Professional Documents
Culture Documents
Diablo Keystone
Diablo Keystone
Diablo Keystone
DIABLO!
Diablo Architecture
Keystone
Token Based Auth
Glance Imaging Svc. Service Image LunR Block Storage EBS style block storage
API Server
OpenStack API EC2 /S3 API
Multi-Hypervisor Manager
Dashboard - UI
User / Admin Interface
Confidential
Hypervisors
LXC
OpenVZ
Keystone Integration Better KVM/QEMU Integration Better Xen Integration Nova Block Volumes Dashboard Enabled Event Notification Distributed Scheduler System Usage Virtual Storage Arrays Boot with Volume Global Firewall Rules
Keystone Integration Dashboard Enabled Improved client IP logging Auto-account creation Multi-cluster container sync Option for replication Ceph Sheepdog Gluster
Diablo- Glance
Use: IaaS virtual machine image repository for provisioning base level or configured VMs Key Features
Configured to use standard command line and configuration option processing, making use of pastedeploy configuration Registry database is under version control, with migration files allowing upgrade and downgrade of the registry database. Versatile combination of "disk format" and "container format" fields, allowing more than just EC2-style image formats to be stored in the registry New command line tool that allows user to interact with Image Service -- add and update images and image attributes, see public images, delete images, etc. Support for checksumming images added to the server to verify image integrity Extensive logging functionality to both the API and Registry servers, including the ability to configure logging separately from other options using Python's standard logging module configuration files A functional test suite that starts and stops actual Glance servers and executes commands against those servers from the new command line client as well as a curl client
Quantum / Melange
Physical Constraints 802.1Q QnQ / MLAG Security Constraints Layer 2 has no knowledge of identity rely on switch/port config
Dashboard
Integrated with Keystone Pluggable Recently added as Top Level Project Admin view / Customer View Concept of Role
Confidential
Keystone
Primary point of entry for every permissible openstack operation Pluggable Starting out as Auth-N and Auth-Z (token based)
Confidential
Questions?
Confidential