Nova: Openstack Compute-as-a-service

Red Hat Openstack and Ceph Meetup, Pune | 28th NOV 2015 | pbandark@redhat.com
Nova: Openstack
Compute-as-a-service
Pratik Bandarkar
pbandark@redhat.com
Red Hat Openstack and Ceph Meetup, Pune 28th November 2015

➢ Agenda
● What is NOVA ?
● NOVA architecture
● How instance are spawned in Openstack ?
● Interaction of nova with other openstack projects like neutron,
glance and cinder.

➢ OpenStack Components:

➢ What is NOVA ?
○ Nova is responsible for the life cycle management of instance.
○ Nova is built on a shared-nothing, messaging-based
architecture.
○ Supports multiple hypervisors (KVM, Xen, LXC, Hyper-V, ESX)
○ Nova itself is not any virtualization software.

➢ NOVA components:
NOVA API
NOVA
Conductor
NOVA
Compute
NOVA
ConsoleAuth
NOVA
novncproxy
NOVA
Scheduler
messagequeue● Supported queueing backends: RabbitMQ, Qpid and ZeroMQ

➢ NOVA API:
○ nova-api is responsible to provide an API for users and
services to interact with NOVA
○ For ex. Spawning the instance from Horizon / NOVA CLI.
2015-11-03 09:23:40.831 30260 DEBUG nova.api.openstack.wsgi [req-9ef90fc4-4b74-410d-9d95-e60cbab2d4da
69425be5606c49738cdfb25cda921cf6 ae986eddd92746b2bf38faf60f64b28e - - -] Action: 'create', calling method:
<bound method Controller.create of <nova.api.openstack.compute.servers.Controller object at 0x66b78d0>>, body:
{"server": {"name": "pbandark", "imageRef": "ac6818ea-0a99-4949-8581-dff1f6441254", "flavorRef": "1",
"max_count": 1, "min_count": 1, "networks": [{"uuid": "0264f5cf-f327-4760-b0e4-13843545bdec"}]}}
_process_stack /usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py:780

➢ NOVA Scheduler:
○ Using Filters dispatches requests for new instance to the correct node.

➢ openstack-nova-compute:
○ Acts as a compute agent. Interacts with the Hypervisor to launch/manage instances
and ensures that the state is maintained in the Compute database.

➢ openstack-nova-conductor: Provides database-access support for Compute
nodes (thereby reducing security risks).
➢ openstack-nova-consoleauth: Handles console authentication.
➢ openstack-nova-novncproxy: Provides a VNC proxy for browsers (enabling
VNC consoles to access virtual machines).

Launch New Instance from Horizon
Flavor ?

What is flavor ?
➢ Virtual hardware templates are called "flavors" in OpenStack, defining sizes for RAM, disk,
number of cores, and so on..

keypair ?
security group ?

What is keypair and security group ?
➢ Keypair: On standard cloud images of Linux operating systems like Ubuntu and Fedora
SSH access is restricted to public key authentication. Instead of authenticating with a
password you authenticate with a private key that corresponds to a public key that is
installed on the instance.
➢ Security groups are sets of IP filter rules that are applied to an instance's networking. i.e.
we can filter the network traffic which should allow/deny. For ex. Deny “ssh” access to any
specific instance.They are project specific, and project members can edit the default rules
for their group and add new rules sets. All projects have a "default" security group, which
is applied to instances that have no other security group defined.

➢ Required details to boot instance:
○ instance name
○ glance image
○ flavor ID
○ network ID
➢ NOVA call to boot an instance:
[root@dhcp209-220 ~]# nova boot --flavor 1 --image 2d946232-5773-48df-b8bb-7677f8b6e0fe --nic net-
id=97bd405a-77e3-4ef8-836e-8ad1ddb3ee63 pratik_test_instance
➢ Various other operations can be performed by NOVA:
○ nova resize
○ nova migrate
○ nova live-migration(shared storage/non-shared storage)
○ nova host-evacuate
○ nova rebuild
○ nova suspend
○ nova image-create
○ nova reboot (hard/cold)
[...]

REQ: curl -i 'http://10.65.234.1:5000/v2.0/tokens' -X POST -H "Accept: application/json" -H "Content-Type:
application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials":
{"username": "admin", "password": "{SHA1}121c3faea23dd4467fc992f1b77f6eacf8587ed5"}}}'
➢ NOVA call for authentication with keystone:
○ It provides authentication token along with service catalog.

➢ Keystone response(token + service catalog) :
RESP BODY: {"access": {"token": {"issued_at": "2015-05-30T11:05:03.054462", "expires": "2015-05-30T12:05:03Z", "id": "{SHA1}
7781e321bfbfbf909ae44027ef60cb92ccce8f2e", "tenant": {"enabled": true, "description": "admin tenant", "name": "admin", "id":
"97787e34dc0d4f2b8fc04034eed3594c"},
"serviceCatalog": [{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "region":
"RegionOne", "publicURL": "http://10.65.234.1:8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "internalURL": "http://10.65.234.1:
8774/v2/97787e34dc0d4f2b8fc04034eed3594c", "id": "42142cca01fd4bc382ac9f95c204e116"}], "type": "compute", "name": "nova"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:9696/", "region": "RegionOne", "publicURL": "http://10.65.234.1:9696/", "internalURL":
"http://10.65.234.1:9696/", "id": "466354cac1094127ac0617cf75dd1494"}], "type": "network", "name": "neutron"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:9292", "region": "RegionOne", "publicURL": "http://10.65.234.1:9292", "internalURL": "http:
//10.65.234.1:9292", "id": "43c49fe7dd8f4315af848b48a53021c1"}], "type": "image", "name": "glance"},
{"endpoints_links": [], "endpoints": [{"adminURL": "http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "region": "RegionOne", "publicURL":
"http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "internalURL": "http://10.65.234.1:8776/v1/97787e34dc0d4f2b8fc04034eed3594c", "id":
"30ce33a6d05e4a80b8a0e22ada52abdb"}], "type": "volume", "name": "cinder"},
[...]

➢ What can be different options to store instance disk ?i.e Backend for NOVA:
○ Locally on the compute node
○ NFS
○ Distributed Storage (CEPH/Gluster)
_____________________________________________________________________________________
[root@dhcp209-220 ~(keystone_admin)]# ls /var/lib/nova/instances/f79f233c-d8a6-44ca-9b3b-334752b9f2f3/
console.log disk disk.info libvirt.xml
[root@dhcp209-220 ~(keystone_admin)]# qemu-img info disk
image: disk
file format: qcow2
virtual size: 100.0G (107374182400 bytes)
disk size: 2.5M
cluster_size: 65536
backing file: /var/lib/nova/instances/_base/1c7dfed9069cbb5d99fe7ebfb8f45bbc5ab93585
Format specific information:
compat: 1.1
lazy refcounts: false

Communication flow when you spawn new
instance

Horizon Keystone
Nova API Database
Nova Conductor
Nova Scheduler
NOVA
Compute
‘A’
NOVA
Compute
‘B’
NOVA
Compute ‘C’
Glance
Server
Cinder
Server
Neutron
Server
-openstack-
glance-api
-openstack-
glance-registry
-openstack-cinder-
api
-openstack-cinder-
scheduler
-openstack-cinder-
volume
-neutron-server
-neutron-l3-agent
-neutron-dhcp-agent
-l2 agent
-openstack-nova-compute
-neutron-openvswitch-agent
3. Sending API
request
1. Authentication Request
2. Authentication ACK & validates if provided
data is correct.
4. Update DB
7. Selects compute Host
5.
6.
8.Update
DB
Update DB
9. Request for glance image
10.Glance Image download
11. create port(allocate MAC - IP)
12. Notify L2 agent
13. configure local VLAN, OVS flows
15. port up(RPC: Neutron to NOVA)
iscsi session
14. send port up notification (RPC: l2 agent to Neutron)
16. instance booted.

Nova/Cinder/Glance
librbd
librados
OSDs Monitors
Placement Groups
Communication flow with CEPH backend for Nova/Cinder/Glance

Nova: Openstack Compute-as-a-service

Related slideshows

More Related Content

Nova: Openstack Compute-as-a-service