Presentation is loading. Please wait.

Presentation is loading. Please wait.

Multisite BP and OpenStack Kingbird Discussion

Published byTheodoro Mirandela Delgado Modified over 6 years ago

Similar presentations

Presentation on theme: "Multisite BP and OpenStack Kingbird Discussion"— Presentation transcript:

1 Multisite BP and OpenStack Kingbird Discussion

2 Outline Use Case and BP Overview OpenStack Kingbird Introduction
Multisite Identity Service Management (Use Case 1) Multisite VNF HA Support (Use Case 2) Multisite VNF Geo Redundancy Support (Use Case 3) Multisite Centralized Services (Use Case 4&5) OpenStack Kingbird Introduction 18/09/2018

3 Use case 1: multisite identity service management  a user should, using a single authentication point be able to manage virtual resources spread over multiple OpenStack regions Site 1 Site 2 API Distributed KeyStone service with Fernet token + Async. replication ( star-mode). (Separate DB for KeyStone requirement for installation projects) Nova Nova Local Token Validation Local Token Validation KeyStone KeyStone Cluster Cluster DB DB Cluster master master master DB master master master slave slave slave slave slave slave DB DB DB DB DB DB KeyStone KeyStone KeyStone Local Token Validation Local Token Validation Local Token Validation Nova Nova Nova Page 3 Site 3 Site 4 Site x

4 Use case 1: multisite identity service management  a user should, using a single authentication point be able to manage virtual resources spread over multiple OpenStack regions Proposed solution: KeyStone service(Distributed) with Fernet token + Async replication ( star-mode). one master KeyStone cluster with Fernet token in two sites (for site level high availability purpose), other sites will be installed with at least 2 slave nodes where the node is configured with DB async replication from the master cluster members, and one slave’s mater node in site1, another slave’s master node in site 2. Only the master cluster nodes are allowed to write,  other slave nodes waiting for replication from the master cluster ( very little delay) member. But  the chanllenge of key distribution and rotation for Fernet token should be settled, you can refer to these two blogs:  Pros. Why cluster in the master sites? There are lots of master nodes in the cluster, in order to provide more slaves could be done async. replication in parallel. Why two sites for the master cluster? to provide higher reliability (site level) for writing request. Why using multi-slaves in other sites. Slave has no knowledge of other slaves, so easy to manage multi-slaves in one site than a cluster, and multi-slaves work independently but provide multi-instance redundancy(like a cluster, but independent). Cons. The distribution/rotation of key management. Page 4

5 Use case 1: multisite identity service management
BUG: Can't specify identity endpoint for token validation among several keystone servers in keystonemiddleware: The method we provide works. After discussion, community proposed using region-name to specify the keystone server for token validation. Not succeed in verification. Page 5

6 Use case 2: VNF high availability across VIM
(Active) VNF (Standby) Overlay L2/L3 networking for heartbeat/session replication VNF (Active) VNF (Active) Overlay L2/L3 networking for heartbeat/session replication OpenStack 1 Site x OpenStack 2 Page 6

7 Use case 2: VNF high availability across VIM Overlay L2/L3 networking cross Neutron for heartbeat/session replication Requirement to OpenStack: 1) Overlay L2 networks or shared L2 provider networks, for cross OpenStack instance networking for heartbeat or state replication. Overlay L2 network is preferred:  Legacy compatibility: Some telecom app with built-in internal L2 network, for easy to move these app to VNF, it would be better to provide L2 network  IP overlapping: multiple VNFs may have overlapping IP address for cross OpenStack instance networking 2) L3 networking cross OpenStack instance for heartbeat or state replication 3) The IP address used for VNF to connect with other VNFs should be able to be floating cross OpenStack instance. For example, if the master failed, the IP address should be used in the standby which is running in another OpenStack instance. Page 7

8 Use Case 2: Virtual remote port for overlay L2 networking
VNF (Active) VNF (Standby) VNF (Active) VNF (Standby) Port ( IP1, VTEP IP x Virtual Remote Port ( IP2, remote VTEP IP y Virtual Remote Port ( IP1, remote VTEP IP x Port ( IP2, VTEP IP y OpenStack 1 Site X OpenStack 2 OpenStack1: Create Network ( net ) Boot VM1 in net -> Port ( IP 1, Mac 1 VTEP IP x Create virtual remote port for VM2 in net ( IP 2, Mac2 , VTEP = remote VTEP IP y ). L2population inside neutron OpenStack2: Create Network ( net ) Boot VM 2 in net -> Port ( IP 2, Mac 2 VTEP IP y Create virtual remote port for VM1 in net ( IP 1, Mac1 , VTEP = remote VTEP IP x ) L2population inside neutron Page 8

9 Use case 2: BP to Neutron 1. ML2: Port Cross Backbends Extension
The BP is to make port not binding to Host IP as VTEP IP, but using tunneling_ip as the VTEP ( can be host IP or any other tunneling endpoint IP, for example, external Host IP or L2GW IP Extend port with tunneling_ip attribute Enhance L2Population support tunneling_ip 2. Remote port for L2 communicate This BP is to add a new ML2 mechanism driver in Neutron to handle the virtual remote port, and activate L2population inside Neutron. Page 9

10 Use case 3: VNF Geo_site_redundancy a VNF (telecom application) should, be able to restore in another site for catastrophic failures happened. VNF (Active) VNF (Restored) Backup/Replication OpenStack 1 OpenStack 2 Site x Site y Save VNF if catastrophic failures like flood, earthquake, power-off happened Page 10

11 Use case 3: VNF Geo_site_redundancy a VNF (telecom application) should, be able to restore in another site for catastrophic failures happened. 1. Nova Quiesce + Cinder Consistency volume snapshot+ Cinder backup GR software get the attached volumes for the VMs in a VNF from Nova GR software add these attached volumes to the  consistency group in Cinder (NOTE: make sure that the block storage driver supports CG technology) GR software call Nova API Quiesce to freeze VM and flush buffer GR software make cgsnapshots of these volumes in Cinder GR software call Nova API Unquiece to unfreeze VM. (NOTE: Because storage often provide fast snapshot, so the duration between quiece and unquiece is a short interval) GR software create volumes from the cgsnapshots  in Cinder GR software create backup (incremental) for these volumes to backup storage ( swift or ceph, or.. ) in Cinder if this site failed,  GR software restore these backup volumes to Cinder in the backup site. GR software boot vm from bootable volume rom Cinder in the backup site and attach the data volumes. Pros: 1) atomic quiesce / unquiesce api from Nova, make transactional snapshot of a group of VMs is possible, for example, quiesce VM1, quiesce VM2, quiesce VM3, snapshot VM1's volumes, snapshot VM2's volumes, snapshot VM3's volumes, unquiesce VM3, unquiesce VM2, unquiesce VM1. For some telecom application, the order is very important for a group of VMs with strong relationship. 2) leverage the Cinder consistency group functionality. Cons: Need Nova to expose the quiesce / unquiesce, fortunately it's alreay there in Nova-compute, just to add API layer to expose the functionality. NOTE: It's up to the GR policy and VNF character. Some VNF may afford short unavailable for GR purpose, and some other may use the standby of the VNF or member of the cluster to do disaster recovery replication to not interfere the service provided by the VNF. For these VNFs which can't be quieced/unquiece should use the option3 (VNF aware) to do the backup/replication. Requirement to OpenStack: Nova needs to expose quiesce / unquiesce api, which is lack in Nova now. BP registered: Page 11

12 Use case 3: VNF Geo_site_redundancy a VNF (telecom application) should, be able to restore in another site for catastrophic failures happened. 2. Cinder Volume Replication GR software create volume with replication enabled volume type Cinder volume driver create volume with replication in backend storage Cinder volume driver record the  reference of block device in the remote site storage into the Cinder volume meta data GR software get the reference of block device in the remote site storage if this site failed,  GR software manage the volume from the reference of the block device in the backup site. GR software boot vm from bootabl volume rom Cinder in the backup site and attach the data volumes. Pros: 1) Replication will be done in the storage level automaticly, no need to create backup regularly, for example, daily. Cons: 1) No consistency guarantee. Application should be aware of the replication and guarantee the consistency 2) Only few storage backend support to expose reference of the block device. Requirement to OpenStack: save the real ref to volume admin_metadata after it has been managed by the driver  BP registered:    Page 12

13 Use case 3: VNF Geo_site_redundancy a VNF (telecom application) should, be able to restore in another site for catastrophic failures happened. 3. Nova Snapshot + Glance Image + Cinder Snapshot + Cinder Backup GR software create VM snapshot in Nova Nova quiece the VM internally Nova create image in Glance Nova create a snapshot of the VM, including volumes If the VM is volume backed VM, then create volume snapshot in Cinder No image uploaded to glance, but add the snapshot in the meta data of the image in Glance GR software to get the snapshot information from the Glance GR software create volumes from these snapshots GR software create  backup (incremental) for these volumes to backup storage ( swift or ceph, or.. ) in Cinder if this site failed,  GR software restore these backup volumes to Cinder in the backup site. GR software boot vm from bootabl volume rom Cinder in the backup site and attach the data volumes. Pros: 1) Automaticly quiesce/unquiesce, and snapshot of volumes of one VM. It's suitable for single VM backup/restore Cons: 1) Impossible to form a transactional group of VMs backup.  for example, quiesce VM1, quiesce VM2, quiesce VM3, snapshot VM1, snapshot VM2, snapshot VM3, unquiesce VM3, unquiesce VM2, unquiesce VM1. This is quite important in telecom application in some scenario 2) not leverage the Cinder consistency group. 3) One more service Glance involved in the backup. Not only to manage the increased snapshot in Cinder, but also need to manage the regarding tempary image in Glance. Requirement to OpenStack: None. Page 13

14 Use Case 4&5 : new upstream project - OpenStack Kingbird
Overview ( ) Kingbird is a stand alone centralized service to help resource replication, operation and management across multiple OpenStack instances in a multisite cloud, initated from OPNFV Multisite project ( ). Provisioning of virtual resources like instances, volumes, networks, etc. will remain on each OpenStack instance API. Kingbird will work standalone to provide features like centralized quota management, centralized view for distributed virtual resources, global view for tenant level IP address/mac address space management, clone ssh key/image/flavor/etc. across regions, centralized metering data management… Page 14

15 Use Case 4&5 : new upstream project - OpenStack Kingbird
Page 15

16 Use Case 4&5 : new upstream project - OpenStack Kingbird
Page 16

17 Thank you Multisite Page 17

Download ppt "Multisite BP and OpenStack Kingbird Discussion"

Similar presentations

© 2014 Persistent Systems Ltd www.persistentsys.com Enabling DraaS on OpenStack Speakers: Haribabu Kasturi, Amitabh Shukla.

© 2014 Persistent Systems Ltd Enabling DraaS on OpenStack Speakers: Haribabu Kasturi, Amitabh Shukla.
© 2012 IBM Corporation Architecture of Quantum Folsom Release Yong Sheng Gong ( 龚永生 ) gongysh #openstack-dev Quantum Core developer.

© 2012 IBM Corporation Architecture of Quantum Folsom Release Yong Sheng Gong ( 龚永生 ) gongysh #openstack-dev Quantum Core developer.
MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
SDN in Openstack - A real-life implementation Leo Wong.

SDN in Openstack - A real-life implementation Leo Wong.
11 HDS TECHNOLOGY DEMONSTRATION Steve Sonnenberg May 12, 2014 © Hitachi Data Systems Corporation 2014. All Rights Reserved.

11 HDS TECHNOLOGY DEMONSTRATION Steve Sonnenberg May 12, 2014 © Hitachi Data Systems Corporation All Rights Reserved.
Zhipeng (Howard) Huang

Zhipeng (Howard) Huang
storage service component

storage service component
CON Building a Private Cloud with OpenStack

CON Building a Private Cloud with OpenStack
Backup and Disaster Recovery for Oracle in Physical, Virtual, and Cloud Environments Christian Ruoff Senior Technical Engineer SEP Software Corp. cr@sep.de.

Backup and Disaster Recovery for Oracle in Physical, Virtual, and Cloud Environments Christian Ruoff Senior Technical Engineer SEP Software Corp.
11 SERVER CLUSTERING Chapter 6. Chapter 6: SERVER CLUSTERING2 OVERVIEW  List the types of server clusters.  Determine which type of cluster to use for.

11 SERVER CLUSTERING Chapter 6. Chapter 6: SERVER CLUSTERING2 OVERVIEW  List the types of server clusters.  Determine which type of cluster to use for.
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.

Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
Storwize V7000 IP Replication solution explained

Storwize V7000 IP Replication solution explained
DB-12: Achieving High Availability with Clusters and OpenEdge® Replication Combining the two technologies Hugo Loera Chávez Senior Tech Support Engineer.

DB-12: Achieving High Availability with Clusters and OpenEdge® Replication Combining the two technologies Hugo Loera Chávez Senior Tech Support Engineer.
System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.

System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.
Module 13: Configuring Availability of Network Resources and Content.

Module 13: Configuring Availability of Network Resources and Content.
CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.

CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.
INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.

INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.
Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.

Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.
Ceph Storage in OpenStack Part 2 openstack-ch, 6.12.2013

Ceph Storage in OpenStack Part 2 openstack-ch,
1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.

1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.

Similar presentations

Ads by Google