A cloud platform centrally manages data center service resources and provides a user interface (UI) for configuring services. It connects to northbound Application Programming Interfaces (APIs) of Huawei's Agile Controller and delivers service configurations to the Agile Controller for orchestration and deployment. The cloud platform and Agile Controller work together to schedule computing, storage, and network resources.
Some customers may develop their own application portals and connect them to cloud platforms to manage resources, deliver services, and monitor the services.
Position of cloud platforms in Huawei CloudFabric DCN Solution
A public cloud is cloud infrastructure operated by an enterprise to provide cloud services for external users over the Internet. External users do not own cloud computing resources.
A private cloud is built by an enterprise's IT department or a cloud platform service provider to provide services for internal users of the enterprise. The enterprise can deploy its own networks, applications, and services on the cloud platform.
Private clouds can be deployed in the data centers of enterprises or in the equipment rooms of cloud platform service providers.
A hybrid cloud is a mix of public and private clouds.
Most enterprises use hybrid clouds because they do not want to store all information on a public cloud due to security and control issues. Hybrid clouds allow for service scalability. For example, a private cloud uses a public cloud as the disaster recovery platform. Cloud infrastructures of private and public clouds are independent of each other but are bound by standard or proprietary technologies.
- Provides powerful virtualization functions, resource pool management, diverse basic cloud service components and tools, as well as open and standard APIs.
- Horizontally integrates physical and virtual resources in data centers and vertically optimizes service platforms.
- Supports both existing IT applications and emerging applications.
- Facilitates smooth construction, use, and evolution of cloud computing.
FusionCompute is a piece of cloud operating system software. It virtualizes hardware resources, and centrally manages virtualized resources, service resources, and user resources. FusionCompute leverages virtual computing, storage, and network technologies to virtualize computing, storage, and network resources.
FusionStorage is a piece of distributed storage software that has both storage and computing capabilities. It can be deployed on multiple general x86 servers to combine the local disks on all the servers into a virtual storage resource pool to provide the block storage function.
FusionNetwork is a solution designed for traditional virtual switching to evolve to forward-thinking SDN. FusionNetwork leverages the Layer 2 VXLAN tunnel encapsulation technology and Huawei's SDN controllers to automatically deploy and configure SDN networks, control service level agreement (SLA), and isolate multiple tenants.FusionNetwork provides network functions based on the Neutron service in the FusionSphere OpenStack system.
Huawei FusionSphere OpenStack is an enhanced enterprise edition developed based on OpenStack software. FusionSphere OpenStack centrally schedules and manages computing, storage, and virtual network resources over unified RESTful interfaces. It also reduces operating expense (OPEX) and provides high system security and reliability, helping enterprises build secure, energy-saving data centers.
|FusionSphere OpenStack OM||Mandatory
FusionSphere OpenStack OM is a piece of O&M software for FusionSphere OpenStack. FusionSphere OpenStack OM monitors and manages FusionSphere hardware and software deployed on the cloud platform, supports automatic resource provisioning and automatic system O&M, and provides a web UI for administrators to perform operations and manage resources.
Backup software provides the ability to back up all virtualized applications.
A virtual data center is a pool of certain quotas of computing, storage, and network resources designed specifically for only one organization.
In a public cloud scenario, an administrator can define a VDC and assign it to a tenant. Only the tenant can manage the VMs in this VDC.
In a private cloud scenario, VDCs can be flexibly defined and assigned to services, applications, or departments. Administrators can allocate different resource quotas to diverse services and applications in an enterprise.VDC technology allocates resources to applications, avoiding resource conflicts.
VPC（Virtual Private Cloud）
A virtual private cloud (VPC) is a security zone for one type of services or a department. VPCs use resources in VDCs. Each VPC belongs to one VDC, and each VDC can have multiple VPCs.
- Isolated environments: VPCs provide isolated VMs and network environments for different departments.
- Diverse services: Each VPC can provide independent virtual firewall (vFW), elastic IP address, security group, super VLAN, Internet Protocol Security (IPSec) VPN, and NAT gateway services (some of the functions are provided by the vFW).
- Flexible networking: Multiple networking modes are supported, including directly connected networks and routing networks.
OpenStack is a collection of open-source management platform projects for cloud computing. It consists of diverse components for computing, storage, networking, image, and other services. OpenStack supports almost all types of cloud environments, and aims to offer a cloud computing management platform that allows for simple operations, high scalability, and unified standards.
OpenStack provides diverse components to control and manage resources, virtualizes computing, storage, and network resources in data centers, and enables resource pools. These components interconnect with each other to schedule resources to provision services.
- Nova: provides computing resource services. It manages VMs and other computing resources during their lifecycles.
- Cinder: provides a cloud platform with on-demand and persistent block storage that uses unified interfaces.
- Neutron: provides network services for VMs.
- Keystone: acts as an authentication system.
- Swift: stores objects.
- Ceilometer: provides the monitoring and billing services.
- Heat: orchestrates services.
As a core component of OpenStack, Neutron provides network services for OpenStack cloud platforms. Neutron enables OpenStack cloud platforms to flexibly divide physical networks, and provides an independent network environment for each tenant in multi-tenant scenarios.
Users can create their own network objects in Neutron. A network object is similar to a huge switch on a physical network. It has an unlimited number of virtual ports that can be created or deleted.
- Network: a namespace allocated to a host.
- Subnet: an IP address range. It has no entity and is under the network level.
- Port: a network interface card (NIC) on a VM. It is under the subnet level.
- Security group: controls access to ports.
- A cloud platform administrator obtains a group of public IP addresses, and creates an extranet and subnet.
- A tenant creates its own network and subnet.
- The tenant creates a router and connects it to the subnet that the tenant has created and the extranet that the cloud platform administrator has created.
Nova is also a core component of OpenStack. It provides virtual computing resource services to OpenStack cloud platforms. Nova also manages VMs during their lifecycles, including creating, modifying, and deleting VMs.
- OpenStack instructs Nova to create a VM.
- Nova invokes Neutron to create virtual network ports of the VM and specify the Layer 2 network to which the VM belongs.
- Nova invokes the VMM's interface to create the VM and specify the specifications of physical computing resources used by the VM.
- Nova delivers configuration to the VMM. The VMM then binds the VM to a specified subnet according to the configuration.
Ironic is an OpenStack component for managing bare metal machines during their lifecycles.
OpenStack supports multiple types of hypervisors that allow users to deploy and configure VMs by themselves. However, virtualization is not suitable to some scenarios, and these scenarios require real, physical bare metal machines. To meet self-service requirements in these scenarios, OpenStack offers Ironic to deploy bare metal machines.
To deploy bare metal machines in OpenStack, users directly operate hardware infrastructure and deploy applications (images) on real physical machines.
One of Nova's virtual drivers is used to invoke Ironic to start bare metal machines. The Ironic virtual driver allows OpenStack users to start a bare-metal instance through a computing API, just like starting a VM instance.
Ironic provides a series of APIs for managing physical machines that have no operating system installed, including operating system installation and repair of the physical machines. Administrators will have consistent experience in managing physical machines and VMs. To create a physical nova-compute node, an administrator only needs to specify an image. Ironic then automatically installs the operating system on the nova-compute node according to the image.Server providers can develop Ironic plug-ins to add or delete their own physical servers, manage power suppliers, and deploy operating systems.
The OpenStack system consists of control, computing, network, and storage nodes.
A control node controls other nodes, including VM creation, VM migration, network allocation, and storage allocation. The control node provides basic management service, extended management service, and management support service.
- Keystone: indicates the authentication management subservice that manages, creates, and modifies authentication information and tokens of all other components.
- Glance: indicates the image management subservice that manages images used during VM creation, including image import and template creation.
- Nova: indicates the computing management subservice that manages Nova of compute nodes.
- Neutron: indicates the network management service that manages the network topology of network nodes and provides the management panel.
- Horizon: indicates the console service that provides a web-based management phase, which is also called DashBoard.
- Cinder: manages Cinder of storage nodes and provides a management panel.
- Swift: manages Swift of storage nodes and provides a management panel.
- Trove: manages Trove of storage nodes and provides a management panel.
- Heat: provides the capability to orchestrate multiple services in a collaborative manner.
- Centimeter: monitors, records, and analyzes physical and virtual resources.
- MySQL: The database stores the data generated by the basic or extended service.
- Qpid: The message agent or middleware provides a unified message communication service for other services.
- Nova: Provides various VM services, such as VM creation, running, migration, and snapshot, and provides APIs to connect to control nodes to deliver tasks.
- Neutron: provides communication services between compute and network nodes.
- Telmeter: Provides the monitoring agent for the compute node and reports the VM status to the control node. It is the proxy service of the Centimeter.
- eth0: communicates with the control node and is uniformly allocated and managed by the control node.
- eth1: communicates with network and storage nodes.
A network node provides the Neutron service. The Neutron service manages communication between private and public network segments and between VM networks, and manages firewalls.
- eth0: communicates with the control node.
- eth1: communicates with computing and storage nodes except the control node.
- eth2: provides communication between external VMs and the corresponding network.
- Cinder: indicates the block storage service. It provides corresponding block storage, that is, virtualizing a disk so that it can be mounted to a corresponding VM. For a VM, a new hard disk is added to mount, unmount, format, and convert the file system. It is used for capacity expansion when the VM space is insufficient.
- Swift: indicates the object storage service. It provides the corresponding object storage, that is, virtualizing a disk to store files. However, it cannot format or convert the file system.
- eth0: communicates with the control node, accepts tasks delivered by the control node, and is uniformly allocated by the control node.
- eth1: communicates with the compute and network node to complete various tasks delivered by the control node.