1 © 2013 Cisco and/or its affiliates. All rights reserved. Deploying OpenStack with Cisco Compute, Network and Storage Duane DeCapite, OpenStack Product Management Ashok Rajagopalan, UCS Product Management November 2013
Apr 01, 2015
1© 2013 Cisco and/or its affiliates. All rights reserved.
Deploying OpenStack with Cisco Compute, Network and Storage
Duane DeCapite, OpenStack Product Management
Ashok Rajagopalan, UCS Product Management
November 2013
2© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack @ Cisco
COMMUNITY PARTICIPATION• Code Contributions and blueprints across Core
services
• Networking model, Compute Service and Dashboard, HA, Scheduling,
• OpenStack Foundation Board member
CISCO OPENSTACK ENGINEERING• Automation (Puppet) and architectures (HA) for
production deployment and operational support
• Quantum/Neutron/Nova Plug-ins for Cisco product lines
• UCS, Nexus, CSR1000V
• Scalable networking services
• FWaaS, LBaaS, VPNaaS
CUSTOMERS• Private, Public
• Extend cloud model for rapid provisioning of network services, bare-metal, intelligent workload placement
• Drive innovation through real-world use cases
3© 2013 Cisco and/or its affiliates. All rights reserved.
Innovation in Cloud Computing through OpenStack’s Network Service and Cisco’s Open Network Environment (SDN)
OpenStackCompute
(Nova)
OpenStack Networking
(Neutron)
OpenStack Storage
(Swift, Cinder, CEPH)
a
OPEN NETWORK ENVIRONMENT
Controllers and Agents
Cisco ONE Controller SWOpenflow Agents
Virtual Overlays
VXLAN Gateway, Openstack, Service Chaining
CSR 1KV
PlatformAPIs
One Platform Kit (onePK)on ISR G2, ASR 1K
Applications each see their own logical DC
API-drivenOpen Cloud Platform
Programmable Infrastructure
Physical Virtual
VM VM
VM
VM VM
VM VM
4© 2013 Cisco and/or its affiliates. All rights reserved.
Lighthouse Customers in Production with Cisco OpenStack Solutions
• Comprehensive Cisco Integrated Solution for
OpenStack
• Operational efficiency with UCS and
networking integrations with OpenStack
• Pre-defined reference configurations and
performance optimized solutions
• SaaS applications and GRID scaleout
applications
5© 2013 Cisco and/or its affiliates. All rights reserved.
Compute and Storage
6© 2013 Cisco and/or its affiliates. All rights reserved.
As of Q3FY13 UCS revenue reached a $2B annualized run rate.
In Q3FY13, Data Center revenue was 515M growing 77% Y/Y
As of May 2013, there are over 23,000 unique UCS customers which represents 89% Y/Y growth
More than half of all Fortune 500 customers have invested in UCS
Over 500 customers have booked over 1 Million in UCS solutions and over 1,200 have booked over $500,000
Over 3,400 Channel Partners are actively selling UCS worldwide and over 1700 UCS specialized partners in the channel world wide
As of CY12 Q4 Cisco is one of the Top 5 Server Vendors, #2 in Blade servers based on Worldwide Revenue Share1
73 World Record Performance Benchmarks to date
Cisco UCS Leadership and Momentum
Source: 1 IDC Worldwide Quarterly Server Tracker, Q1 2013, May 2013, Revenue Share
7© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco UCS: Many Server Form Factors, One SystemIndustry-Leading Compute Without Compromise
UCS Compute PortfolioPerformance Optimized for Bare Metal, Virtualized, and Cloud Applications
UCS C220 M3Versatile, General Purpose
Enterprise Infrastructure, and Application Server
Enterprise Performance
UCS C240 M3Ideal Platform for Big Data,
ERP, and Database Applications
UCS B200 M3Optimal Choice for VDI, Private Cloud, or Dense
Virtualization/ Consolidation Workloads
Intensive / Mission Critical
UCS B420 M3Enterprise Class, 4-Socket Blade for Large, Memory-
Intensive Bare Metal and Virtualized Applications
UCS C420 M3Enterprise Class, 4-Socket Server for Large, Memory-Intensive Bare Metal, and Virtualized Applications
UCS C24 M3Entry, Expandable Rack
Server for Storage Intensive Workloads
UCS C22 M3Entry Rack Server for Distributed and Web
Infrastructure Applications
UCS B22 M3Entry Blade Server for IT Infrastructure and Web
Applications
Scale Out
Rac
kB
lad
e
UCS C260 M2Mission-Critical, 2-Socket
Extended Memory Server for Large, Memory-Intensive
Applications
UCS C460 M2Mission-Critical, 4-Socket
Server for Large, CPU-Intensive Applications
UCS B440 M2Mission-Critical, 4-Socket
Blade for Large, CPU-Intensive Bare Metal
and Virtualized ApplicationsUCS B230 M2Density-optimized CPU andMemory-Intensive 2-Socket
Blade for Bare Metal and Virtualized Applications
8© 2013 Cisco and/or its affiliates. All rights reserved.
Unified Management Blade and Rack Servers Managed a Cohesive Resource Pool
UCS Manager
C-Series Rack Optimized Servers
B-Series Blade Servers
Service Profile: HR_App1VNIC1
MAC: 08:00:69:02:01:2EHR_WEB_VLAN (ID=50)
VNIC2MAC: 08:00:69:02:01:2FHR_DB_VLAN (ID=210)
HBA 1 and 2WWN: 5080020000075740WWN: 5080020000075741VSAN ID: 12
Boot Order: SANBIOS Settings:
Turbo OnHyperThreading On
UCS Service ProfileUnified Device Management
Network Policy
Storage Policy
Server Policy
UNIFIED MANAGEMENT
A SINGLE UNIFIED SYSTEM FOR BLADE AND RACK SERVERS
A Major Market Transformation in Unified
Server Management
Benefits of UCS Manager and Service Profiles for Both Blade and Rack-Optimized Servers
Add Capacity Without Complexity
9© 2013 Cisco and/or its affiliates. All rights reserved.
Scaling the Cisco Cloud Architecture
Single Rack 16 servers
Single Domain Up to 10 racks, 160 servers
Multiple Domains, up to 10K nodes
9
L2/L3 Switching
UCS Central
UCS Manager
10© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco UCS OpenStack Solution Accelerator Paks
Compute-intensive Mixed-use
(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP
(6) UCS C220 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Processors, 192GB of Memory, Mega RAID, 4 x 900GB 10K SAS HDDs
(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP
(6) UCS C220 M3 Servers w/ dual Xeon E5-2665 2.7 GHz Proc, 192GB of Memory, Mega RAID, 4 x 600GB 10K SAS HDDs(2) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs
Storage-intensive
(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP
(8) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs
11© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack Compute-Intensive Solutions Pak
High-Density
2 Control NodesC220-M3s
nova-apikeystone-apiglance-apicinder-apihorizon-UI
quantum-apiNetwork Node
2 Compute NodesC220-M3s
nova-apiquantum-api
cinder-api
KVM Hypervisor
2 Storage NodesC220-M3s
cinder-api
CEPH Object Storage Devices
CEPH Deploy
CEPH MON/MDS/RAD
OS
12© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack Mixed-Use Solutions Pak
Mixed-Workload
2 Control NodesC220-M3s
nova-apikeystone-apiglance-apicinder-apihorizon-UI
quantum-apiNetwork Node
4 Compute NodesC220-M3s
nova-apiquantum-api
cinder-api
KVM Hypervisor
2 Storage NodesC240-M3s
cinder-api
CEPH Object Storage Devices
CEPH Deploy
CEPH MON/MDS/RAD
OS
13© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack Storage-Intensive Solutions Pak
Storage-intensive
2 Control/Storage NodesC240-M3s
nova-apikeystone-apiglance-apicinder-apihorizon-UI
quantum-apiNetwork Node
6 Compute/Storage NodesC240-M3s
CEPH Object Storage Devices
CEPH Deploy
CEPH MON/MDS/RAD
OS
nova-apiquantum-api
cinder-api
KVM Hypervisor
14© 2013 Cisco and/or its affiliates. All rights reserved.
Nova: how it works todayCompute(Nova)
nova-api
nova-compute
nova-volume(will be replaced by
Cinder)nova-network
(will be replaced by Neutron)
nova-schedule
Infrastructure
Hypervisors
Bare-metal Nodes
ClientAPIcalls
1
23
4
15© 2013 Cisco and/or its affiliates. All rights reserved.
Nova bare-metal with UCS Manager – Blueprint (CDN)Compute(Nova)
nova-api
nova-compute
nova-volume(will be replaced by
Cinder)nova-network
(will be replaced by Neutron)
nova-scheduleUCS Edition
Infrastructure
Hypervisors
Bare-metal Nodes
ClientAPIcalls
1
25
6
UCS Manager
Creates Server Profile based on request
parameters
Returns identity for storage in OS DB
3
4
16© 2013 Cisco and/or its affiliates. All rights reserved.
Networking
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Cisco Unified Fabric Continuous Market Leadership
Cisco FabricPath Customers
Cisco FEX Customers
Cisco NX-OS Customers
DC TECHNOLOGY LEADER
1,500+
11,000+
40,000+
11M+
*Source: Infonetics, Q3 2012 DC Network Equipment Report, December 2012 **Source: Dell’Oro, SAN Switching, November 2012Data current as of December 2012. Subject to change without notice.
DATA CENTER SWITCHING LEADER
#Market share by revenue in Q3 2012 for DC Ethernet Switching at 71.7%*1 #
Market share by revenue in Q3 2012 for FCoE SAN Switching at 87.3%**1
10GE Ports Shipped
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
LAN/SANLAN
Cisco Unified Fabric Innovations
CISCO NX-OS: From Hypervisor to Core CISCO DCNM: Single Pane of Management
DELIVERING TO YOUR DATA CENTER NEEDS
Resilient, High Performance,
Scalable Fabric
Operational EfficiencyWorkload Mobility Within/
Across DCs
Secure Separation/ Multitenancy
LAN+SAN Convergence
Cisco Nexus 1000V
Cisco Nexus ® 1010
CiscoNexus 4000
CiscoNexus 5000
CiscoNexus 3000
CiscoNexus 2000
CiscoNexus 7000Cisco
Nexus 6000
19© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Nexus Plugin Diagram
http://docwiki.cisco.com/wiki/OpenStack:Grizzly-Nexus-Plugin
20© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Nexus Plugins for Neutron Benefits• Automated VLAN Provisioning
Configure VLANs on the Nexus switch
• Layer 3 Gateway
Map Nexus Switch Virtual Interface (SVI) to tenant VLANScalability with Top of Rack (ToR) Nexus as default Layer 3 GatewayEliminates configuration and bottleneck of host-based software L3 forwarding Agent
• Multi-Homed Host DeploymentsVirtual Port Channel (vPC) for High Availability (HA) and link optimization to multiple Nexus switches
• Hardware and Software-based NetworkingPerformance benefits of hardware-based ToR switch (Nexus 3000, 5000, 6000, 7000)
Flexibility of software-defined Networking with Nexus 1000V
21© 2013 Cisco and/or its affiliates. All rights reserved.
Nexus Switch as Layer 3 Gateway
API Network is typically routable to enable public access
• SVI configured on Nexus for L3 forwarding and external Gateway
• Removes bottleneck of generic server-based network node with Linux IP tables
Cloud Controller Node
nova-scheduler
mysql, rabbit...
nova-api
neutron-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Management Network
API Network
Data Network
External Network
InternetInternet
• Flat Networking Traffic• VLAN Traffic across Nodes
• GRE or VXLAN tunnels across Nodes
L2B/OVS
L2B/OVS
Network Node
dhcp-agent
*-plugin-agent
Nexus PI
L2B/OVS
22© 2013 Cisco and/or its affiliates. All rights reserved.
Service Chaining with Nexus 1000V
API Network is typically routable to enable public access
Cloud Controller Node
nova-scheduler
mysql, rabbit...
nova-api
neutron-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Management Network
API Network
Data Network
External Network
InternetInternet
N1000V
• Foundation of Virtual Services Architecture
• vPath Service Insertion/Chaining• VXLAN Overlay Networking
VSM/N1000V
23© 2013 Cisco and/or its affiliates. All rights reserved.
Network Node
dhcp-agent
*-plugin-agent
CSR 1000V Routing
API Network is typically routable to enable public access
Cloud Controller Node
nova-scheduler
mysql, rabbit...
nova-api
quantum-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Management Network
API Network
Data Network
External Network
InternetInternet
N1000V
CSR 1000V
Network or Compute node(s) hosts CSR
VSM/N1000V
CSR Provides per tenant isolation and full IOS capabilities including VPN, BGP, OSFP, MPLS, etc.
24© 2013 Cisco and/or its affiliates. All rights reserved.
New OpenStack Services from Cisco Advanced Services
Problems Solved Key DeliverablesPortfolio Strategy and Assessment
(Available Now)
Validation(Available Now)
Optimization(December 2013)
Design & Deployment
(December 2013)
Pre-defined design Rapid installation & Test Lack of OpenStack skillsets
Experiment with OpenStack installation in your data center environment
Key Benefits
Pre-defined design Test plan Knowledge Transfer
Network Scale and High availability design
Storage Integration Cell deployment design
Accelerate production readiness
Optimally deployed on Cisco hardware
Understand role of OpenStack in your DC/Cloud strategy
Strategy Assessment high level roadmap and architecture
Prioritization of use cases
Is OpenStack the correct platform for my business
What are my key requirements for OpenStack?
How to create or add production safety, availability and scale to my openstack deployment.
Custom application assistance Topology and requirements
evolution
Design review Software Upgrade procedures Day 2 Support for Customized
deployments
Ensure deployment evolution Targeted support expertise for
your customized solution
25© 2013 Cisco and/or its affiliates. All rights reserved.
RedHat OpenStack with Cisco UCS
Cisco OpenStack Installer
To run the install script, copy and paste the following on your command line (as root with your proxy set if necessary as above):curl -s -k -B https://raw.github.com/CiscoSystems/grizzly-manifests/multi-node/install_os_puppet | /bin/bash
With a proxy, use:https_proxy=http://proxy.example.com:80/ curl -s -k -B https://raw.github.com/CiscoSystems/grizzly-manifests/multi-node/install_os_puppet > install_os_puppetchmod +x install_os_puppet./install_os_puppet -p http://proxy.example.com:80/
27© 2013 Cisco and/or its affiliates. All rights reserved.
High Availability OptionThe Cisco OpenStack High-Availability Guide differs from the OpenStack High Availability Guide by providing an active/active, highly scalable model for OpenStack deployments. The architecture consists of the following components used to provide high-availability to OpenStack services
Galera Cluster for MySQL ,RabbitMQ Clustering, RabbitMQ Mirrored Queues, HAProxy, Keepalived
http://docwiki.cisco.com/wiki/COE_Grizzly_Release:_High-Availability_Manual_Installation_Guide
Summary and Next Steps
Cisco offers a complete Compute, Networking and Storage Solution for OpenStack
Cisco provides Advanced and Technical Services to help migrate from Pilot to Production
Please let us know how we can help you with OpenStack by contacting us at [email protected]
More information can be found at www.cisco.com/go/OpenStack
29© 2013 Cisco and/or its affiliates. All rights reserved.© 2010 Cisco and/or its affiliates. All rights reserved. 29
Back Up
Cisco UCS SmartPlay Configurations
Deployment Automation of OpenStack on UCS
Chassis/Server Discovery
Service Profile Association
PXE boot devices deployed
Cobbler database update
Register Nodes Provision UCS Servers
Step 1 : Configuring Nodes using Python SDK
Updates the newly added node info in puppet
Puppet apply
Add hosts/system in OpenStack
Event Listener
PXE boot for initial OS install
RHEL 6.4 installation on bare-metal servers
Sync all the plugins from Puppet Master
Host OS Install
Inventory of nova nodes on controller
VM Provisioning
OpenStack Services Deployment
OpenStack Handover
Hostname / IP address
Logical credentials
Resource allocation preferences Only Point of User Touch
Pre-configure UCS
Step 2 : Cobbler/Puppet based Node Subscription
32© 2013 Cisco and/or its affiliates. All rights reserved.
Cobbler/Puppet based Node Subscription
4. PXE Boot5. Puppet sync
1. Read conf file
2. Apply policies
3. Update Puppet/Cobbler DB
Build Node
Control Node
Compute Nodes (nova-compute, libvirtd)
(glance, scheduler,
API-deamons)
33© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack Compute Nodes Provisioned!
34© 2013 Cisco and/or its affiliates. All rights reserved.
OpenStack Neutron Architecture
Clients Neutron (Formerly Quantum) Service Networks
35© 2013 Cisco and/or its affiliates. All rights reserved.
Getting Started with Cisco Nexus Plugins for NeutronOpenStack Module Structure
/neutron/plugins/cisco/ - Contains the Network Plugin Framework
/client - CLI module for core and extensions API
/common - Modules common to the entire plugin
/conf - All configuration files
/db - Persistence framework
/models - Class(es) which tie the logical abstractions to the physical topology
/nexus - Nexus-specific modules
/test/nexus - A fake Nexus driver for testing the plugin
https://wiki.openstack.org/wiki/Cisco-quantum
36© 2013 Cisco and/or its affiliates. All rights reserved.
Edit ../neutron/conf/neutron.confcore_plugin = neutron.plugins.cisco.network_plugin.PluginV2
[keystone_authtoken]
auth_host = <authorization host's IP address>
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = <keystone admin name>
admin_password = <keystone admin password>
https://wiki.openstack.org/wiki/Cisco-quantum
37© 2013 Cisco and/or its affiliates. All rights reserved.
Configure Database, vSwitch & VLAN Parameters/neutron/plugins/cisco/cisco_plugins.ini file
mysql -u<mysqlusername> -p<mysqlpassword> -e "create database neutron_l2network”
vswitch_plugin=neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
[OVS]
bridge_mappings = physnet1:br-eth1
network_vlan_ranges = physnet1:1000:1100
Tenant_network_type = vlan
https://wiki.openstack.org/wiki/Cisco-quantum
38© 2013 Cisco and/or its affiliates. All rights reserved.
Configure Nexus Switch Credentials/neutron/plugins/cisco/cisco_plugins.ini file
[NEXUS_SWITCH:1.1.1.1]
# Hostname and port used of the node
compute-1=1/1
# Hostname and port used of the node
compute-2=1/2
# Port number where the SSH will be running at the Nexus Switch, e.g.: 22 (Default)
ssh_port=22
# Provide the Nexus credentials, if you are using Nexus switches. If not this will be ignored.
username=admin
password=mySecretPasswordForNexus
https://wiki.openstack.org/wiki/Cisco-quantum