OpenStack is an open source cloud computing platform that provides an Infrastructure-as-a-Service (IaaS) solution through a variety of complemental services. Each service offers an application programming interface (API) that facilitates this integration, therefore the overall OpenStack installation is an integration of services.

One of the objectives of STRATEGIC is to help public bodies with low or without previous experience in cloud to prepare their own private cloud infrastructure and integrate this infrastructure with the STRATEGIC Service Store. For this reason, the following sections reflects experiences of our consultancy dully collected from the technical and pilot partners of the consortium and it is provided for the benefit of Administrators and IT experts of public bodies.

  Identifying hardware needs

The OpenStack hardware requirements vary a great deal, depending on the desired target deployment type, storage backend choices and services co-location policies.

The absolute minimal setup for the suggested installation supported from STRATEGIC Service Store can consist of 3 physical servers: Production grade OpenStack deployments usually require at least 5-9 physical servers, depending on high-availability and storage backend choices, while a high-availability mode for all OpenStack services (ie N+1 resilience where possible) would need 28 service units (if no service co-location is imposed).

The Openstack server nodes require at least two physical network interfaces ports/trunks (1Gbit speed or better), together with VLAN capable core-switch and router hardware. Networked storage backends for production grade deployment – using iSCSI or FiberChannel SAN or Ceph backends – need additional high-speed and dedicated network trunks (FC 8Gbit or 10Gbit Ethernet) for better stability and performance.

For the preparation of OpenStack, selecting storage hardware is an important decision. Storage hardware and the architecture should be selected by evaluating possible against the following critical factors, the user requirements, technical, and operational considerations[1].

Selecting networking architecture determines which network hardware will be used. Networking software is determined by the selected networking hardware. The selection of certain networking hardware (and the networking software) affects the management tools that can be used. There are exceptions to this; the rise of open networking software that supports a range of networking hardware means that there are instances where the relationship between networking hardware and networking software are not as tightly defined[2].

The operating system (OS) and hypervisor have a significant impact on the overall design of the cloud. Selecting a particular operating system and hypervisor can directly affect server hardware selection and vice versa. Public administration should verify that the storage hardware, the topology support and the networking hardware selection will work with the chosen operating system and hypervisor combination[3].

As OpenStack is a modular platform comprised by many services/components, it is a part of the design process to select the OpenStack components to use. Some OpenStack components, like compute and Image service, are required in every architecture. Other components, like Orchestration, are not always required. Excluding certain OpenStack components can limit or constrain the functionality of other components, therefore it is important to research the component interdependencies in conjunction with the technical requirements before deciding on the final architecture[4].

For private installation of OpenStack that are connecting to external brokers (like STRATEGIC Service Store) API connection tunneling firewall and VPN devices/services are also needed.

Installation of OpenStack is possible also on virtualized infrastructure. However, there are difficulties to be tackled like the networking configuration of the virtual machines, while the underlying virtualization technology is also not always supported. Therefore, we suggest to use this option only if there is not possible to use physical machines. Installing IaaS on physical infrastructure is preferred in terms of performance and due to more straightforward installation.

OpenStack setups can have specific focus and use the nodes in appropriate way. The list below presents the most common setups of OpenStack

  • Compute focused
  • Storage focused
  • Network focused
  • Multi-site
  • Hybrid
  • Massively scalable

We found that the normal, compute focused setup of OpenStack was ideal for the pilots of the project.
For a production architecture deployment of OpenStack security methods such as firewalls, encryption, and service policies should be always used.
Extra nodes for core and optional services can be added in order to achieve performance and redundancy requirements.

[1]http://docs.openstack.org/arch-design/generalpurpose-architecture.html#selecting-storage-hardware

[2]http://docs.openstack.org/arch-design/generalpurpose-architecture.html#selecting-networking-hardware

[3] http://docs.openstack.org/arch-design/generalpurpose-architecture.html#operating-system-and-hypervisor

[4] http://docs.openstack.org/arch-design/generalpurpose-architecture.html#openstack-components