Global OpenStack: the Power of Cloud Interoperability

Monty Taylor

http://inaugust.com/talks/global-interop.html

twitter: @e_monty

This Talk is Free Software

Who am I?

Office of Technology

Zuul

Ansible

Who am I?

Technical Committee

Developer Infrastructure Core Team

Former Foundation Board of Directors

PTL of shade project

I want to deploy and run an application on the internet so that my customers all over the world can consume it.

I want to deploy the application across multiple clouds or regions so that my service survives issues in any one of them.

I want to deploy the application in a location of my choosing so that I can comply with regulatory demands.

THIS WORKS

I'm doing it myself as we speak

20k VMs per-day

20 Cloud Regions in 9 clouds

Only using OpenStack APIs

OpenStack Infra

Tooling, Automation and CI for OpenStack Project

2000 Developers

Gated Commits

Every commit is fully integration tested (twice) before landing

Each Test Runs on a Single Use Cloud Slave

This is that "cloud scale out" part

2 KJPH (kilo-jobs per hour)

Our VMs are everywhere

Public Clouds

  • Rackspace: Dallas, Chicago, DC
  • Internap: New Jersey, Montreal
  • OVH: Strassbourg, Gravelines
  • Citycloud: London, Los Angeles, Stockholm

Managed Private Clouds

  • OpenStack Innovation Center: San Antonio
  • Red Hat TripleO: Phoenix

Private Cloud

Infra Cloud

  • Hardware donated by HPE: Houston
  • Community run cloud using OpenStack Puppet
  • Bare Metal managed with Bifrost/Ironic

image

Gerrit

  • Traditional 'Enterprise' Java Application
  • Single Nova VM, Cinder Volume
  • Scale out farm of git replicas

nodepool

  • Cloud Native
  • Purpose built in Python
  • Keeps a pool of ready to go nodes
  • Multi-cloud
  • Fully elastic - responds to demand

How do we do this?

Control plane

http://git.openstack.org/cgit/openstack-infra/system-config

  • All server config management in git
  • Puppet manages the servers: puppet apply
  • Ansible runs puppet: ansible puppet module
  • Ansible OpenStack Dynamic Inventory
  • Only thing not public are keys and secrets

os-client-config

http://git.openstack.org/cgit/openstack/os-client-config

https://docs.openstack.org/os-client-config/latest/

A library to handle config information for openstack clients

Tracks differences in vendors that can't be discovered

In use in python-openstackclient, shade and ansible

https://docs.openstack.org/os-client-config/latest/user/vendor-support.html

os-client-config

~/.config/openstack/clouds.yaml

clouds:
  citycloud:
     profile: citycloud
     auth:
      username: mordred
      password: XXXXXXXXXXXXXXXXXXXXX
      project_id: 65222a4d09ea4c68934fa1028c77f394
      user_domain_id: d0919bd5e8d74e49adf0e145807ffc38
      project_domain_id: d0919bd5e8d74e49adf0e145807ffc38
    regions:
      - Kna1
      - Sto2
      - Lon1
  dreamcompute:
    profile: dreamhost
    auth:
      username: montay6
      project_name: dhc2111978
      password: XXXXXXXXXXXXX
    region_name: RegionOne
      

shade

http://git.openstack.org/cgit/openstack-infra/shade

A library to wrap business logic around client libraries

cloud.create_image('image-name', filename='image-filename.qcow2')
cloud.create_server('my-server', image='immage-name', auto_ip=True)
      

In use in Infra Nodepool and ansible

ansible

Based on shade

- os_keypair:
    cloud: citycloud
    name: mordred
    public_key_file: ~/.ssh/id_rsa.pub
- os_image:
    cloud: citycloud
    name: Monty Ubuntu
    file: ubuntu.vhd
- os_server:
    cloud: citycloud
    name: my-server
    flavor_ram: 1024
    image: Monty Ubuntu
      

ansible

Add my keypair to 30 Regions in 13 clouds


- os_keypair:
    cloud: "{{ item.cloud }}"
    region_name: "{{ item.region_name }}"
    name: mordred
    public_key_file: ~/.ssh/id_rsa.pub
    with-items:
    - {cloud: vexxhost, region_name: ca-ymq-1}
    - {cloud: ovh, region_name: SBG1}
    - {cloud: ovh, region_name: BHS1}
    - {cloud: ovh, region_name: GRA1}
    - {cloud: citycloud, region_name: Buf1}
    - {cloud: citycloud, region_name: La1}
    - {cloud: citycloud, region_name: Fra1}
    - {cloud: citycloud, region_name: Lon1}
    - {cloud: citycloud, region_name: Sto2}
    - {cloud: citycloud, region_name: Kna1}
    - {cloud: internap, region_name: ams01}
    - {cloud: internap, region_name: da01}
    - {cloud: internap, region_name: nyj01}
    - {cloud: internap, region_name: sin01}
    - {cloud: internap, region_name: sjc01}
    - {cloud: infracloud, region_name: vanilla}
    - {cloud: infracloud, region_name: chocolate}
    - {cloud: fuga, region_name: cystack}
    - {cloud: datacentred, region_name: sal01}
    - {cloud: clouda, region_name: regionOne}
    - {cloud: auro, region_name: van1}
    - {cloud: ustack, region_name: bj1}
    - {cloud: zetta, region_name: no-osl1}
    - {cloud: kiss, region_name: region1}
    - {cloud: rax, region_name: IAD}
    - {cloud: rax, region_name: ORD}
    - {cloud: rax, region_name: SYD}
    - {cloud: rax, region_name: LON}
    - {cloud: rax, region_name: DFW}
    - {cloud: rax, region_name: HKG}
      

nodepool

  • Use shade to treat all cloud regions as one giant cloud
  • diskimage-builder makes identical base images for each
  • Pre-cache network artifacts in disk images
  • glean instead of cloud-init to handle no-DHCP on Rackspace
  • Pre-spins warm pool - always keep min-ready number of nodes

OpenStack Works!

Why should you care?

Is interop really important?

Run what you want

Cloud-native application

Traditional Java web application

High-performance Database on Baremetal

Run it where you want

  • Geography
  • Delivery Model

Geography

  • Put it near your users
  • Don't put it in an US data center
  • Locality Requirements
  • What if you have customers in China?
  • What if you also have customers in Sweden?

Delivery Model

  • Public
  • Hosted Private
  • Managed Private On-Premise
  • Run your own

China’s Sinorail Information Cloud

Billions of Passengers

Anybody REALLY think that should just run in a Public Cloud?

Anybody REALLY think that should run in a Public Cloud owned by a US company?

What about the China National Offshore Oil Corp?

or the State Grid of China?

Chinese OpenStack

sorted alphabetically

99 Cloud

China Mobile

China National Offshore Oil Corp

China Telecom

China Unicom

EasyStack

Huawei

Inspur

Sinorail

State Grid of China

T2 Cloud

Tencent

UMCloud

UnitedStack

ZTE

European Public OpenStack

CityCloud: Sweden, UK, US

Datacentred: UK

Elastx: Sweden

Enter Cloud Suite: Italy, Germany

Fugo: Netherlands

Internap: Netherlands, US, Singapore

OTC: Frankfurt

OVH: France, US

Switch: Switzerland

Ultimum: Czech Republic

Zetta: Norway

kiss.cloud: Netherlands

Other Public OpenStack

Auro: Vancouver

Catalyst: New Zealand

Conoha: Japan, Singapore, US

Dreamhost: US

Ormuco: Canada + Federated

Vexxhost: Canada

What about the US?

Robbie Williams

Best-selling British solo artist in the UK

Best-selling non-Latino artist in Latin America

Basically unknown in the US

The OpenStack Community is Designed for Collaboration

The OpenStack Project Believes all Participants are Equal

Constant work in progress, help us when we get this wrong

We aren't going to remove something you need...

because we ARE you.

I'm in this to make the world better.

The whole world, not just my corner.

Why does Interop Matter?

Is Sinorail going to run China's Train system with an app they download from an App Store?

Nope

Are they going to let me run VMs for OpenStack Infra Nodepool on their Cloud?

Nope

That would be SUPER cool though!

Who cares if China National Offshore Oil Corp, State Grid of China and Deutsche Telecom's clouds work the same?

It's all about the tools

  • Ansible
  • Terraform
  • Spinnaker
  • Zuul -- v3 is almost out and will blow your mind

Spending Resources Wisely

If China National Offshore Oil Corp, State Grid of China and Sinorail all run Interoperable OpenStack Clouds ...

they share not just the OpenStack Cloud software itself...

they ALSO share consumption and orchestration software...

and can focus MOST on Oil, Electricity and Trains


Oil, Electricity and Trains are important

With Interoperable Clouds

It's like I work for all of you!

It's like we all work with each other

China, and the rest of our Global Community, understands the power of Open Collaboration on shared problems.

What is OpenStack doing to help with Interop?

Technical Governance

Our job is making sure EVERYONE can do their job

Board of Directos -Interop Working Group

  • Trademark focused: What must work to use the name OpenStack
  • If you get some OpenStack from a Vendor, how do you know it's good OpenStack

TC - API Working Group

API Working Group Consumption Specs

Service Types Authority

API Consumers Mailing List

http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-api-consumers

Collaboration between SDK, Framework, Tool Authors

Python, Go, Java, Ruby, Javascript ...

Writing Software!

All of these can use help!

OpenStack gives you the power to make the choices that are right for you, your business, your users, your country and the world.

Thank you!

http://inaugust.com/talks/global-interop.html

twitter: @e_monty