OpenStack is an open source Infrastructure as a Service (IaaS) cloud computing platform launched in 2010 by the US National Aeronautics and Space Administration and the American IT hosting company, Rackspace. OpenStack adopts the same approach as projects such as Eucalyptus, OpenNebula, or Nimbus: It allows you to deploy complete virtualized IT infrastructures for your organization's needs.
The OpenStack project represents other open source projects that together form the building block of the solution. Originally, OpenStack consisted of three projects:
- Nova: A computing service that delivers virtual computing resources.
- Swift: A storage service that delivers object storage.
- Glance: An imaging service that provides ready-to-go operating systems for your cloud.
Given the popularity and the increasing adoption rate of the project within corporate data centers, more solutions became "core" projects, such as Keystone, an identity manager that forms the central authentication mechanism; Horizon, a web interface for managing OpenStack; and lately, Quantum/Melange, a network service that proposes virtual network management for the infrastructure; and Cinder, the block storage as a service project.
The approach OpenStack provides is an easy-to-use and flexible framework for companies looking for a stable environment that fits their or their customers' needs. With the release of Folsom, the Quantum networking project brings the OpenStack solution a step farther by making possible the integration of a software-defined networking layer that permits the creation of complex and advanced infrastructure models. This article introduces the deployment of Quantum and its integration with the other OpenStack core projects.
To better follow the procedures in this article, make sure you have two Kernel-based Virtual Machine (KVM) instances, each with at least 1GB of RAM. (This article doesn't cover the installation of the core project, but refer to Resources for a link to information about installing those components.) Designate the first virtual machine (VM) controller: It will manage most of the services. The second VM, node, will only run your OpenStack instances.
For the first VM, you need at least 10GB of disk space and three network interface cards (NICs). The first one, eth0, manages the VM and connects to Internet; the second NIC, eth1, is for local connectivity between the two VMs. Finally, eth2 is a bridge that OpenStack Networking (code-named Quantum) uses.
For the second VM, you need at least 5GB of disk space and two NICs. The first one, eth0, manages the VM and is optionally connected to the Internet. The second NIC, eth1, is used for local connectivity between the two VMs.
The virtual machines
Your first VM is the controller. It runs the services listed in Table 1.
Table 1. The controller services
|Nova||Compute service||Provides compute resources for your lab|
|Keystone||Identity manager||Provides a central authentication mechanism|
|Glance||Imaging service||Delivers ready-to-use images for your lab|
|Cinder||Block-storage as a Service||Permanent data storage for your instances|
|Horizon||OpenStack dashboard||Configure and manage your lab from a web interface|
|Quantum Server||network as a service||Run detailed virtual networks for your lab|
The second VM, node, provides the computing resources. The controller orchestrates the node's actions, so node requires only those services shown in Table 2.
Table 2. The node services
|Nova-compute||Compute service||Part of the Nova project, which manages instances|
|Quantum, the Open vSwitch agent||network as a service||Run detailed virtual networks for your lab|
The network topology
This section introduces the network topology and VM network configuration for the two servers. Figure 1 shows the environment and basic routing used throughout the processes in this article. The article goes through the configuration of both Quantum and Open vSwitch network services for providing a high-level networking solution.
Figure 1. Network topology
In this setup, as you see for the controller, use eth0 to manage both VMs. Both interfaces communicate through the same LAN network. Eth1 handles the traffic across the two VMs and is dedicated to those instances; that's why you use another LAN. Finally, eth2 is solely used by Quantum for routing the traffic from the instances to the Internet, making them publicly reachable. Use the advanced networking routing solution Open vSwitch to manage bridges over the physical NICs.
Table 3 describes the controller's NICs and the compute node according to this network topology. With a basic understanding of the network topology and configuration, you're ready to install and configure your lab.
Table 3. Configuration of the NICs
|Server||Interface||IP address||Network mask||Gateway|
|* Because Quantum manages this interface, you need not assign an IP address to it.|
Install your controller
To install your system controller, download and install Ubuntu Precise 12.04 x64. (See Resources for a link to information about installing a base operating system for OpenStack.) This operating system is the base operating system for your lab. During the installation, make sure you allocate at least 10GB of disk space for your VM. Choose the default partitioning, and create a user. When the installation is complete, connect to it and start by adding the Folsom repositories to Aptitude (see Resources for a link). Make sure you configure the network according to the information presented in Table 3. Install all the services specified in Table 1.
Install your compute node
To install the compute node, again download and install Ubuntu Precise 12.04 x64. Your node requires only 5GB of hard disk space. Choose the default partitioning, and then create a user. After you add the Folsom repositories and configure the network according to Table 3, install the services specified in Table 2.
With the release of Folsom, OpenStack introduced Quantum as a core service. Quantum is a network as a service project that facilitates the setup of complex and advanced L3 networking models. By leveraging the cloud network configuration, Quantum offers a powerful way of controlling, measuring, and allocating network resources as you would allocate compute resources.
Several clients (command-line interfaces and applications) communicate with the application programming interface extension, which handles the instructions for the plug-ins deployed on your equipment, such as your hypervisors or vSwitches. The hypervisor network stack itself communicates with the Quantum Plug-in Agent interface and manages the routing to your instances. The Quantum Plug-in Agent interacts with Open vSwitch natively for routing the packets through the Open vSwitch bridges. Finally, the Quantum L3 Agent enables Layer 3 forwarding and floating IP support. Figure 2 shows the Quantum service flow.
Figure 2. Quantum service workflow
For your lab, configure Quantum with one router and two subnets linked to two networks. Quantum communicates with Open vSwitch to manage the network routing on your two servers. Table 4 presents the Quantum network model.
Table 4. Quantum network model
|Quantum||Private subnet and network||The network and attached subnet Quantum uses to allocate IP addresses to your instances|
|Quantum||Public subnet||The network and attached subnet for the floating IP addresses|
|Quantum||Router||A virtual router Quantum uses to provide public connectivity to your instances|
For your lab, let's review the relevant settings in the various Quantum configuration files. These settings apply to both the controller and the compute node:
- In /etc/quantum/quantum.conf, enable the Open vSwitch driver by
setting the following configuration option:
core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
- Provide the L3 Agent with the public network and router IDs in
/etc/quantum/l3_agent.ini by setting the following parameters:
router_id = the router id (quantum router-list) gateway_external_net_id = the public network id (quantum network-list)
- In /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini, use
the controller Quantum database by configuring the following settings:
sql_connection = mysql://ovs_quantum:firstname.lastname@example.org/ovs_quantum
Open vSwitch configuration
Open vSwitch is an advanced network management solution for your server. You deploy and connect it to Quantum to create a robust and flexible network for your cloud. According to the settings presented earlier (refer to Network topology for a reminder), three Open vSwitch bridges are required, as shown in Table 5.
Table 5. Open vSwitch bridge configuration
|Bridge name||Physical interface||Details|
|br-int||None||Integration bridge (the bridge to which all your instances connect before being routed according to their network connectivity.)|
|br-ex||eth2||Used by Quantum to make your instances reachable from the Internet (this bridge is created only on the controller.)|
|br-eth1||eth1||Configuration bridge (this bridge is used to configure your instances.)|
Figure 3 presents the Open vSwitch implementation within your lab. The controller has three bridges; the node has only two bridges. The controller has the extra br-ex bridge, which ensures network routing to the outside network. Create your bridges according to the model shown in Figure 3.
Figure 3. Open vSwitch networking model
Folsom introduces a new version of Horizon (formerly openstack-dashboard), which is a web user interface for managing your cloud. This release provides a tight integration of Quantum and Cinder: You can manage Cinder volumes and Quantum subnets, networks, ports, and instance attachments directly from Horizon.
Horizon interacts natively with the authentication service Keystone for retrieving services endpoints and managing tokens, making the integration a smooth process. Figure 4 presents the Cinder management interface. From it, you can allocate volumes to your instances.
Figure 4. Horizon's Cinder management interface
Figure 5 presents the Quantum integration interface. From the Networks tab, you can easily create networks, routers, and subnets for your tenant, as shown in Figure 6.
Figure 5. Horizon's Quantum interface
Clicking Create Network opens the window shown in Figure 6.
Figure 6. Horizon's Quantum Network Creation window
Figure 7 shows the details for your network. Horizon provides detailed information about the ports, the allocated IP addresses, and the status of your Quantum ports.
Figure 7. Horizon's Quantum network details
Spawn your first instance
Finished with setup, you're now fully able to run and delete instances, allocate storage to them, and make your instance publicly available. When you have spawned your first instance (see Resources for TTYLinux test images) and added security rules, you can assign it a Quantum floating IP address.
Allocate a floating IP address
To allocate a floating IP address:
- Add a floating IP address to your pool:
quantum floatingip-create ext_net <your external network>)
- Retrieve the instance network port ID:
quantum port-list -- --device_id <instance id>
- Retrieve the floating IP ID you created previously by running the
- With the two IDs you retrieved, perform the IP allocation:
quantum floatingip-associate floating IP idinstance port id
Throughout this article, you discovered and deployed the new OpenStack Folsom release. This article covered basic deployment of all core components, especially Quantum and the Open vSwitch networking solution, which is not part of the project itself, although the level of integration with OpenStack makes it possible to deploy advanced routing and networking setups.
You can use your lab for a proof of concept environment, for testing the new Folsom features or the functionalities of the new version. The Folsom release enhances the your infrastructure experience by providing a set of blocks that you can tweak easily and that is highly customizable through numerous options and parameters, building out a reliable and secure IaaS solution for your customers.
- The OpenStack website is the unique source for information on the OpenStack family of projects, news on community projects, documentation, and everything else related to OpenStack.
- The OpenStack documentation assists and guides you in the deployment and configuration of your cloud. The documentation covers a wide range of topics, from basic operating system installation to advanced service configuration.
- Folsom Release Notes presents all the features that have been integrated into the Folsom release.
- The OpenStack Nova and Quantum presentation by Nicira is a brief presentation on the integration of Quantum within OpenStack and how that project enhances network integration.
- The blog, OpenStack Cloud Storage Services: First Look at Folsom's Cinder project, by Mirantis introduces the new Cinder Block-storage as a Service project.
- "Cloud computing and storage with OpenStack" (M. Tim Jones, developerWorks, August 2012) presents the benefits of using OpenStack, among other IaaS solutions.
- At the official IBM OpenStack blog, you can find advanced information about the different OpenStack projects.
- Create your developerWorks profile today and set up a watch list for topics that interest you. Get connected and stay connected with the developerWorks community.
- In the developerWorks cloud developer resources, discover and share knowledge and experience of application and services developers building their projects for cloud deployment.
- Follow developerWorks on Twitter.
- Watch developerWorks demos ranging from product installation and setup demos for beginners to advanced functionality for experienced developers.
Get products and technologies
- Check out the Folsom repositories to Aptitude.
- Ubuntu Precise Pangolin is the official Ubuntu project website, from which you can get the Ubuntu Precise operating system.
- With small TTYLinux images, you will be able to spawn a system for testing your lab.
- Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, use a product in a cloud environment, or spend a few hours in the SOA Sandbox learning how to implement service-oriented architecture efficiently.