《osac2012-120813092654-phpapp01.ppt》由会员分享,可在线阅读,更多相关《osac2012-120813092654-phpapp01.ppt(28页珍藏版)》请在三一办公上搜索。
1、ITRI Cloud Operating System and OpenStack,Tzi-cker Chiueh 闕志克Cloud Computing Research Center for Mobile Applications(CCMA)雲端運算行動應用研究中心,1,Cloud Data Center Solution,Renting rather than buying IT infrastructure Build-up of cloud-scale data centers Need for inexpensive integrated cloud data center solu
2、tions The user pain point:integrationIs it possible to build a cloud data center like“take a HW box,install OS on it,and have an AWS-like IaaS ready to go”?A total IaaS solution for both public and private clouds,2,3,IEL Load BalancingTraffic ShapingIntrusion DetectionNAT/VPN,Compute Server,StorageS
3、erver,Container Computer Architecture,Photo SharingVDC,Provision and Deploy,Monitor and ConfigureVirtual Resources,Video StreamingVDC,Web ConferenceVDC,Physical Cluster,Virtual Data Center Management,Physical Data Center Management,ITRI Cloud OS,Cloud Application DeveloperCloud Service Provider,Clou
4、d Service Infrastructure AdministratorCarrier,Monitor,Diagnose and ConfigurePhysical Resources,What is Cloud OS?,CHT,PCHome,Cloud OS Service Model,Virtual data center consists of one or multiple virtual clusters,each of which comprises one or multiple VMsUsers provide a Virtual Cluster specification
5、No.of VM instances each with CPU performance and memory size requirementPer-VM storage space requirementExternal network bandwidth requirementSecurity policyBackup policyLoad balancing policyNetwork configuration,e.g.public IP address and private IP address rangeOS image and application image,2012/8
6、/11,OpenStack APAC Conference 2012,6,VDCM Assets(VDC,VC,VM),2012/8/11,OpenStack APAC Conference 2012,7,PDCM Event Monitor,2012/8/11,OpenStack APAC Conference 2012,8,PDCM Network Topology,Key Cloud OS 1.0 Features 1,Physical resource management(PRM):BIOSCentralized installation of all systems softwar
7、eStart up,shut down,and recover a data center computerData center storage management:file managementMain storage(DMS):Forming a highly available global storage pool from:a set of commodity JBOD storage serversSecondary storage(DSS):Offering streamlined disk-based snapshot/backup with configurable po
8、licy,and scalable de-duplicationVirtualization management:process managementResource provisioning management(RPM):allocate physical data center resources for a given virtual data center and auto-scalingDynamic virtual resource management(DVMM):use VM migration to support consolidation,load balancing
9、 and high availability,Key Cloud OS 1.0 Features 2,Physical data center management(PDCM):system administrationComprehensive SNMP-based monitoringIntegrated virtual/physical resource mapping viewUnified event loggingIntegrated trouble ticking supportVirtual data center management(VDCM):system adminis
10、tration VDC/VC/VM specificationReal-time resource usage and performance monitoringSecurity:securityInter-VDC isolationCentralized L3 and distributed L7 and web application firewallingInternet edge logicSupporting inter-VM load balancing within a VCDDoS attack mediationDistributed traffic shaping,Sec
11、urity(Checkpoint),System Integration(IBM),Server Load Balancing/Traffic Shaping(F5),Servers(HP),Networks(Cisco),Storage(Seagate),Building Cloud Data Center,(XXX):represents leaderIn the corresponding space,Physical Data CenterManagement(Tivoli),Virtual Data CenterManagement(CA),11,Security(ITRI),Sys
12、tem Integration(ITRI),Internet EdgeLogic(ITRI),Servers(commodity),Networks(commodity),Storage(commodity),ITRI Cloud OSs Way,Physical Data CenterManagement(ITRI),Virtual Data CenterManagement(ITRI),12,N-way data replication vs.RAIDEnd to end data availability:disk,server,and network failuresPeriodic
13、snapshots for local data backup with de-duplicationWide-area data backupSnapshot frequency:a couple of hours to daysWide-area data replication(Cloud OS 2.0)Snapshot frequency:a couple of seconds to minutes,Strong Data Protection,13,High availability support for Cloud OS subsystemsActive-passive:Linu
14、x HA+DRBD+edit logging/recoveryActive-active:MySQL and server load balancerDisk state-preserving fail-over for applications running inside VDCsShared persistent state+VM restart+take-overMemory state-preserving fail-over for applications running inside VDCs(Cloud OS 2.0)Shared memory/persistent stat
15、e+VM resume+take-over,High Availability,14,Multi-Dimensional Load Balancing,15,Multi-homing load balancing,Intra-VDC inter-VM load balancing,Network-wide link-level load balancing,Inter-physical-server load balancing,Thermal capacity load balancing,Inter-storage-server load balancing,Cloud Security,
16、16,Any security breaches that are possible for a physical data center are equally likely for a virtual data centerL4/L7 and Web Application FirewallNew security concernsInterference between tenants on the same physical machinesInter-VDC isolation vs.VLAN isolation,OpenStack,17,Open Stack core:Nova:V
17、M provisioningGlance:VM image upload and delivery Swift:Object data storageRPM vs.NovaBoot from remote cloned volumeDynamic load balancingPower consolidationDedicated physical machine poolAuto-scaling,create/start/stop/delete/migrate VMs,OpenStack-Compatible Cloud OS,NetworkAPI,Cloud OS 2.0,OpenStac
18、k Compatible:Novas compute,volume and network APIOpenStack web service APITarget date:10/1/2012Data center federation:Support for multi-site data centersNetwork virtualization:Support for hybrid cloudWide-area data replicationMemory de-duplication,Cloud Data Center Network,20,Cloud data centers are
19、Big and Shared Scalable and available data center fabricsNot all links are usedNo load-sensitive routingFail-over latency is high(5 seconds)Network virtualization:Each virtual data center(VDC)gets to define its own networkAll VMs in a VDC belong to one flat subnetEach VDC has its own private IP addr
20、ess spaceEach VDC has a set of public IP addresses Each VDC has a set of external VPN connections Per-VDC Internet traffic shaping policy,intra-VDC and inter-VDC firewalling policy,and server load balancing policy,Peregrine,21,A unified Layer-2-only network for LAN and SACentralized control plane an
21、d distributed data planeUse only Commodity Ethernet switches Army of commodity switches vs.few high-port-density switchesRequirements on switches:run fast and has programmable routing tableCentralized load-balancing routing using real-time traffic matrixSupport for incremental and QoS-aware routing
22、Fast fail-over using pre-computed primary/back routesNative support for network virtualizationPrivate IP address space reuseMulti-tenancy VPN,NAT and traffic shapingIntra-VDC or inter-VDC firewall,Software Architecture,22,Load Balancing Routing,23,Collection of real-time traffic matrixTraffic volume
23、 between each pair of VMsTraffic volume between each pair of PMsLoad balancing routing algorithmLoads on the physical linksNumber of hopsForwarding table entriesPrioritizationComputed routes are installed on switches,When a Network Link Fails,27,Private IP Address Space Reuse,25,Requirement:Every VD
24、C has a VDC ID and its own full 24-bit private IP address space(10.x.x.x),even though multiple VDCs run on top of the same data center networkTwo approaches:Ethernet over TCP/UDP:Every Ethernet packet is encapsulated inside an TCP/UDP packet or TCP/UDP connection as an Ethernet linkNeeds to implemen
25、t in software such Ethernet switch functions as source learning,flooding,VLAN,etc.Can work with arbitrary IP networksMulti-tenancy-aware IP-MAC mapping:our approachRuns directly on L2 networks,no need for Ethernet switch emulationInter-virtual-data-center isolation,Peregrine Summary,26,Peregrine is
26、a network system technology,not a network device technology,and consists of A hypervisor module running on every compute nodeA route server and an ARP server A VDC-aware VPN Runs directly on commodity Ethernet switches and NICs:fully leverages the benefit of I/O virtualization,which encourages direc
27、t NIC access from VMUnder development:Refactor Peregrine as a Quantum plug-in,Cloud computing is all about consolidation of IT infrastructures and usage-based resource allocationData center as a computer paradigmCloud-scale data center industry is emergingIntegration is a real user pain point An int
28、egrated solution with lesser components is much more desirable than an un-integrated set of more capable components ITRIs integrated data center solution,Container Computer 1.0+Cloud OS 1.0,is expected to provide 70%of the functionalities at 1/3 cost of leading solutions from US Virtual data center service abstraction,Conclusion,Thank You!Questions and Comments?,tccitri.org.tw,
