Post on 13-Feb-2017
transcript
A Cloud StoryBased on true events
Red Hat ItalySolution Architects and Sales Team
AGENDA
❏ Introduzione: Una storia basata su fatti realmente accaduti❏ Massimo Scipione - Cloud Sales Specialist
❏ L’architettura per ospitare le applicazioni - Openshift❏ Luca Villa - Solution Architect
❏ La piattaforma IaaS come punto di partenza - Openstack❏ Mattia Gandolfi - Solution Architect
❏ SDS - Storage scalabile - Ceph❏ Pier Luigi Quidacciolu - Solution Architect
❏ Come gestire il nuovo datacenter - CloudForms & Ansible❏ Fabrizio Pezzella - Solution Architect
Service dismission
Negotiation
Compatibility
Integration
No influence on technology update
No influence on innovation
...
Commodity
Time consuming resources
Unpredictable peak and usage
One shot events
...
Open
Open Source
Developers Operations
PaaS IaaS Storage CMP
4 Pillars
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
Vmware
Microsoft Hyper-V
Amazon Web Services
Microsoft Azure
Google Cloud
L'architettura per ospitare le applicazioni
Openshift
Luca Villa - Senior Solution Architect - luca@redhat.com
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
Vmware
Microsoft Hyper-V
Amazon Web Services
Microsoft Azure
Google Cloud
● Hit the market quickly● High services availability● Handle load peaks well● Lower investment costs (CAPEX)
Business
● Hit the market quickly● High services availability● Handle load peaks well● Lower investment costs (CAPEX)
Business
● App environment consistent from Dev to Prod● Immediate availability of new Dev environments● Effective integration with my preferred dev tools● More flexibility about configuration of environments● Streamline CI/CD process● Self-serviceDev
● Hit the market quickly● High services availability● Handle load peaks well● Lower investment costs (CAPEX)
Business
● App environment consistent from Dev to Prod● Immediate availability of new Dev environments● Effective integration with my preferred dev tools● More flexibility about configuration of environments● Streamline CI/CD process● Self-serviceDev
● Keep control of provisioned environments● Better/Optimal resource utilization (to reduce costs)● Keep apps isolated / separated● Non - proliferation of platform flavours● Quick response to threats without impacts on production● ChargebackOps
MODERN APP DEV
SUCCESS == BIZ ←→ IT
MODERN APP DEV
SUCCESS == BIZ ←→ IT
MOREWe want to get
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
Using LESS
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
Using LESS
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
WithLESS
LOWER
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
LESS
LOWER
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
LESS
LOWER
Platform
ArchitectureProcess
CLOUD
NEXT-GENAGILE
MODERN APP DEV
SUCCESS == BIZ ←→ IT MORE
LESS
LOWER
Platform
ArchitectureProcess
CLOUDHybrid
NEXT-GENMicroservices
AGILEDevOps
I.T. CAN TURN OPS AND DEV INTO DEVOPS
“DevOps is a software development method that stresses communication, collaboration and integration between software developers and information technology (IT) professionals.”[1]
[1] http://en.wikipedia.org/wiki/DevOps
TOOLS ARE OUR FIRST TACTIC IN IMPLEMENTING A DEVOPS WORKFLOW
Openshift in action… part one
Critical features for both Dev and Ops
Community Powered Innovation
OpenShift 3
PHYSICAL INFRASTRUCTURE
RED HAT ENTERPRISE LINUX
ATOMIC RUNTIME & PACKAGING
ATOMIC HOST
ATOMIC NETWORKING
ATOMIC SECURITY
ATOMIC STORAGE
ATOMIC REGISTRY
ATOMIC TELEMETRY
ATOMIC ORCHESTRATION ATOMIC CLUSTER SERVICES
OPENSHIFT SERVICES OPENSHIFT SERVICE CATALOG
OPENSHIFT SELF-SERVICE
OPENSHIFT APPLICATION LIFECYCLE AUTOMATION
OPENSHIFT BUILDS OPENSHIFT DEPLOYMENTS
ATOMIC AUTOMATION ATOMIC COCKPIT
CONTAINER CONTAINERCONTAINER CONTAINER CONTAINER
10,000ft View
● From Red Hat
● From ISV Partners
● From the Community
OpenShift Application Services
● JBoss Enterprise Application Platform
● JBoss Web Server / Tomcat
● JBoss Developer Studio
● Fuse● A-MQ● Data Virtualization
● Business Process Management
● Business Rules Management System
● Red Hat Mobile / FeedHenry
Application Container Services
IntegrationServices
BusinessProcess Services
MobileServices
JBoss Middleware Services on OpenShift
Code
Deploy
Build
Can configure different deployment strategies like A/B, Rolling upgrade, Automated base updates, and more.
Can configure triggers for automated deployments, builds, and more.
Source 2 Image Walk Through
An interactive community for all OpenShift PaaS Users, Customers, Contributors, Partners,
Service Providers and Developers to share ideas, code, best practices, and experiences.
More at http://commons.openshift.org/
OpenShift Commons
OPENSHIFT USE CASES FOR DEV(ops)
Development teams can easily provision environments without requiring any manual actions
Development teams can run severals versions of the same application at the same time
Enabling development of cloud applications using reusable micro-services
Applications behavior in a container will be the same in small or large environment
Increase Innovation by enabling business units to test ideas without engaging lots of $
OPENSHIFT USE CASES FOR (dev)OPS
Using OpenShift will accelerate and automate deployments - DevOps
Standardize applications stack in production but keep innovation in development
The Operation team can densify the number of applications per physical resource
Network is configured at the OpenShift level and routing is managed by the underlying orchestration layer Kubernetes
PaaS platform OpenShift is agnostic regarding underlying Infrastructure
Stateless applications will benefit from the platform HA & horizontal scaling mechanism automatically
Openshift in action… part two
IaaS come punto di partenza
OpenStack
Mattia Gandolfi - Principal Solution Architect - mattia@redhat.com
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
Vmware
Microsoft Hyper-V
Amazon Web Services
Microsoft Azure
Google Cloud
WHAT IS
Private cloud
Public cloud
Software defined infrastructure
Open source
Fastest innovation
Avoid vendor lock-in
Open standard APIs
Rich solutions ecosystem
Backed by all major IT vendors
?
MODULAR BY DESIGN
WHAT IS ?
I need to scale outOpenShift, give me an
additional compute nodeThank you OpenStack!Here is your
compute node VM
I want an additional compute node VM
Please authenticate
with your credentials
Credentials verified. Here’s a token to talk to
other OpenStack services
Nova
Ok, we need to find a
place to run this VM
Nova
Ok, you can run it here
Neutron, please setup network
for this VM
I’ve enabled network policy for your VM. Here is
your interface
Nova
Cinder, please create persistent
storage for this VM
Created, you can mount it OpenShift
NovaHey Glance, can I get RHEL Atomic Host image?
Thank you OpenStack!
It’s alive!
Here is your additional compute
node VM
Cinder
Neutron
Glance
OPENSHIFT ON OPENSTACKARCHITECTURE
in action…
SDS - Storage scalabile
Ceph
Pier Luigi Quidacciolu - Senior Solution Architect pquidacc@redhat.com
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
Vmware
Microsoft Hyper-V
Amazon Web Services
Microsoft Azure
Google Cloud
WHAT IS SOFTWARE-DEFINED STORAGE?
SERVER-BASED CENTRALIZED CONTROL OPEN ECOSYSTEM
Designed for cloud infrastructure and emerging workloads
Flexible, scale-out architecture.
Open, software-defined, on clustered commodity hardware.
Single, efficient, unified storage platform (object, block, file)
100% lifecycle management with API Integrated, easy-to-use management console
Distributed, enterprise-grade storage for cloud.
Ceph Storage 2 Features
EFFICIENCY Erasure coding, Thin provisioning
SCALABILITYHundreds of nodes CRUSH algorithm
PERFORMANCEClient-side cachingServer-side journaling
SECURITYActive Directory, LDAP, Keystone
PROTOCOLSS3, Swift, Cinder block storage
DATA SERVICESSnapshots, cloning, and copy-on-writeRBD Mirroring
Complete, Deeply Integrated Storage For Openstack
● Seamlessly integrated with modular architecture and components for ephemeral & persistent storage
➢ Nova, Cinder, Manila, Glance, Keystone, Swift
● Speed – instant booting and back-ups● Bundled in Red Hat OpenStack Platform
New Integrated Management With Red Hat Storage Console 2
• Easy to use graphical interface to manage storage cluster life cycle
• Ansible-based deployment tools for installation, importation, and granular configuration from CLI or GUI
• Monitoring and troubleshooting with statistical and graphical information about cluster components
RADOS. RGW, RBD, CALAMARI
RED HAT STORAGE CONSOLE 2
CLUSTER OF STANDARD SERVERS AND MEDIA
CLIENTSADMINS
Ceph in action…
Ansible playbooks allow users to add or update monitor, OSD, Ceph Object Gateway, and Ceph Metadata Server nodes.
Major Updates in Red Hat Ceph 2.0
SELinux is enabled by default for all nodes, except for the storage console
Allows users to install, monitor, and manage a Red Hat Ceph Storage cluster.
Ceph Storage now supports an active-active zone configuration of Ceph Object Gateways.
The RADOS Block Device asynchronous mirroring feature, between two Clusters, has been added to the Ceph Storage 2.
Ceph Storage now supports LDAP/MS-AD authentication also to access buckets in the Ceph Object Gateway.
Installation by Ansible
SELinux
Storage Console
Multi-site Object GW
RBD Mirroring
AD/LDAP Auth
BlueStore is a new back end for the OSD daemons that allows for storing objects directly on the Ceph block devices. Because BlueStore does not need any file system interface, it improves performance of Ceph storage clusters.
Tech Preview
The Ceph Object Gateway now includes a new NFS interface that presents buckets and objects as directories and files. The main purpose of this new functionality is to facilitate migration from POSIX applications and workloads to the Ceph Object Gateway.
The Ceph File System (CephFS) and Ceph Metadata Server (MDS) have been added as Technology Preview features.The Ceph File System is a POSIX-compliant file system that uses the Ceph Storage Cluster to store its data. CephFS can be mounted with a kernel driver or as a file system in user space (FUSE).
OSD BlueStore
NFS interface for the Ceph Object Gateway
CephFS and Metadata Server (MDS)
Come gestire il "nuovo" Data Center?
CloudForms + Ansible
Fabrizio Pezzella - Solution Architect - fabrizio@redhat.com
SOFTWARE DEFINED NETWORKING
SOFTWARE DEFINED STORAGE
CONTAINER PLATFORM
CLOUD MANAGEMENT PLATFORM
Policy & compliance
Service automation
Operational visibility
Unified hybrid management
VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD
Vmware
Microsoft Hyper-V
Amazon Web Services
Microsoft Azure
Google Cloud
Gartner defined a Cloud Management Platform as
integrated products that provide for the management of public, private and hybrid cloud environments. The minimum requirements to be included in this category are products that incorporate self-service interfaces, provision system images, enable metering and billing, and provide for some degree of workload optimization through established policies.
http://www.gartner.com/it-glossary/cloud-management-platforms/
Cloud Management Platform Definition
Configuration and Change Management
Physical Infrastructure
Capacity and Performance Management
Virtual Infrastructure
Chargeback
Self-Service Provisioning and Service Catalog
Ente
rpris
e Se
rvic
e M
anag
emen
t
Iden
tity
and
Acc
ess
Man
agem
ent
Orc
hest
ratio
n
Exte
rnal
Clo
ud B
roke
ring
Virtual Infrastructure Management
Cloud Management Platform
CLOUDFORMS delivers services across
Environments
SERVICE AUTOMATION
Complete lifecycle and operational management that allows IT to remainin control.
POLICY &COMPLIANCE
Deploy across virtualization, private cloud, public cloud and container-based environments.
UNIFIED MANAGEMENT
Draws on continuous monitoring and deepinsights to raise alertsor remediate issues.
Streamline complex servicedelivery processes, saving time and money.
OPERATIONALVISIBILITY
CLOUDFORMS FEATURES
AGENTLESS,VIRTUAL APPLIANCE
WEB-BASED, SELF-SERVICE,ADMIN AND OPERATIONS
MULTI-TENANT ANDMULTI-LOCATION
ROLE-BASED ACCESS CONTROL AND ENTITY TAGGING
HORIZONTALLY SCALABLE,LOAD-BALANCED
PLUGGABLE APIFRAMEWORK
NON-INVASIVE, EASY MAINTENANCE ACCESS FROM ANY BROWSER SECURELY SHARE INFRASTRUCTURE
SEGMENT USER ACCESS AND DRIVE
COMPLIANCE, CONTROL AND REPORTING
HIGHLY SCALABLE, HIGHLY AVAILABLE WITH
FAILOVER AND FALLBACK
EASY TO INTEGRATE AND
EXTENSIBLE TO OTHER PLATFORMS
Always as project Open Source
http://manageiq.org/
VIRTUALIZATION
PRIVATECLOUD
PUBLIC CLOUD
CONTAINERS
UNIFIED HYBRID MANAGEMENT WITH CLOUDFORMS
We have one management system forall of our platforms.
We have consistent automation & poli-cies that are common across platforms.
CloudForms agentless management is designed for cloud/container workloads.
● Private: Red Hat Enterprise Virtualization, Red Hat OpenStack Platform, Red Hat OpenShift Enterprise, VMware vSphere, Microsoft SCVMM
● Public: Amazon EC2, Microsoft Azure, Google Compute Engine
● Hybrid: Any combination of the above
● Bare Metal: Red Hat Satellite
Open Hybrid Cloud Management
CloudForms in action...
How best reach a unicorn level in Automation?
What is Ansible?
It’s a simple automation language that can perfectly describe an IT application infrastructure in Ansible Playbooks.
It’s an automation engine that runs Ansible Playbooks.
Why Ansible?
SIMPLE POWERFUL AGENTLESS
Human readable automation
No special coding skills needed
Tasks executed in order
Get productive quickly
App deployment
Configuration management
Workflow orchestration
Orchestrate the app lifecycle
Agentless architecture
Uses OpenSSH & WinRM
No agents to exploit or update
More efficient & more secure
● 17,500+ stars & 5,300+ forks on GitHub
● 2000+ GitHub Contributors
● Over 450 modules shipped with Ansible
● New contributors added every day
● 1400+ users on IRC channel
● Top 10 open source projects in 2014
● World-wide meetups taking place every week
● Ansible Galaxy: over 7,000 Roles
● 250,000+ downloads a month
● Ansible Fests in NYC, SF, London
The most popular Open-Source automation community on GITHUB
http://galaxy.ansible.com
What is Ansible Tower?
Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a
UI and RESTful API.
Automated provisioningCloudForms Orchestrate + Ansible Automate
● Automatically deploys and configures requested services on any infrastructure platform.
● Automation steps can be codified in Ansible playbooks or natively in CloudForms.
● Integration to external IT systems allows CloudForms to automate all process steps.
at the End… :-