| Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2
| Agenda What is OpenStack Oracle and OpenStack Oracle's Value add for OpenStack Implementations The Oracle OpenStack Integration into Oracle Solaris 1 2 3 4 4
| What is OpenStack? Open source software for managing private and public clouds • A set of distributed services which control compute, storage, network, identity management, orchestration, and much more – Open source – Driven by a global community • Initial focus on Iaas, evolving into PaaS and SaaS • Single management dashboard • Open standardized API’s 9
| OpenStack History • Joint Project Launched by RackSpace and NASA in July 2010 • Evolved to Non-profit corporate entity in September 2012 – Kick-off Design Summit in Austin, TX: 2010 • 25+ Companies, 100+ Advisors, Developers, and Founding Members • Grown to 300+ Companies and Organizations – Oracle joined in December 2013 as Corporate Sponsor – Oracle Sponsors OpenStack Foundation; Offers Customers Ability to Use OpenStack to Manage Oracle Cloud Products and Services • http://www.oracle.com/us/corporate/press/2079843 17
| What OpenStack is not… • Out-of-the-Box Ready to Use – Lots of work to configure underlying infrastructure • Overall integration – Bare-metal, network topologies, OS templates and images, security – Distribution and implementation specific customizations • Lots of moving parts – Servers, Storage, Networking, Virtualization, OS, Security, Management, Integration, etc. • Dependent on expertise, experience, vendors, maturing technology – Engineering versus Consulting 19
| What OpenStack is not… (Continued) • Mature – Aggressive release cycle; short support lifespan – New features and capabilities continue to be released – Update capability is limited, often “rip and replace” – However, it is improving • Free – OpenSource does not mean free – Large investment to set up and support environment 20
| OpenStack Services Overview of Core Components Component Description Nova Compute virtualization Cinder Block storage Neutron Software defined networking Keystone Authentication between cloud services Glance Image management and deployment Horizon Web based dashboard Swift Object storage 22
| What is OpenStack? OpenStack Services beyond IaaS • Heat – Orchestration (Havana) – Represent an application (topology and resource needs) with a Heat Template – Perform fully automated, orchestrated deployment of Heat Template to the cloud. – Offers Amazon AWS Cloud Formation compatible APIs • Ceilometer – Cloud Metering and Monitoring (Havana) • Trove – Database As A Service (Icehouse) 25
| Agenda What is OpenStack Oracle and OpenStack Oracle's Value add for OpenStack Implementations The Oracle OpenStack Integration into Oracle Products 1 2 3 4 26
| Make your life easier and increase your business • Simplfy IT • Free up your ressources • Discover new or extended business Oracle helps by • Technology Innovation • Open Standards • Flexibile + Scalable DNA • Integrated Stack Oracle – The Cloud Company 27
| Agenda What is OpenStack Oracle and OpenStack Oracle's Value add for OpenStack Implementations The Oracle OpenStack Integration into Oracle Products 1 2 3 4 30
| OpenStack Deplyoments Oracle - One supplier for all your Cloud Requirements Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Database as a Service (DbaaS) Software as a Service (SaaS) „cows“ „pets“ Oracle Server/Storage/NW Buliding Blocks Oracle Highend , EM12c and Engineered Systems Infrastructure as a Service (IaaS) Database as a Service (DbaaS) 33
| On Premise Private Cloud Oracle Cloud PaaS / IaaS Benefit Same Architecture Same Standards Same Products High End Mission Critical On-premise and Public Cloud Oracle Public Cloud DEPLOY ANYWHERE Same DNA Open Standards Same Products 34
| Agenda What is OpenStack Oracle and OpenStack Oracle's Value add for OpenStack Implementations The Oracle OpenStack Integration into Oracle Solaris 1 2 3 4 35
| Middleware Database Application Virtualization& Cloud Orchestration SDN Server Platform Hardware and Software Engineered to Work Together High Performance, High Efficiency, High Value A Better Way of Engineering the System 40
| Oracle Solaris – Engineered for Cloud Bringing Enterprise to the Cloud – #1 Enterprise OS – designed for mission critical apps – Immense workload scalability – Assured data integrity – Secure by design – Production safe observability Enterprise Ready Cloud Agility – Zero-overhead virtualization – Single step installation, simple update – Automated compliance reporting – Automatic service restart – Zero to OpenStack in 20 mins 41
| Openstack and Oracle Solaris 11.2 - Versioning # pkg info -r cloud/openstack Name: cloud/openstack Summary: OpenStack Description: OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a data center, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. Category: Meta Packages/Group Packages (org.opensolaris.category.2008) System/Administration and Configuration (org.opensolaris.category.2008) System/Enterprise Management (org.opensolaris.category.2008) System/Virtualization (org.opensolaris.category.2008) Web Services/Application and Web Servers (org.opensolaris.category.2008) State: Not installed Publisher: solaris Version: 0.2013.2.3 (Havana 2013.2.3) Build Release: 5.11 Branch: 0.175.2.0.0.42.1 Packaging Date: June 23, 2014 01:03:42 AM Size: 5.46 kB FMRI: pkg://solaris/cloud/[email protected],5.11-0.175.2.0.0.42.1:20140623T010342Z 44
| OpenStack Nova Compute – Oracle Solaris Zones High density virtual environments – ideal for multi-tenant cloud • Independent patching and updating with Oracle Solaris Kernel Zones – Same administrative interfaces • Fully portable with Unified Archives – Easy transitioning between Kernel Zones, Native Zones, Oracle VM and bare-metal • Provision Native Zones and/or Kernel Zones • Integrated SDN 45
| OpenStack Glance Image Management – Unified Archives Rapid deployment through VM templates • Flexible deployment on bare metal or virtualized – Same archive image for both • Snapshot a running VM as an image back to Glance to later re-deploy • Rapid deployment with Automated Installer across all compute nodes 46
| OpenStack Neutron Networking – EVS SDN for servers and switches • Integrated with Oracle Solaris network virtualization – Elastic Virtual Switch connects compute resources with virtual switching – Flexible resource management to help maintain critical SLAs 47
| OpenStack Cinder/Swift Data Management – ZFS Production ready data management, no compromises • ZFS is primary backend for block and object storage – Integrated data services including snapshots, encryption, and deduplication – iSCSI or FC LUN provisioning • Integrated Cinder Driver for the ZS3 Storage Appliance 48
| OpenStack Packaging – IPS Easy and fast cloud update • Fail proof updates with IPS – Full rollback to previous state if needed – Integrated with Oracle Solaris Zones and Unified Archives for seamless lifecycle management 49
| OpenStack Services – SMF Highly available and reliable and secure cloud services • Automatic service restart in case of failure – Integrated with Oracle Solaris fault management – Full dependency checking for precise and efficient cloud start up • OpenStack services run with minimum privileges necessary, and don’t run as root 50
| General Guidelines Concerning OpenStack on Solaris OpenStack packaging on Solaris • Each of the eight major components delivered by a single package – pkg:/cloud/openstack/<component> – The corresponding client APIs and CLI are in pkg:/library/python/<component>client • The packages typically deliver their configuration files under /etc/<component> • Horizon uses /etc/openstack_dashboard • Runtime information is stored under /var/lib/<component> • Group package, pkg:/cloud/openstack, installs all components. 51
| General Guidelines Concerning OpenStack on Solaris OpenStack services on Solaris • Each component is represent by one or more smf(5) services – Some are meant to be run on only one node – Others can be replicated for reliability or to meet expected demand • Common case is deploying additional nodes running Nova compute or Cinder volume services – Horizon is enabled through the use of Apache and a configuration file • Services names are of the form – svc:/application/openstack/<component>/<component>-<service> • Corresponding smf(5) logs contain a wealth of debugging information – Components support both a debug and a verbose mode settable in the configuration 52
| General Guidelines Concerning OpenStack on Solaris OpenStack and RBAC on Solaris • Each package delivers a RBAC profile for administering the component – Provide authorizations for managing corresponding smf(5) services and properties – Allows the modification of corresponding configuration files via pfedit(1M) – Allows the reading of the service log files which are normally not world-readable • Each package delivers a unique user and group for the component – The smf(5) services run a method context with this user and group – Services only include minimum necessary privileges in order to operate 53
| Deploying the Cinder Volume Service Backend storage choices • Most Cinder services (such as API or scheduler) are typically deployed once • Cinder volume service is typically deployed on as many nodes as necessary • Solaris implementation supplies four fully supported volume drivers • Each driver provisions volumes, typically via ZFS, for block storage – Local only driver useful for provisioning on single-node OpenStack setup – iSCSI driver that makes the provisioned ZFS volume available via iSCSI – Fibre Channel driver that makes the provisioned ZFS volume available via FC – ZFFSA driver that provisions iSCSI volumes from a remote ZFSSA 54
| Report Compliance • Compliance reporting for PCI or Solaris security policies • Integrate into SIEM systems for analysis Understand Risk • External security evaluations for Zones/Crypto • Infrastructure auditing for OpenStack components Reduced Threat • Minimized Solaris install • Encryption for Cinder (block) and Swift (object) storage Minimize Impact • Least privilege Sandboxes pre- applied to OpenStack core services • Read only virtual machines The Oracle Solaris OpenStack Distribution is Low Risk 55
| Getting Started with Solaris OpenStack OpenStack on Oracle Solaris Resources • OpenStack on Oracle Solaris Discussion [email protected] • Oracle Solaris on Oracle Technology Network http://www.oracle.com/technetwork/server-storage/solaris11/technologies/openstack-2135773.html • Source Code https://java.net/projects/solaris-userland/sources/gate/show/components/openstack 56
fraosug
kazzpapa3
foursue
tatsuo48
kentaitakura
07jp27
akkeylab
senoo
oracle4engineer
kzkmaeda
meihei3
soracom
yug1224
panda_program
tammyeverts
brad_frost
colly
marktimemedia
csswizardry
swwweet
cassininazir
davidbonilla
morganepeng
eileencodes
