OpenStack is an open-source project that provides software to build and manage public and private clouds. Its community includes more than 130 companies and 1,350 developers, who use OpenStack as a universal front end to Infrastructure as a service (IaaS) resources. The overarching mission of OpenStack is to make clouds simple to implement and massively scalable. This article provides hands-on information to guide you through setting up and managing your cloud, whether public or private, using the Open Stack front end.
OpenStack comprises several community-maintained projects, which I'll discuss in further detail later in the article.
- OpenStack Compute (Nova) is a controller that starts up instances of virtual machines for either a user or a group. It's also used to configure networking for each instance that contains multiple instances for a particular project. OpenStack Compute could be compared with either Amazon EC2, when offered through a public cloud, or with VMware, when run as a private cloud offering. In a public cloud, the cloud administrator offers pre-made images or offers storage for user-created images that users can launch as virtual machines.
- OpenStack Object Storage (Swift) is a system to store objects in a massively scalable system with built-in redundancy and failover. These objects can be retrieved through a REST API or through a client that understands the Object Storage API, such as Cyberduck.
- OpenStack Image Service (Glance) is a lookup and retrieval system for virtual machine images. It can be configured in three ways: using OpenStack Object Storage to store images; using Amazon's Simple Storage Solution (S3) for storage directly; or using S3 storage with Object Storage as the connector for S3 access. The OpenStack Image Service supports several virtual machine image formats including disk formats supported by VMware (VMDK), Amazon images (AKI, ARI, AMI), and VirtualBox such as VDI. The container formats for metadata about the image include Amazon's AKI, ARI, and AMI information, the standard OVF format and blob data.
Projects that were recently voted into the "core" group of projects are an identity service, code-named "Keystone," and a Django-based dashboard interface with a project name of "Horizon" that provides the dashboard shown in this article.
The best place to get started with OpenStack Compute is the DevStack site at devstack.org with a scripted installation for a development or proof-of-concept installation. The OpenStack Starter Guide on docs.openstack.org also offers step-by-step instructions for setting up OpenStack Compute, an Image Service, and an all-in-one Object Storage installation on Ubuntu 11.10. If you have a server lying around that you want to use for a proof of concept, OpenStack also works with the StackOps bare metal distribution available here for a CD or USB stick installation.
You can also set up a production-level OpenStack Object Storage cluster or OpenStack Compute cloud by using the installation instructions on docs.openstack.org in the Object Storage Administration Guide or OpenStack Compute Administration Guide.
Once you have it installed, let's walk through launching instances with OpenStack Compute either through the Dashboard interface or on the command line using some of the security features for images. I'll also demonstrate an interface to Object Storage for backing up images or videos with block storage.
Logging into the Dashboard Interface
An OpenStack dashboard is installed on the node that is running the Nova API service. To use the Dashboard, you should know the URL of the Nova API instance as well as the credentials of a valid Dashboard user including the username and password.
You can undertake many practical actions with the OpenStack Dashboard with just a user name and password. First, log on to the Dashboard with the username and password your cloud admin set up for you.
Once you're logged in, you see an overview of your server usage and the status of each server, as shown in Figure 1.
You can also click to see which servers are in a terminated state. Not that uptime is displayed for each server as well.
The menus on the left of the User Dashboard offer all the actions you can complete using the Dashboard, which sends commands via an API to the back-end. The System Panel (topmost menu on page) is another view from which administrators can monitor usage, check the services running the cloud, and manage users and project quotas.
How to Launch an Instance in the Dashboard
Now that you are familiar with the general layout of the Dashboard, you probably want to get started using your cloud by launching a new virtual machine, known as an instance of an image. Generally, your cloud admin will have uploaded starter images for you. If not, I'll cover creating custom images later in the article. To get a taste for launching an image, go to Images in the Dashboard and click Launch next to the type of image you want to start. Figure 2 shows that some Ubuntu server images and a Windows image are available.
If you launch an instance of an image by clicking Launch, you'll see the Launch Instance window, as in Figure 3.
This window includes the ability to name the server, insert some user data at launch, choose the number of CPUs, disk space, and amount of RAM, and then click "Launch Instance." You now have a new virtual server that you can SSH into and use just like a normal server without stacking, racking, and cabling a real server or going through provisioning channels.
How to Work with Virtual-Machine Instances
Instances are virtual machines with particular specifications for memory, disk space, and CPUs. With OpenStack Compute you are orchestrating your cloud and enabling cloud users to start instances, reboot them, and take a snapshot of an instance for later reuse.
If you go to Instances in the User Dashboard you see the instance you just launched. For each instance, you can do several actions such as terminate instances, reboot them, snapshot themand all these actions are performed using the OpenStack Compute API 1.1. You can also open a console window or see logs for an instance from within the Dashboard.
Add Security Key Pairs to Images
As a security feature so you can control access to your virtual machines, OpenStack expects the client tools to use two kinds of credentials. One set of credentials is the username and password for the Dashboard itself. Another set of credentials is "keypairs," which provides secure authentication to a user's instances. When users can provide both credentials, they have access to the instances in their OpenStack cloud. Key pairs (a public key/private key pair) are useful parameters that you can use when starting an instance. For example, to launch an instance and access it with SSH you want to create a keypair so that you can identify users accessing instances via SSH.
The OpenStack Dashboard lets you manage those keypairs by going to Keypairs and clicking Create New Keypair. In the screen that follows, enter a name for your Keypair and click Create Keypair. Creating a new keypair registers the public key and downloads the private key (a .pem file). It's created for your use, so protect it as you would any other SSH private key, see Figure 4.