EVERYTHING YOU NEED TO KNOW ABOUT OPENSTACK FOR CCIE WRITTEN EXAM PREPPaul Adam
Cisco put every CCIE written exam taker on notice in July 2016 by introducing “Evolving Technologies” section across all CCIE written exam tracks which contains, among other cutting-edge technologies, OpenStack. All of our study guides and practice quizzes include OpenStack related topics to ensure your learning and exam success.
I personally believe that when all will be said and done, OpenStack may perhaps go down as the most successful project in the open source history. OpenStack was started by NASA and RackSpace back in the days as a way to open up Amazon (AWS) cloud hegemony. I have to say, while OpenStack gained tremendous ground over the last 3-5 years, AWS likewise is way beyond anybody’s expectations as far as public cloud is concerned (if you have not noticed, AWS is killin’ it!).
Anyhow, for CCIE written exams, as per the Cisco’s official blueprint, you need to know the following:
- Automation and orchestration
- Troubleshooting and management
In this post, I will discuss OpenStack components, i.e.
Nova is designed to manage and automate the provisioning of compute resources. This is the core of the virtual machine management software, but it is not a hypervisor. Instead, Nova supports virtualization technologies including KVM, Xen, ESX and Hyper-V, and it can run on bare-metal and high performance computing configurations too. Compute resources are available via APIs for developers, and through web interfaces for administrators and users. The compute architecture is designed to scale horizontally on standard hardware. New in the Icehouse release are rolling upgrades, which allow OpenStack clouds to be updated to a new release without having to shut down VMs. Nova can be thought of as the equivalent to Amazon Web Services Elastic Compute Cloud (EC2).
Neutron manages the networking associated with OpenStack clouds. It is an API-driven system that allows administrators or users to customize network settings, then spin up and down a variety of different network types (such as flat networks, VLANs or virtual private networks) on-demand. Neutron allows for dedicated or floating IP addresses (the latter of which can be used to reroute traffic during maintenance or a failure, for example). It supports the OpenFlow software defined networking protocol and plugins are available for services such as intrusion detection, load balancing and firewalls. The Cisco plugin overlay architecture uses model layers to overlay the Nexus plugin on top of the Openvswitch plugin. It supports two segmentation methods for the Openvswitch plugin: VLAN and GRE tunnels.
OpenStack has two major storage platforms: An object storage system named Swift and a block storage platform named Cinder. Swift, which was one of the original components contributed by Rackspace, is a fully-distributed, scale-out API-accessible platform that can be integrated into applications or used for backup and archiving. It is not a traditional file storage system though; instead, Swift has no “central brain.” The OpenStack software automatically replicates data stored in Swift across multiple nodes to ensure redundancy and fault tolerance. If a node fails, the object is automatically replicated to new commodity nodes that are added to the system. That is one of the key enabling features to allow OpenStack to scale to massive sizes. You can think of Swift as the equivalent of AWS’s Simple Storage Service (S3).
Unlike Swift, Cinder allows for blocks of storage to be managed. They’re meant to be assigned to compute instances to allow for expanded storage. The Cinder software manages the creation of these blocks, plus the acts of attaching and detaching the blocks to compute servers. The other major feature of Cinder is its integration with traditional enterprise storage systems, such as Linux Server storage and other platforms such as Ceph, NetApp, Nexenta, SolidFire and Zadara, among others. This is the equivalent of AWS’s Elastic Block Storage (EBS) feature.
OpenStack has a variety of components that are OpenStack shared services, meaning they work across various parts of the software, such as Keystone. This project is the primary tool for user authentication and role-based access controls in OpenStack clouds. Keystone integrates with LDAP to provide a central directory of users and allows administrators to set policies that control which resources various users have access to. Keystone supports traditional username and password logins, in addition to token-based logins.
This is the primary graphical user interface for using OpenStack clouds. The web-based tool gives users and administrators the ability to provision and automate services. It’s the primary way for accessing resources if API calls are not used. Dashboard is also known as Horizon.
One of the key benefits to a cloud platform is the ability to spin up virtual machines quickly when users request them. Glance helps accomplish this by creating templates for virtual machines. Glance can copy or snapshot a virtual machine image and allow that to be recreated. That means administrators can set up a catalog of virtual machine templates that users can select from and self-provision. Glance can also be used to back up existing images to save them. Glance integrates with Cinder to store the images.
Ceilometer is a telemetry system that allows administrators to track usage of the OpenStack cloud, including which users accessed which resources, as well as aggregate data about the cloud usage as a whole.
Heat is an orchestration engine that allows developers to automate the deployment of infrastructure. This allows compute, networking and storage configurations to be automatically assigned to a virtual machine or application. This allows for easier onboarding of new instances. Heat also has an auto-scaling element, which allows services to add resources as they are needed.
OpenStack bare metal provisioning a.k.a Ironic is an integrated OpenStack program which aims to provision bare metal machines instead of virtual machines, forked from the Nova baremetal driver. It is best thought of as a bare metal hypervisor API and a set of plugins which interact with the bare metal hypervisors. By default, it will use PXE and IPMI in concert to provision and turn on/off machines, but Ironic also supports vendor-specific plugins which may implement additional functionality.