《阙志克:工业技术研究院云操作系统和OpenStack.pdf》由会员分享,可在线阅读,更多相关《阙志克:工业技术研究院云操作系统和OpenStack.pdf(28页珍藏版)》请在三一文库上搜索。
1、 ITRI Cloud Operating System and OpenStack Tzi-cker Chiueh 闕志克闕志克 Cloud Computing Research Center for Mobile Applications (CCMA) 雲端運算行動應用研究中心雲端運算行動應用研究中心 1 Cloud Data Center Solution Renting rather than buying IT infrastructure Build-up of cloud-scale data centers Need for inexpensive integrated clo
2、ud data center solutions The user pain point: integration Is it possible to build a cloud data center like “take a HW box, install OS on it, and have an AWS-like IaaS ready to go”? A total IaaS solution for both public and private clouds 2 3 Physical Server VM0 VM1 VMn Layer-2-Only Data Center Netwo
3、rk IEL Load Balancing Traffic Shaping Intrusion Detection NAT/VPN Compute Server Layer-3 Border Routers Storage Server Container Computer Architecture 4 Photo Sharing VDC Provision and Deploy Monitor and Configure Virtual Resources Video Streaming VDC Web Conference VDC Physical Cluster Virtual Data
4、 Center Management Physical Data Center Management ITRI Cloud OS Cloud Application Developer Cloud Service Provider Cloud Service Infrastructure Administrator Carrier Monitor, Diagnose and Configure Physical Resources What is Cloud OS? CHT PCHome 5 Cloud OS Service Model Virtual data center consists
5、 of one or multiple virtual clusters, each of which comprises one or multiple VMs Users provide a Virtual Cluster specification No. of VM instances each with CPU performance and memory size requirement Per-VM storage space requirement External network bandwidth requirement Security policy Backup pol
6、icy Load balancing policy Network configuration, e.g. public IP address and private IP address range OS image and application image 2012/8/11 OpenStack APAC Conference 2012 6 VDCM Assets (VDC, VC, VM) 2012/8/11 OpenStack APAC Conference 2012 7 PDCM Event Monitor 2012/8/11 OpenStack APAC Conference 2
7、012 8 PDCM Network Topology 9 Key Cloud OS 1.0 Features 1 Physical resource management (PRM): BIOS Centralized installation of all systems software Start up, shut down, and recover a data center computer Data center storage management: file management Main storage (DMS) : Forming a highly available
8、global storage pool from: a set of commodity JBOD storage servers Secondary storage (DSS): Offering streamlined disk-based snapshot/backup with configurable policy, and scalable de-duplication Virtualization management: process management Resource provisioning management (RPM): allocate physical dat
9、a center resources for a given virtual data center and auto-scaling Dynamic virtual resource management (DVMM): use VM migration to support consolidation, load balancing and high availability 10 Key Cloud OS 1.0 Features 2 Physical data center management (PDCM): system administration Comprehensive S
10、NMP-based monitoring Integrated virtual/physical resource mapping view Unified event logging Integrated trouble ticking support Virtual data center management (VDCM): system administration VDC/VC/VM specification Real-time resource usage and performance monitoring Security: security Inter-VDC isolat
11、ion Centralized L3 and distributed L7 and web application firewalling Internet edge logic Supporting inter-VM load balancing within a VC DDoS attack mediation Distributed traffic shaping Physical Resource Management (Dell) Security (Checkpoint) Virtualization Management (VMWare) System Integration (
12、IBM) Server Load Balancing/ Traffic Shaping (F5) Servers (HP) Networks (Cisco) Storage (Seagate) Primary/Secondary Storage Management (EMC) Building Cloud Data Center (XXX): represents leader In the corresponding space Physical Data Center Management (Tivoli) Virtual Data Center Management (CA) 11 P
13、hysical Resource Management (ITRI) Security (ITRI) Virtualization Management (ITRI) System Integration (ITRI) Internet Edge Logic (ITRI) Servers (commodity) Networks (commodity) Storage (commodity) Primary/Secondary Storage Management (ITRI) ITRI Cloud OSs Way Physical Data Center Management (ITRI)
14、Virtual Data Center Management (ITRI) 12 N-way data replication vs. RAID End to end data availability: disk, server, and network failures Periodic snapshots for local data backup with de-duplication Wide-area data backup Snapshot frequency: a couple of hours to days Wide-area data replication (Cloud
15、 OS 2.0) Snapshot frequency: a couple of seconds to minutes Strong Data Protection 13 High availability support for Cloud OS subsystems Active-passive: Linux HA + DRBD + edit logging/recovery Active-active: MySQL and server load balancer Disk state-preserving fail-over for applications running insid
16、e VDCs Shared persistent state + VM restart + take-over Memory state-preserving fail-over for applications running inside VDCs (Cloud OS 2.0) Shared memory/persistent state + VM resume + take-over High Availability 14 Multi-Dimensional Load Balancing 15 Multi-homing load balancing Intra-VDC inter-VM
17、 load balancing Network-wide link-level load balancing Inter-physical-server load balancing Thermal capacity load balancing Inter-storage-server load balancing Cloud Security 16 Any security breaches that are possible for a physical data center are equally likely for a virtual data center L4/L7 and
18、Web Application Firewall New security concerns Interference between tenants on the same physical machines Inter-VDC isolation vs. VLAN isolation OpenStack 17 Open Stack core: Nova: VM provisioning Glance: VM image upload and delivery Swift: Object data storage RPM vs. Nova Boot from remote cloned vo
19、lume Dynamic load balancing Power consolidation Dedicated physical machine pool Auto-scaling create/start/stop/delete/migrate VMs VDCM/RS VMM Xen Xen create/start/stop/delete/migrate VMs Xen Xen VDCM/RS VMM lite KVM Xen Qemu HyperV OpenStack Nova Walrus Glance/Swift APIs with VDC concept CPU API DMS
20、/DSS Nova Volume IEL IEL APIs with VDC concept Directory Server Security Security Directory Server DMS/DSS OpenStack compatible PRM/PDCM PRM/PDCM NC OpenStack API Volume API OpenStack-Compatible Cloud OS Network API 19 Cloud OS 2.0 OpenStack Compatible: Novas compute, volume and network API OpenStac
21、k web service API Target date: 10/1/2012 Data center federation: Support for multi-site data centers Network virtualization: Support for hybrid cloud Wide-area data replication Memory de-duplication Cloud Data Center Network 20 Cloud data centers are Big and Shared Scalable and available data center
22、 fabrics Not all links are used No load-sensitive routing Fail-over latency is high ( 5 seconds) Network virtualization: Each virtual data center (VDC) gets to define its own network All VMs in a VDC belong to one flat subnet Each VDC has its own private IP address space Each VDC has a set of public
23、 IP addresses Each VDC has a set of external VPN connections Per-VDC Internet traffic shaping policy, intra-VDC and inter-VDC firewalling policy, and server load balancing policy Peregrine 21 A unified Layer-2-only network for LAN and SA Centralized control plane and distributed data plane Use only
24、Commodity Ethernet switches Army of commodity switches vs. few high-port-density switches Requirements on switches: run fast and has programmable routing table Centralized load-balancing routing using real-time traffic matrix Support for incremental and QoS-aware routing Fast fail-over using pre-com
25、puted primary/back routes Native support for network virtualization Private IP address space reuse Multi-tenancy VPN, NAT and traffic shaping Intra-VDC or inter-VDC firewall Software Architecture 22 Load Balancing Routing 23 Collection of real-time traffic matrix Traffic volume between each pair of
26、VMs Traffic volume between each pair of PMs Load balancing routing algorithm Loads on the physical links Number of hops Forwarding table entries Prioritization Computed routes are installed on switches When a Network Link Fails 27 Private IP Address Space Reuse 25 Requirement: Every VDC has a VDC ID
27、 and its own full 24-bit private IP address space (10.x.x.x), even though multiple VDCs run on top of the same data center network Two approaches: Ethernet over TCP/UDP: Every Ethernet packet is encapsulated inside an TCP/UDP packet or TCP/UDP connection as an Ethernet link Needs to implement in sof
28、tware such Ethernet switch functions as source learning, flooding, VLAN, etc. Can work with arbitrary IP networks Multi-tenancy-aware IP-MAC mapping: our approach Runs directly on L2 networks, no need for Ethernet switch emulation Inter-virtual-data-center isolation Peregrine Summary 26 Peregrine is
29、 a network system technology, not a network device technology, and consists of A hypervisor module running on every compute node A route server and an ARP server A VDC-aware VPN Runs directly on commodity Ethernet switches and NICs: fully leverages the benefit of I/O virtualization, which encourages
30、 direct NIC access from VM Under development: Refactor Peregrine as a Quantum plug-in 27 Cloud computing is all about consolidation of IT infrastructures and usage-based resource allocation Data center as a computer paradigm Cloud-scale data center industry is emerging Integration is a real user pai
31、n point An integrated solution with lesser components is much more desirable than an un-integrated set of more capable components ITRIs integrated data center solution, Container Computer 1.0 + Cloud OS 1.0, is expected to provide 70% of the functionalities at 1/3 cost of leading solutions from US Virtual data center service abstraction Conclusion 28 Thank You! Questions and Comments? tccitri.org.tw