Unit 2: Working with Private Cloud

A Private Cloud is a model of cloud computing where the infrastructure is dedicated to a

single user organization. A private cloud can be hosted either at an organization’s own data
center, at a third party colocation facility, or via a private cloud provider who offers private
cloud hosting services and may or may not also offer traditional public shared multi-tenant
cloud infrastructure.

Private cloud is also known as an internal cloud or corporate cloud. It is used by

organizations to build and manage their own data centers internally or by the third party. It can
be deployed using Opensource tools such as Openstack and Eucalyptus.

Based on the location and management, National Institute of Standards and Technology (NIST)
divide private cloud into the following two parts-

o On-premise private cloud

o Outsourced private cloud

Advantages of Private Cloud

There are the following advantages of the Private Cloud -

o Private cloud provides a high level of security and privacy to the users.
o Private cloud offers better performance with improved speed and space capacity.
o It allows the IT team to quickly allocate and deliver on-demand IT resources.
o The organization has full control over the cloud because it is managed by the
organization itself. So, there is no need for the organization to depends on anybody.
o It is suitable for organizations that require a separate cloud for their personal use and
data security is the first priority.

Disadvantages of Private Cloud

o Skilled people are required to manage and operate cloud services.
o Private cloud is accessible within the organization, so the area of operations is limited.
o Private cloud is not suitable for organizations that have a high user base, and organizations that
do not have the prebuilt infrastructure, sufficient manpower to maintain and manage the cloud.
Characteristics of Private Cloud:

The five characteristics of a private cloud:

1. Scalable: High levels of utilization (e.g., through virtualization, and the size and
maturity of data centers)

2. Accessible: IT customers can self-provision

3. Elastic: Appearance of infinite capacity on demand

4. Shared: Workloads are multiplexed, capacity is pooled

5. Metered consumption: Ability to pay for use with no commitment

CloudStack
What is Apache CloudStack?

Apache CloudStack is an open source Infrastructure-as-a-Service platform that manages

and orchestrates pools of storage, network, and computer resources to build a public or
private IaaS compute cloud.

With CloudStack you can:

• Set up an on-demand elastic cloud computing service.

• Allow end-users to provision resources

What can Apache CloudStack do?

• Multiple Hypervisor Support

CloudStack works with a variety of hypervisors and hypervisor-like technologies. A single

cloud can contain multiple hypervisor implementations. As of the current release CloudStack
supports:

• BareMetal (via IPMI)

• Hyper-V
• KVM
• LXC
• vSphere (via vCenter)
• Xenserver
• Xen Project
• Massively Scalable Infrastructure Management

CloudStack can manage tens of thousands of physical servers installed in geographically

distributed datacenters. The management server scales near-linearly eliminating the need for
cluster-level management servers. Maintenance or other outages of the management server
can occur without affecting the virtual machines running in the cloud.

• Automatic Cloud Configuration Management

CloudStack automatically configures the network and storage settings for each virtual
machine deployment. Internally, a pool of virtual appliances support the operation of
configuration of the cloud itself. These appliances offer services such as firewalling, routing,
DHCP, VPN, console proxy, storage access, and storage replication. The extensive use of
horizontally scalable virtual machines simplifies the installation and ongoing operation of a
cloud.

• Graphical User Interface

CloudStack offers an administrators web interface used for provisioning and managing the
cloud, as well as an end-user’s Web interface, used for running VMs and managing VM
templates. The UI can be customized to reflect the desired service provider or enterprise look
and feel.

• API

CloudStack provides a REST-like API for the operation, management and use of the cloud.

• AWS EC2 API Support

CloudStack provides an EC2 API translation layer to permit the common EC2 tools to be
used in the use of a CloudStack cloud.

• High Availability

CloudStack has a number of features to increase the availability of the system. The
Management Server itself may be deployed in a multi-node installation where the servers are
load balanced. MySQL may be configured to use replication to provide for failover in the
event of database loss. For the hosts, CloudStack supports NIC bonding and the use of
separate networks for storage as well as iSCSI Multipath.
Deployment Architecture Overview

Generally speaking, most CloudStack deployments consist of the management server and the
resources to be managed. During deployment you inform the management server of the
resources to be managed, such as IP address blocks, storage devices, hypervisors, and
VLANs.

The minimum installation consists of one machine running the CloudStack Management
Server and another machine to act as the cloud infrastructure (in this case, a very simple
infrastructure consisting of one host running hypervisor software). In its smallest deployment,
a single machine can act as both the Management Server and the hypervisor host (using the
KVM hypervisor).

Management Server Overview

The management server orchestrates and allocates the resources in your cloud deployment.

The management server typically runs on a dedicated machine or as a virtual machine. It

controls allocation of virtual machines to hosts and assigns storage and IP addresses to the
virtual machine instances. The Management Server runs in an Apache Tomcat container and
requires a MySQL database for persistence.

The management server:

• Provides the web interface for both the adminstrator and end user.
• Provides the API interfaces for both the CloudStack API as well as the EC2
interface.
 • Manages the assignment of guest VMs to a specific compute resource
• Manages the assignment of public and private IP addresses.
• Allocates storage during the VM instantiation process.
• Manages snapshots, disk images (templates), and ISO images.
• Provides a single point of configuration for your cloud.

Cloud Infrastructure Overview

About Regions

To increase reliability of the cloud, you can optionally group resources into multiple
geographic regions. A region is the largest available organizational unit within a CloudStack
deployment. A region is made up of several availability zones, where each zone is roughly
equivalent to a datacenter. Each region is controlled by its own cluster of Management
Servers, running in one of the zones. The zones in a region are typically located in close
geographical proximity. Regions are a useful technique for providing fault tolerance and
disaster recovery.

About Zones

A zone is the second largest organizational unit within a CloudStack deployment. A zone
typically corresponds to a single datacenter, although it is permissible to have multiple zones
in a datacenter. The benefit of organizing infrastructure into zones is to provide physical
isolation and redundancy. For example, each zone can have its own power supply and
network uplink, and the zones can be widely separated geographically (though this is not
required).

About Pods

A pod often represents a single rack. Hosts in the same pod are in the same subnet. A pod is
the third-largest organizational unit within a CloudStack deployment. Pods are contained
within zones. Each zone can contain one or more pods. A pod consists of one or more
clusters of hosts and one or more primary storage servers. Pods are not visible to the end user.

About Clusters

A cluster provides a way to group hosts. To be precise, a cluster is a XenServer server pool, a
set of KVM servers, , or a VMware cluster preconfigured in vCenter. The hosts in a cluster
all have identical hardware, run the same hypervisor, are on the same subnet, and access the
same shared primary storage. Virtual machine instances (VMs) can be live-migrated from
one host to another within the same cluster, without interrupting service to the user.

About Hosts

A host is a single computer. Hosts provide the computing resources that run guest virtual
machines. Each host has hypervisor software installed on it to manage the guest VMs. For
example, a host can be a Citrix XenServer server, a Linux KVM-enabled server, an ESXi
server, or a Windows Hyper-V server.

The host is the smallest organizational unit within a CloudStack deployment. Hosts are
contained within clusters, clusters are contained within pods, pods are contained within
zones, and zones can be contained within regions.

About Primary Storage

Primary storage is associated with a cluster, and it stores virtual disks for all the VMs running
on hosts in that cluster. On KVM and VMware, you can provision primary storage on a per-
zone basis.
You can add multiple primary storage servers to a cluster or zone. At least one is required. It
is typically located close to the hosts for increased performance. CloudStack manages the
allocation of guest virtual disks to particular primary storage devices.

It is useful to set up zone-wide primary storage when you want to avoid extra data copy
operations. With cluster-based primary storage, data in the primary storage is directly
available only to VMs within that cluster. If a VM in a different cluster needs some of the
data, it must be copied from one cluster to another, using the zone’s secondary storage as an
intermediate step. This operation can be unnecessarily time-consuming.

About Secondary Storage

Secondary storage stores the following:

• Templates — OS images that can be used to boot VMs and can include additional
configuration information, such as installed applications
• ISO images — disc images containing data or bootable media for operating
systems
• Disk volume snapshots — saved copies of VM data which can be used for data
recovery or to create new templates

The items in secondary storage are available to all hosts in the scope of the secondary
storage, which may be defined as per zone or per region.
OpenStack
OpenStack is a free, open standard cloud computing platform. It is mostly deployed
as infrastructure-as-a-service (IaaS) in both public and private clouds where virtual servers and
other resources are made available to users.[2] The software platform consists of interrelated
components that control diverse, multi-vendor hardware pools of processing, storage, and
networking resources throughout a data center. Users manage it either through a web-based
dashboard, through command-line tools, or through RESTful web services.

Introduction to OpenStack
OpenStack is a cloud OS that is used to control the large pools of computing, storage, and
networking resources within a data center. OpenStack is an open-source and free software
platform. This is essentially used and implemented as an IaaS for cloud computing.

We can call the OpenStack a software platform that uses pooled virtual resources to create and
manage private and public cloud. OpenStack offers many cloud-related services (such as
networking, storage, image services, identity, etc.) by default. This can be handled by users
through a web-based dashboard, a RESTful API, or command-line tools. OpenStack manages
a lot of virtual machines; this permits the usage of physical resources to be reduced.

Basic Principles of OpenStack

Open Source: Under the Apache 2.0 license, OpenStack is coded and published. Apache allows the
community to use it for free.

Open Design: For the forthcoming update, the development group holds a Design Summit
every 6 months.

Open Development: The developers maintain a source code repository that is freely accessible
through projects like the Ubuntu Linux distribution via entig100s.

Open Community: OpenStack allows open and transparent documentation for the
community.

Components of OpenStack
Major components of OpenStack are given below:

Compute (Nova): Compute is a controller that is used to manage resources in virtualized

environments. It handles several virtual machines and other instances that perform computing
tasks.

Object Storage (Swift): To store and retrieve arbitrary data in the cloud, object storage is used.
In Swift, it is possible to store the files, objects, backups, images, videos, virtual machines, and
other unstructured data. Developers may use a special identifier for referring the file and objects
in place of the path, which directly points to a file and allows the OpenStack to manage where
to store the files.

Block Storage (Cinder): This works in the traditional way of attaching and detaching an
external hard drive to the OS for its local use. Cinder manages to add, remove, create new disk
space in the server. This component provides the virtual storage for the virtual machines in the
system.

Networking (Neutron): This component is used for networking in OpenStack. Neutron

manages all the network-related queries, such as IP address management, routers, subnets,
firewalls, VPNs, etc. It confirms that all the other components are well connected with the
OpenStack.

Dashboard (Horizon): This is the first component that the user sees in the OpenStack. Horizon
is the web UI (user interface) component used to access the other back-end services. Through
individual API (Application programming interface), developers can access the OpenStack's
components, but through the dashboard, system administrators can look at what is going on in
the cloud and manage it as per their need.

Identity Service (Keystone): It is the central repository of all the users and their permissions
for the OpenStack services they use. This component is used to manage identity services like
authorization, authentication, AWS Styles (Amazon Web Services) logins, token-based
systems, and checking the other credentials (username & password).

Image Service (Glance): The glance component is used to provide the image services to
OpenStack. Here, image service means the images or virtual copies of hard disks. When we
plan to deploy a new virtual machine instance, then glance allows us to use these images as
templates. Glance allows virtual box (VDI), VMware (VMDK, OVF), Raw, Hyper-V (VHD)
and KVM (qcow2) virtual images.

Telemetry (Ceilometer): It is used to meter the usage and report it to OpenStack's individual
users. So basically, Telementry provides billing services to OpenStack's individual users.

Orchestration (Heat): It allows the developers to store the cloud application's necessities as a
file so that all-important resources are available in handy. This component organizes many
complex applications of the cloud through the templates, via both the local OpenStack REST
API and Query API.

Shared File System (Manila): It offers storage of the file to a virtual machine. This component
gives an infrastructure for managing and provisioning file shares.
Elastic Map-reduce (Sahara): The Sahara component offers a simple method to the users to
preplanned Hadoop clusters by referring to the multiple options such as the Hadoop version,
cluster topology and hardware details of nodes and some more.

OpenStack Architecture

There are several components that form OpenStack's architecture.

Nova (Compute)
Nova is one of the most common and important components of OpenStack. Compute is a
controller that is used to handle virtualized environments' resources. It handles several virtual
machines and other instances that perform computing tasks.

Nova is written in Python language. VMware, Xen, and KVM are the hypervisor technologies
that could be used, and this choice is contingent on OpenStack's version.

Functionality :

o The Nova-api processes the requests and responses to and from the end-user.
o When a request is submitted, the Nova generates and removes the instances.
o The Nova-scheduler schedules nova-compute jobs.
o The Glace Registry, along with its metadata, stores the image information.
 o The Image stores predefined images for the user or admin.
o The nova-network assures connectivity and routing of the network.

Glance (Image)
The instances of the virtual machines or the disk image are stored as images in the image storage
Glance.

This component offers image services to OpenStack. Here, image service means the images or
virtual copies of hard disks. When we plan to deploy a new virtual machine instance, glance
allows us to use these images as templates.

Swift (Object Storage)

This is the mountable storage unit of the architecture. It helps in data replication across the data
center. The files and objects can be copied to multiple units with the help of this unit. The object
storage units are replicated with every new server addition. It also stores the replicate content
from all the active nodes and makes it available to the new clusters, ensuring a backup in case of
any hardware failure or server loss.

To store and retrieve arbitrary data in the cloud, object storage is used. In Swift, it is possible
to store the files, objects, backups, images, videos, virtual machines, and other unstructured
data.

Cinder (Block Storage)

Block Storage provides persistent level storage facilities for cloud-oriented computing devices. It
helps in the creation, addition, and removal of the new block devices in the server. It provides
complete integration with the OpenStack, reducing the use of extraneous hardware components. It
can be accessed and instructed using CLI or web-based services. Linux-based systems can go with
Cloudbyte, EMC, Coraid, SAN Storage, etc.

This works in the traditional way of attaching and detaching an external hard drive to the OS
for its local use. Cinder manages to add, remove, create new disk space in the server. This
component provides the virtual storage for the VMs in the system.

Neuron (Networking)
This is responsible for establishing a neuron structure between the components for better
connectivity. It manages all the networking-related functionalities of the architecture as a whole.
Starting from assigning and managing the IP addresses of the nodes to managing and implementing
routing, it constitutes all.

This component is used for networking in OpenStack. Neutron manages all the network-related
queries, such as IP address management, routers, subnets, firewalls, VPNs, etc. It confirms that
all the other components are well connected with the OpenStack.
Horizon (Dashboard)
This is the first component that the user sees in the OpenStack. Horizon is the web UI (user
interface) component used to access the other back-end services.

Keystone (Identity)
It is the central repository of all the users and their permissions for the OpenStack services they
use. This component is used to manage identity services like authorization, authentication,
AWS Styles (Amazon Web Services) logins, token-based systems, and checking the other
credentials (username & password).

How does OpenStack Work?

Basically, OpenStack is a series of commands which is called scripts. And these scripts are
packed into packages, which are called projects that rely on tasks that create cloud
environments. OpenStack relies on two other forms of software in order to construct certain
environments:

o Virtualization means a layer of virtual resources basically abstracted from the hardware.
o A base OS that executes commands basically provided by OpenStack Scripts.

So, we can say all three technologies, i.e., virtualization, base operating system, and OpenStack
must work together.

Let's discuss how OpenStack works!

As we know, the Horizon is an interface for the appliance environment. Anything that the user
wants to do should use the Horizon (Dashboard). The Dashboard is a simple graphical user
interface with multiple modules, where each module performs specific tasks.

All the actions in OpenStack work by the service API call. So, if you are performing any task,
it means you are calling a service API. Each API call is first validated by Keystone. So, you
will have to login yourself as a registered user with your login username and password before
you enter the OpenStack dashboard.

Once you successfully log in to the OpenStack dashboard, you will get many options to create
new instances, volumes, Cinder, and configure the network.

Instances are nothing but a virtual machine or environment. To generate a new VM, use the
'instances' option from the OpenStack dashboard. In these instances, you can configure your
cloud. Instances can be RedHat, OpenSUSE, Ubuntu, etc.

The formation of an instance is also an API call. You can configure network information in the
instances. You can connect these instances to the cinder instance or volume to add more
services.
After the successful creation of an instance, you can configure it, you can access it through
CLI, and whatever data you want to add, you can do it. Even you can set up an instance to
manage and store the snapshots for future reference or backup purposes.

Benefits of OpenStack
There are a lot of benefits of OpenStack in the cloud computing platform. Let's see one by one
:

1. Open Source
As we know, using the open-source environment, we can create a truly defined data center.
OpenStack is the largest open-source platform. It offers the networking, computing, and storage
subsystems in a single platform. Some vendors (such as RedHat) have developed and continue
to support their own OpenStack distributions.

OpenStack source code is available at github. The two main advantages of the open-source
OpenStack project is :

o OpenStack can be modified according to your rising demand - As per your requirement, you
can add the extra features in OpenStack.
o It can be used without any limitations - Since OpenStack is a freely available project, so there
are no limitations or restrictions to use it. You can use it as per your requirement. There are no
limits for what purpose you use it, where you use it, or how long you use it.

2. Scalability
Scalability is the major key component of cloud computing. OpenStack offers better scalability
for businesses. Through this feature, it allows enterprises to spin up and spin down servers on-
demand.

3. Security
One of the significant features of OpenStack is security, and this is the key reason why
OpenStack is so popular in the cloud computing world.

o With OpenStack, your data is always secure - When company owners want to move their IT
infrastructure to the cloud, they always fear data loss. But there is no need to think about data
loss with OpenStack. It offers the best security feature.
o OpenStack provides security professionals who are responsive to OpenStack's strong security.
4. Automation
Automation is one of the main keys selling points of OpenStack when compared to another
option. The ease with which you can automate tasks makes OpenStack efficient. OpenStack
comes with a lot of inbuilt tools that make cloud management much faster and easier.
OpenStack provides its own API or Application Program Interface that helps other applications
to have full control over the cloud. This function makes it easier to build your own apps that
can communicate with OpenStack to perform tasks such as firing up VMs.

Development Support

Since OpenStack's source code is freely accessible, experts from all over the world can improve
the platform. If a new feature is being designed, it can be built easily and professionally by a
development team. OpenStack is like Linux in that have many distributions with different
features but share the same component.

Support from companies - For development, OpenStack gets support from IT founders,
including Intel, IBM, AT&T, Cisco, Red Hat, Dell, Ubuntu, and so on. So, by leaps and bounds,
it's changing, which is a massive benefit for you.

Support from the developers' community - Many developers are working on the enhancement
of OpenStack. They are continuously working hard to make the OpenStack better.

5. Easy to Access and Manage

We can easily access and manage OpenStack, which is the biggest benefit for you. OpenStack
is easy to access and manage because of the following features :

Command Line Tools - We can access the OpenStack using command-line tools.

Dashboard - OpenStack offers users and administrators to access and manage various aspects
of OpenStack using GUI (graphical user interface) based dashboard component. It is available
as a web UI.

APIs - There are a lot of APIs (Application Program Interface), which is used to manage
OpenStack.

6. Services
OpenStack provides many services required for several different tasks for your public, private,
and hybrid cloud.

List of services - OpenStack offers a list of services or components such as the Nova, Cinder,
Glance, Keystone, Neutron, Ceilometer, Sahara, Manila, Searchlight, Heat, Ironic, Swift,
Trove, Horizon, etc.

Each component is used for different tasks. Such as Nova provides computing services,
Neutron provides networking services, Horizon provides a dashboard interface, etc.
7. Strong Community
OpenStack has many experts, developers, and users who love to come together to work on the
product of OpenStack and enhance the feature of OpenStack.

8. Compatibility
Public cloud systems like AWS (Amazon Web Services) are compatible with OpenStack.