CERN and Science Clouds in Europe with TOSCA, OpenStack ... · CERN and Science Clouds in Europe...
Transcript of CERN and Science Clouds in Europe with TOSCA, OpenStack ... · CERN and Science Clouds in Europe...
CERN and Science Clouds in Europe with TOSCA, OpenStack Heat and the Heat Translator
@sp_zala
@mrutkowski @bradtopol
Introduction• IndigoDataCloudProject
• GoalistoprovideasustainableEuropeaninfrastructureforscience,spanningmultiplecomputercentersandexistingpublicclouds.
• Challenges• Needtoeffectivelyexploitheterogeneouscloudinfrastructures(OpenStack,OpenNebula,proprietaryclouds)asa
singlecloud• Needastandardorchestrationmodelthatworksacrossmultiplecloudinfrastructures
• ProjectApproach• LeverageTOSCAasastandardbasedapproachformodelingcloudstacksandapplications
• Support forTOSCAisgrowinginseveralcloudcommunities• LeverageOpenStackcomponentsasameansofdeployingTOSCAcloudstacks• OpenStackHeatProjectprovidesrobusttoolstoconvertalternativeorchestrationlanguagestoOpenStackHeat’s
HOTtemplates• Heat-Translator:Provides aframeworkfortranslationorchestrationmodelstoHot• TOSCA-Parser:Productionquality toolforparsingTOSCAtemplates
• Inthispresentationwewillcover• TOSCA-ParserandHeat-Translator• ProjectIndigoandCERN’sinitiative• DemoconcreteexamplesofusingTOSCAtomodelacomplexinfrastructurecoveringmultiple sites• LatestonTOSCAspecification
Mitaka:TOSCA-Parser• WhatistheTOSCA-Parser?
• AparserforTOSCASimpleandNetworkFunctionsVirtualization(NFV)YAMLbasedspecifications.
• Producesin-memorygraphofTOSCAnodesandrelationshipamongthem• SubprojectofOpenStackHeat
• Twopointreleases– 0.4.0and0.3.0• 0.4.0
• Releasedate:Feb04,2016• IntroducedsupportforTOSCASimpleProfileforNFVv1.0• Support forTOSCAGroupsandTOSCAPolicies• Support forTOSCAnamespace,nestedproperties,bugfixesetc.
• 0.3.0• Releasedate:Dec02,2015• FullvalidationofTOSCAtemplates• Supportfornestedimportsinservice templateandtypedefinition• Shellentrypoint,bugfixesetc.
• Newfeaturesavailableonmaster• SupportforLoadBalancernodetype• Supportforrangedatatype etc.
• PyPireleasesareavailable athttps://pypi.python.org/pypi/tosca-parser
NodeTypes Relationships
Capabilities
Interfaces
Validation Tests
AppServer
MongoServer
NodeApp
MongoDB
MongoDBMS
Node.js
HostedOn
HostedOn
HostedOn
GroupsPolicies
CustomTypes
Mitaka:Heat-Translator• WhatistheHeat-Translator?
• AnOpenStackprojecttomapandtranslatenon-Heat(e.g.TOSCA)templatestoHeatOrchestrationTemplate(HOT)
• SubprojectofOpenStackHeat• Twopointreleases– 0.4.0and0.3.0• 0.4.0
• Releasedate:March02,2016• SupportforTOSCANFVtemplatestranslation• IntroducedsupportforPolicies translation• CompletedOpenStackClientplug-inworkwithnewtestsuites• HandleNovaserver specifickey_nameproperty,bugfixesetc.
• 0.3.0• Releasedate:Dec17,2015• QueryingNovaflavorstofindmatchtoTOSCAconstraints• NewCLIoption --validate-only toonlyvalidatetemplatewithout
translation• NewCLIoption--output-file tosavetranslatedoutputtofile etc.
• Newfeaturesavailableonmaster• NewCLIoption--deploy toautomaticallydeploytranslatedtemplate• SupportforAnsibleandPuppetscriptsintranslationetc.
• PyPireleases areavailable at,https://pypi.python.org/pypi/heat-translator
TOSCA
HeatOrchestrationTemplate(HOT)
TOSCAOpenStackIntegrationisMaturingRapidly
TOSCA-Parser Heat-Translator
Tacker
TOSCAPlugin TOSCAIntegration
apps.openstack.orgOSCPlugin
Translate
Deploy
CERNandtheLargeHadronCollider• 21memberstates
• Manyotherinvolvedinotherways• LargeHadronCollider(LHC)
• 27kmlong• 100munderground
• Particlecollisionsatspecializeddetectors• ~600milliontimes/sec• Generating~30PBofdata/year
• CERNCloudinnumbers• ~6000nodes• ~150kcores• 2000users• 16000VMsrunning
IndigoDataCloud• TowardsasustainableEuropeanSWinfrastructureforscience• FundedundertheEuropeanUnionHorizon2020program• Multiplepartners,heterogeneousinfrastructure(OpenStack,OpenNebula)
• INFN,CERN,ATOS,UPV,CSIC,DESY,UPV,LIP,T-Systems,CNRS,Reply,…• Mainstrengths
• Supportformulti-disciplinaryscientificcommunities• Exploitsavailable,generalsolutions• Lowlearningcurve,relyonpopularsoftwaretools• Hybrid,distributedenvironment
• Credits• GermanMolto (UPV),MiguelCaballer (UPV),Marica Antonacci (INFN),AlvaroLopezGarcia
(CSIC),Giacinto Donvito (INFN)• Andmanyothers...
https://www.indigo-datacloud.eu
WhyTOSCA?• Firststepwastoevaluateavailableoptions
• HEAT,CloudFormation• Bothtiedtospecificimplementations
• TOSCAappearedasaviablecommondenominator• Topologydefinition• Enduserapplications
• Existingcodebase(TOSCAparser,HEATtranslator)• Reusableinothercontextstoo
• Growingsupportindifferentcommunities
CurrentUseCases• DeploysimpleVMwithagivenimage• Elasticclusterforbatchprocessing(infrastructure)
• Supportedsystems:torque,slurm,condor• DeployaMesoscluster(infrastructure)• Galaxyportal(enduser)
• Dataintensiveapplicationforbiomedicalresearch• Indigospecificjobs(infrastructure/enduser)
• Packageanddeployapplicationsindockercontainers,onMesos/Marathon/Chronos
Basicexample:IndigoComputeNode
tosca_definitions_version: tosca_simple_yaml_1_0
imports:- indigo_custom_types: custom_types.yaml
description: >TOSCA test for launching compute node with a specified image and gettingas an output the IP and SSH credentials to access
topology_template:node_templates:
outputs:node_ip:value: { get_attribute: [ simple_node, public_address, 0 ] }
simple_node:type: tosca.nodes.indigo.Computeproperties:public_ip: yes
capabilities:scalable:
properties:count: 1
host:properties:num_cpus: 1mem_size: 1 GB
os:properties:type: linux distribution: ubuntu version: 12.04
Basicexample:DerivedTypestosca.nodes.indigo.Compute:derived_from: tosca.nodes.indigo.MonitoredCompute
tosca.nodes.indigo.MonitoredCompute:derived_from: tosca.nodes.Computeproperties:zabbix_server:type: stringrequired: nodefault: 90.147.170.165
zabbix_server_port:type: PortDefrequired: nodefault: 32314
zabbix_server_metadata:type: stringrequired: nodefault: Linux 668c875e-9a39-4dc0-a710-17c41376c1e0
interfaces:Standard:create:
implementation: zabbix_agent_install.ymlconfigure:
implementation: zabbix_agent_configure.ymlinputs:zabbix_server: { get_property: [ SELF, zabbix_server ] }zabbix_server_port: { get_property: [ SELF, zabbix_server_port ] }zabbix_server_metadata: { get_property: [ SELF, zabbix_server_metadata ] }
start:implementation: zabbix_agent_start.yml
Basicexample:HOT
heat_template_version: 2013-05-23description: >TOSCA test for launching compute node with a specifiedimage and getting as an output the IP and SSH credentials to access
parameters: {}resources:
outputs:node_ip:value:get_attr:- simple_node- networks- private- 0
simple_node:type: OS::Nova::Serverproperties:flavor: m1.smallimage: ubuntu-12.04-software-config-os-initpublic_ip: trueuser_data_format: SOFTWARE_CONFIG
simple_node_create_config:...simple_node_create_deploy:
...simple_node_configure_config:type: OS::Heat::SoftwareConfigproperties:config:get_file: zabbix_agent_configure.yml
group: ansiblesimple_node_configure_deploy:type: OS::Heat::SoftwareDeploymentproperties:config:get_resource: simple_node_configure_config
input_values:zabbix_server: 90.147.170.165zabbix_server_metadata: Linux 668c875e-9a39-4d...zabbix_server_port: 32314
server:get_resource: simple_node
Basicexample:AnsibleIntegration
interfaces:Standard:create:
implementation: zabbix_agent_install.ymlconfigure:
Implementation: zabbix_agent_configure.ymlinputs:zabbix_server: { get_property: [ SELF, zabbix_server ] }zabbix_server_port: { get_property: [ SELF, zabbix_server_port ] }zabbix_server_metadata: { get_property: [ SELF, zabbix_server_metadata ] }
start:implementation: zabbix_agent_start.yml
- hosts: localhostconnection: localtasks:
...- name: Apt install Zabbix agentapt: name=zabbix-agentwhen: ansible_os_family == "Debian"
tasks:- lineinfile: |dest=/etc/zabbix/zabbix_agentd.conf regexp="{{ item.var }}=" line="{{ item.var }}={{ item.value }}"with_items:- { var: "ServerActive", value: "{{zabbix_server}}:{{zabbix_server_port}}"}
Basicexample:AnsibleIntegration(GalaxyRoles)
interfaces:Standard:configure:
implementation: zabbix_agent_configure.ymlinputs:zabbix_server: { get_property: [ SELF, zabbix_server ] }zabbix_server_port: { get_property: [ SELF, zabbix_server_port ] }zabbix_server_metadata: { get_property: [ SELF, zabbix_server_metadata ] }
- hosts: localhostconnection: localroles:- role: indigo-dc.zabbix-agentzabbix_agent_server: "{{ zabbix_server }}"zabbix_agent_server_port: "{{ zabbix_server_port }}"zabbix_agent_metadata: "{{ zabbix_server_metadata }}"
Multipledeployment&configoptions• SupportedintheHEATTranslator
• .yamlisAnsible• .ppispuppet• .(anythingelse)isscripts(python,bash,…)
• ThisisreflectedontheresultingHOTtemplates• Extendingthetranslatorwithothersshouldnotbehard
• WediditforAnsible
Complexexample:BatchCluster• Auserfacingportalmanagesjobsrunningonabatchcluster• Theclustermayspawnmultiplesites• Sitesmayberunningdifferentcloudflavors
• MainlyOpenStackandOpenNebula• Onesinglefrontendforthebatchsystem
• Atleastfornow
Complexexample:BatchClusternode_templates:
elastic_cluster_front_end:type: tosca.nodes.indigo.ElasticClusterproperties:deployment_id: orchestrator_deployment_id
requirements:- lrms: torque_front_end- wn: wn_node
torque_front_end:type: tosca.nodes.indigo.LRMS.FrontEnd.Torquerequirements:- host: torque_server
wn_node:type: tosca.nodes.indigo.LRMS.WorkerNode.Torquecapabilities:wn:
properties:max_instances: 5min_instances: 0
requirements:- host: torque_wn
torque_wn:type: tosca.nodes.indigo.Computeproperties:public_ip: no
capabilities:scalable:
properties:count: 0
host:properties:num_cpus: 1mem_size: 1 GB
os:properties:type: linuxdistribution: ubuntuversion: 14.04
torque_server:type: tosca.nodes.indigo.Computeproperties:public_ip: yes
capabilities:host:
properties:num_cpus: 1mem_size: 1 GB
Demos• Basiccomputenodehttps://www.youtube.com/watch?v=TaEXhcjP7x0
• Batchclusterhttps://www.youtube.com/watch?v=IyKp3cXxm4c
IndigoTOSCAStatus• Firstusecasesalreadycoveredbyexistingtools• Indigocontributionsupstream
• TOSCAParser:UPV2ndcontributorinnumberofcommits(afterIBM:-))• HeatTranslator:CERN2ndcontributorinnumberofcommits(afterIBM:-))
• Usingtheheat-translatorCLI,thecommonopenstackclient,andinsomecasesotherAPIs
• ComingNext• Expanddeploymenttomoresiteswithintheproject• ExperimentwithenduserapplicationsdefinitionsinTOSCA• Continuecontributingupstreamtobothprojects
Newtondevplan:TOSCA-ParserandHeat-Translator
• Twotothreepointreleasesofbothprojects• NewfeaturesasneedarisefromworkonprojectIndigobyCERNandothermembers• EnhanceNetworkFunctionsVirtualization(NFV)supportwithcomplexandreallifeNFVtemplatescontinuingcollaborationwithOpenStackTackerprojectteam
• EnhancementtobothprojectsperOPNFVneed• WorkoncompletingimplementingremainingTOSCASimpleProfilev1.0specificationfeatures
• TOSCAcontainerparsingandtranslationsupport• Intrinsicfunctions,navigationfunctions• Enhancedartifactssupport• Supportforcredentialdatatype• etc.
• GrowTOSCAtemplatesecosystem• Supporttoprovideinputsviaaconfigurationfile• Horizonplug-intotranslateanddeployTOSCAtemplatesfromdashboard
TOSCASimpleProfilev1.1• Target:PublicDraftrelease~June2016
• Target“Final”3Q2016-after30-daypubliccomment/reviewperiod
NewFeatures• Metadata (completed)
• nowsupportedinallTypes(Node,Relationship,Capability,Data,etc.)(c• Group Type(completed)
• ExpandedGroupTypetoallowmanagementofmemberresources(i.e.,Lifecycle)• HasitsownCapabilitiesandRequirements
• Policy Definition (completed)• Event-Condition-Actionmodel(completed)• IncludesEventFilters andTriggers
• Cluster Type (75%completed)• AddsupportforClusternormativetype;baseduponnewGroupType• WillsupportnewnormativeLoadBalancer ,Scalable andRouter CapabilityTypes• DataClusters(e.g.,Cassandra,MongoDB,etc.)– In-Progress
• Workflow (50%completed)• IntermixdeclarativewithImperative(e.g.,Ansible,Ant,Bash)• Preserveinvestmentinexistingscriptsforcomplex installations/configurations
TOSCAPolicyDefinition:<policy_name>:type: <policy_type_name>description: <policy_description>properties: <property_definitions> # allowed targets for policy associationtargets: [ <list_of_valid_target_resources> ] triggers:
<trigger_symbolic_name_1>:
event: <event_type_name>
target_filter:node: <node_template_name> | <node_type># (optional) reference to a related node # via a requirementrequirement: <requirement_name># (optional) Capability within node to monitorcapability: <capability_name>
# Describes an attribute-relative test that # causes the trigger’s action to be invoked.condition: <constraint_clause>
action: # implementation-specific operation name<operation_name>:
description: <optional description>inputs: <list_of_parameters>implementation: <script> | <service_name>
...
Event• NameofanormativeTOSCAEventType• Thatdescribes aneventbasedupon aResource“state”change.
• Orachangeinoneormoreoftheresourcesattributevalue.
ConditionIdentifies:• theresource(Node)intheTOSCAmodeltomonitor.
• Optionally, identifyaCapability oftheidentified node.
• Describetheattribute (state)oftheresourcetoevaluate(condition)
TOSCAPolicyDefinition- Event,Condition,Actionmodel
1..NTrig
gerscanbedeclared
ActionDescribes:• AnOperation (name)toinvokewhenthecondition ismet
• withinthedeclaredImplementation• Optionally, passinInput parameterstotheoperationalongwithanywell-defined strategyvalues.
TOSCAWorkGroupActivities• Interoperability
• Conformancetestsuiteforv1.0(ServiceTemplates)• WorkunderwayinnewGitHub repo.,announcement(target~May2016)
• NetworkFunctionVirtualization(NFV)• WorkingdirectlywithOpenStackTackerProject• Publishingv1.0PublicDraft3– AllNormativeTypes/ModelsdesignedwithTackercontribs.
• DefineandCompose:NetworkServices,VNFs,Links,withForwardingGraphs&Paths,etc.• ExpandedscopetoincludeSoftware-DefinedNetwork(SDN)usecases
• Container• FinishnewClustercapabilitydefinitions,DataClusterusecases.forSimpleProfilev1.1
• InstanceModel• NewGroup- willproducenewschemaforanInstanceModel(reuseexistingschema)• APIpotentiallyenablingcapture,export andmanagement ofdeployedapplication
• Monitoring• Goal:Createnormativeeventtypesforbasicoperationalevents• FocusoneventstypesforHealth,Scaling&Performance• Supportbasic“Red-Yellow-Green”andPercentage-basedmonitoringfordashboards
vBrownBagTechTalk
DeployTOSCANFVWorkloadsintoOpenStackCloud
Tuesday,April26at2:15PMAustinConventionCenter- 4thfloor- Room13b
SahdevZala(IBM)PTL,TOSCA-ParserandHeat-TranslatorBobHaddleton (Nokia) Corereviewer,OpenStackTacker
http://openstack.prov12n.com/vbrownbag-techtalk-schedule-tuesday/
THANKYOU!!