OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case...
Transcript of OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case...
![Page 1: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/1.jpg)
OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering, Chulalongkorn Bangkok, Thailand
![Page 2: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/2.jpg)
Outline
OpenStack
eScience
Requirements
Design Decisions
Implementation
![Page 3: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/3.jpg)
Openstack
![Page 4: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/4.jpg)
OpenStack Installation
Many Components
A little error, it failed.
Take days (if not months) to manage and to install.
![Page 5: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/5.jpg)
eScience
eScience is computationally intensive science that is carried out in highly distributed network environments, or science that uses immense data sets that require grid computing; the term sometimes includes technologies that enable distributed collaboration, such as the Access Grid [wikipedia]
![Page 6: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/6.jpg)
eScience @ Chula / ThailandeScience @ Chulalongkorn Univeristy/Thailand
High-Energy (Particle) Physics (Chula + European Organization for Nuclear Research / CERN)
Climate Changes
Water Resources
etc.
![Page 7: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/7.jpg)
Requirements (physics + Computer Engineering)
eScience - dedicate resources + on-demand projects
Students - Quota per student(300-400 active students.)
Accounts
Students - Use username and password from existing university accounts.
Others - Users for each project
![Page 8: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/8.jpg)
Our HardwareDisk RAM CPUs(TB) (GB) (GHz)
DELL PowerEdge R630 U20
1.8 64 40x3LENOVO 3550 M5 1.1 32 40x3.4DELL PowerEdge R430 3.6 64 32x3.4LENOVO SR850 0.13 318.4 174x2.1IBM 3755 M3 1 29.3 30x3DELL PowerEdge R630 U21
1.8 64 40x3
IBM iDataPlex DX360M4 0.5 48 169.93 619.7 372
More hardware are coming.
![Page 9: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/9.jpg)
Other constraints
Our eScience storage system is based on IBM Spectrum Scale (aka. GPFS). This also is used for storing data from CMS/LHC experiment (running at CERN)
The physics analysis should not be stopped.
Few (if any) administrator… (we aim for zero administration)
Security - (No direct/public access to students’ VMs)
![Page 10: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/10.jpg)
Design DecisionsTry to automate/streamline process as much as possible.
Implement OpenStack (compute nodes and storage nodes) on top of existing hardware and existing filesystem (GPFS).
Allow additional hardware to be added later
Use LDAP with additional mechanism to map user from university’s LDAP.
Automatically create a project for each user (student) on sign up (account mapping).
![Page 11: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/11.jpg)
Design Decisions
The VM can only be accessed though our SSH gateway.
Students should use standard tools and native OpenStack tools (eg. Horizon) for managing and accessing their VM. - part of the learning experiences.
![Page 12: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/12.jpg)
OpenStack Installation - Fuel
https://www.slideshare.net/justiceform/case-study-utilizing-mirantis-fuel-to-install-openstack-ansible
![Page 13: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/13.jpg)
Fuel
![Page 14: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/14.jpg)
Cinder
Architecture eScience
Node
GPFS
Compute Node (KVM)
eScience Node
Compute Node (KVM)
Compute Node
Keystone
LDAPLdapMap
Univ. LDAP
Controller
Project DB
Project Creator
![Page 15: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/15.jpg)
LdapMap
Univ. LDAP
local LDAP
Java App
![Page 16: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/16.jpg)
Project Creator
local LDAP
Controller
Project Creator Use local database to automatically create project for each user.
Python Script
![Page 17: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/17.jpg)
Horizon
![Page 18: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/18.jpg)
Management
OpenStack.cp.eng.
chula.ac.th
SSH Gateway
Horizon
LdapMAP
SSH, HTTPS
reverse proxy, port map
![Page 19: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/19.jpg)
Security
Use gateway with LDAP accounts
Gateway is also a VM scaling on demand.
![Page 20: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/20.jpg)
Security
Use cloud-init images for security
only accessible via initial private key.
No public IP for general VMs.
Only ip (port/host) forwarding using iptables.
![Page 21: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/21.jpg)
Our tricksUse wiki for knowledge management/user training
Automate SSH tunneling through ProxyCommand
~/.ssh/config
![Page 22: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/22.jpg)
Students feel like having direct access to VM.
ssh -L80:localhost:80 myHost.eScience
~/.ssh/config
![Page 23: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/23.jpg)
Lessons Learned
Wiki allows users to help themselves.
A project per user makes it easy to control.
Use KVM over KVM as compute node for resource isolation.
![Page 24: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/24.jpg)
Next Step
Allow containers/Hadoop/Spark cluster to be run on the same infrastructures.
Implement efficient monitoring systems.
Dynamic scale
Will deprecate Fuel
![Page 25: OpenStack Implementation: A case study of Chula eScience ... · OpenStack Implementation: A case study of Chula eScience and Computer Engineering Krerk Piromsopa, Ph.D. Computer Engineering,](https://reader030.fdocuments.in/reader030/viewer/2022041110/5f0e91b67e708231d43fdfa0/html5/thumbnails/25.jpg)
Thank you Q&A
Join us in AINTEC2018