View
0
Download
0
Category
Preview:
Citation preview
Topic:OpenStack混合云之路
Speaker:黄舒泉@九州云99cloud
About• Technical Director @ 99cloud• Heavily involve in OpenStack Community since2012
• Open Source Evangelist
Agenda
• StateofHybridCloud• Why Hybrid Cloud?• Hybrid Cloud UseCases• Challenges• BridgingGaps• Summary
StateofHybridCloud• 71%ofrespondentsenterprisesareusinghybridcloud– RightScale Report
• 75%ofcompaniesplannedtoadapthybridcloud–CloudCruisersurvey
• 88%of respondents believehybridcloudis‘important’or‘critical’toenabledigitalbusinesstransformation-IDGResearchsurvey
Why Hybrid Cloud?
• Provide resourcesina shorttimeframe• “buyingthebaseandrentingthepeak”• Fullgeographicreachneeded.
Hybrid Cloud UseCases
• BestCloud Allocation• Lifecycle-BasedDeployment• DisasterRecovery• Cloudbursting
security,latency,cost,andapplicationcomplexity.
BestCloud Allocation• Itinvolvesselectingthebestcloudfordeployingeachapplication.
• Theentireapplicationrunsinthatselectedprivateorpubliccloud.
Lifecycle-BasedDeployment• Dev/TestinPublicCloud,ProductioninPrivateCloud
• Dev/TestinPrivateCloud,ProductioninPublicCloud
• NewAppsinPublicCloud,Steady-StateAppsinPrivateCloud
DisasterRecovery• Usingpubliccloudfordisasterrecovery avoid thecostofprovisioningduplicate infrastructurethatisrarelyused.
• Greatlyreducingthetimerequiredtobringtheentireconfigurationtoanoperationalstate.
Cloudbursting
• Directconnection between cloud providers– AWSDirectConnect– Aliyun Express Connect
• Automationcapabilitiestohandleauto-scaling
Challenges• AccessControl:howtohandledifferentcredentialswithsecuritymanner?
• Multi-CloudManagement:howtomanagecloudswithasinglepane?
• Multi-Cloud Orchestration:howtoorchestrateapplicationsamong multi-cloud environment?
• Audit&Compliance:howtocollectauditdataandcomplywithregulations?
• NetworkConnectivity:howtomanagenetworkconfigurationsandmaintainconnectivityacrossclouds?
BridgingGapsChallenges OpenStack Solutions
Access Control Federated Identity
Multi-Cloud Management tricircle
Multi-Cloud Orchestration heat-multicloud
Audit & Compliance
Network Connectivity
Federated Identity(1)• Junoimplementedspecs:
– KeystonetoKeystonefederation– Standardizingthefederationprocess– AuditSupportforKeystoneFederation
• Kiloimplementedspecs:– WebSingleSignOnPortal– RescopingSpec- FromUnscopedtoScoped– OpenIDConnectfederation– EnhanceFederationmappingalgorithms– FederatedServiceProvidersinKeystone– ExplicitlyUnscopedTokens– Directusersmappingforfederatedauthentication– Scopefederationtokenswith token authenticationmethod– IdPIDregistrationandvalidation– IETFABFABfederation
• Libertyimplementedspecs:– NewattributesforSAMLAssertiongeneratedbykeystoneIdP– IdentityProviderSpecificWebSSO
Federated Identity(2)• ServiceProvider(SP)• IdentityProvider(IdP)• SAMLassertion
Federated Identity using Keystone
Federated Identity(3)
Keystone to Keystone Federation
Heat-Multicloud(1)• Havana implemented
– https://blueprints.launchpad.net/heat/+spec/heat-standalone
– https://blueprints.launchpad.net/heat/+spec/heat-multicloud
• Kilo implemented– https://blueprints.launchpad.net/heat/+spec/multi-region-support
– Multi-regionscenariotest• Backlog
– https://blueprints.launchpad.net/heat/+spec/multi-cloud-federation
Heat-Multicloud(2)
• Heat Resource Plugin Structure• Standalone Heat Deployment
Tricircle
…
Tenant1VirtualResources
Tenant2VirtualResources
TenantxVirtualResources
CascadedOpenStack2CascadedOpenStack1 CascadedOpenStacky
OpenStackAPI OpenStackAPIOpenStackAPI
Service Orchestrator x
Service Management
Service Orchestrator 1
OpenStackAPI OpenStackAPIOpenStackAPI
… …
CloudovercloudsbyOpenStackcascading:thecascadedOpenStackinstanceevencanberunninginsideAmazonAWSorWindowsAzure,andthenbeingintegratedintoacloudthroughthecascadingOpenStack.Thisiscloudoverclouds.
Tricircle
99cloud hybrid cloud solutionChallenges 99cloud Solutions
Access Control
Multi-Cloud Management
Multi-Cloud Orchestration
Audit & Compliance
Network Connectivity
Summary
• The road to hybrid cloud with OpenStack isrough and steep.
• OpenStack itself lacks the capabilities to meethybrid cloud scenarios.
• The3rd platformcancentrallyleverageOpenStackAPIsto implement hybrid cloud.
Placeholder Footer Copy / BU Logo or Name Goes Here
Thanks
Reference
• http://www.rightscale.com/lp/2016-state-of-the-cloud-report
• https://www.emc.com/microsites/cio/articles/idg-research-study-hybrid-cloud/index.htm
• https://aws.amazon.com/directconnect/• http://docs.openstack.org/developer/heat/getting_started/standalone.html
Recommended