloud Practice. Vinny is an RHCA and RHCSS who has almost 20 years of IT experience. Vinny joined Red Hat in 2007 and works with Red Hat s partners, customers, and internal groups to architect cloud solutions and enable internal consulting and other architects to effectively design and implement these solutions. Vinny has held a number of technical roles including field consulting, engineering, development, and support. ABOUT RED HAT Red Hat is the world s leading provider of open source solutions, using a community-powered approach to provide reliable and high-performing cloud, virtualization, storage, Linux, and middleware technologies. Red Hat also offers award-winning support, training, and consulting services. Red Hat is an S&P company with more than 80 offices spanning the globe, empowering its customers businesses. facebook.com/redhatinc @redhatnews linkedin.com/company/red-hat redhat.com #12396957_0714_KVM NORTH AMERICA 1 888 REDHAT1 EUROPE, MIDDLE EAST, AND AFRICA 00800 7334 2835 europe@redhat.com ASIA PACIFIC +65 6490 4200 apac@redhat.com LATIN AMERICA +54 11 4329 7300 info-latam@redhat.com Copyright 2014 Red Hat, Inc. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, and JBoss are trademarks of Red Hat, Inc., registered in the U.S. and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. The OpenStack Word Mark and OpenStack Logo are either registered trademarks / services marks or trademarks / service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundations permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation or the OpenStack community.