Cloud Architecture Design¶
In order to get familiar with OpenNebula, or if you want to try an Edge, Hybrid or Multi-cloud deployment, we strongly recommend you start with the Quick Start guide. In the Quick Start, you will learn how to install a single OpenNebula Front-end, deploy on-demand Edge Clusters on remote cloud providers, as well as the basic usage and operation of your cloud. This trial of a real cloud deployment will help you create a plan with the features, performance, scalability, and high availability characteristics in order to get the most out of an OpenNebula Cloud.
Step 1. Install the Front-end¶
The first step is the installation of OpenNebula in the cloud Front-end. This installation process based on operating system packages for the most widely used Linux distributions is the same for any underlying hypervisor or deployment model. Alternatively, you can deploy the complete OpenNebula Front-end from the official container image on Docker or Podman. Container installation is in Technology Preview and only supported for testing and development.
Don’t forget to read the section about Large-scale Deployment if you’re planning a system with a very large number of hypervisors. The general recommendation is to have no more than 2,500 servers and 10,000 VMs managed by a single instance. Better performance and higher scalability can be achieved with specific tuning of other components like the DB. In any case, to grow the size of your cloud beyond these limits, you can horizontally scale your cloud by adding new OpenNebula zones within a federated deployment. The largest OpenNebula deployment consists of 16 data centers and 300,000 cores.
Optionally you can set up a high available cluster for OpenNebula to reduce downtime of core OpenNebula services, and configure a MySQL/MariaDB backend as an alternative to the default Sqlite Back-end if you are planning a large-scale infrastructure. PostgreSQL is also supported but for evaluation only (Technology Preview).
Although a single OpenNebula Front-end can manage multiple clusters geographically distributed in several data centers and cloud providers, a multi-zone deployment with datacenter federation functionality can be chosen when data centers are in different administrative domains or when the connectivity across data centers does not meet latency and bandwidth requirements. Multiple OpenNebula zones can be configured as a federation, and in this case they will share the same user accounts, groups, and permissions across data centers.
Besides connecting your cloud to the public OpenNebula Marketplace and other third-party Marketplaces like Docker Hub and Linux Containers, you can build your own private marketplace to provide your users with an easy way of privately publishing, downloading and sharing your own custom Appliances.
Step 2. Deploy Edge Clusters¶
OpenNebula brings its own Edge Cluster configuration that is based on solid open source storage and networking technologies, and is a much simpler approach than those of customized cloud architectures made of more complex, general-purpose and separate infrastructure components. OpenNebula automates the deployment of Edge Clusters on-demand on virtual or bare-metal resources both on-premises and on your choice of public cloud or edge provider.
Step 3. Set up Customized Clusters On-premises¶
OpenNebula is certified to work on top of multiple combinations of hypervisors, storage and networking technologies. In this model, you need to install and configure the underlying cloud infrastructure software components first and then install OpenNebula to build the cloud. The clusters can be deployed on-premises or on your choice of bare-metal cloud or hosting provider. If you are interested in designing and deploying an OpenNebula cloud on top of VMware vCenter, please refer to our VMWare Cloud Reference Architecture. If you are interested in an OpenNebula cloud fully based on open source platforms and technologies, please refer to our Open Cloud Reference Architecture. These guides have been created from the collective information and experiences of hundreds of users and cloud client engagements. Besides the main logical components and interrelationships, these guides document software products, configurations, and requirements of infrastructure platforms recommended for a smooth OpenNebula installation.
3.1.Choose Your Hypervisor¶
The first step in building a customized cluster is to decide on the hypervisor that you will use in your cloud infrastructure. The main OpenNebula distribution provides full support for the two most widely used hypervisors, KVM and VMware (through vCenter), LXC system containers, and Firecracker lightweight virtualization at different levels of functionality.
- Virtualization and Cloud Management on KVM. Many companies use OpenNebula to manage data center virtualization, consolidate servers, and integrate existing IT assets for computing, storage, and networking. In this deployment model, OpenNebula directly integrates with KVM and has complete control over virtual and physical resources, providing advanced features for capacity management, resource optimization, high availability and business continuity. Some of these deployments additionally use OpenNebula’s Cloud Management and Provisioning features when they want to federate data centers, implement cloud bursting, or offer self-service portals for end-users.
- Cloud Management on VMware vCenter. Other companies use OpenNebula to provide a multi-tenant, cloud-like provisioning layer on top of VMware vCenter. These deployments are looking for provisioning, elasticity and multi-tenancy cloud features like virtual data centers provisioning, datacenter federation or hybrid cloud computing to connect in-house infrastructures with public clouds, while the infrastructure is managed by already familiar tools for infrastructure management and operation, such as vSphere and vCenter Operations Manager.
- Containerization with LXC. Containers are the next step towards virtualization. They have a minimal memory footprint and skip the compute intensive and sometimes unacceptable performance degradation inherent to hardware emulation. You can have a very high density of containers per virtualization node and run workloads close to bare-metal metrics. LXC focuses on system containers unlike similar technologies like Docker, which focuses on application containers.
- Lightweight Virtualization on Firecracker. Firecracker MicroVMs provide enhanced security and workload isolation over traditional container solutions while preserving their speed and resource efficiency. MicroVMs are especially designed for creating and managing secure, multi-tenant container (CaaS) and function-based (FaaS) services.
After having installed the cloud with one hypervisor, you may add other hypervisors. You can deploy heterogeneous multi-hypervisor environments managed by a single OpenNebula instance. An advantage of using OpenNebula on VMware is the strategic path to openness as companies move beyond virtualization toward a private cloud. OpenNebula can leverage existing VMware infrastructure, protecting IT investments, and at the same time gradually integrate other open source hypervisors, therefore avoiding future vendor lock-in and strengthening the negotiating position of the company.
3.2. Install the Virtualization hosts¶
Now you are ready to add the virtualization nodes. The OpenNebula packages bring support for KVM, LXC, Firecracker and vCenter nodes. In the case of vCenter, a host represents a vCenter cluster with all its ESX hosts. You can add different hypervisors to the same OpenNebula instance.
3.3. Integrate with Data Center Infrastructure¶
Now you should have an OpenNebula cloud up and running with at least one virtualization node. The next step is to configure OpenNebula to work with your infrastructure. When using the vCenter driver, no additional configurations are needed.
However, when using KVM, LXC or Firecracker, OpenNebula directly manages the hypervisor, networking and storage platforms, and you may need additional configuration:
- Networking setup with 802.1Q VLANs, ebtables, Open vSwitch or VXLAN.
- Storage setup with NFS/NAS datastore, Local Storage datastore, SAN datastore, Ceph, Dev, or iSCSI datastore.
- Host setup with the configuration options for the KVM hosts, LXC hosts, Firecracker hosts Monitoring subsystem, Virtual Machine HA or PCI Passthrough.
- Authenticagtion setup, OpenNebula comes by default with an internal user/password authentication system, but it can use an external Authentication driver like ssh, x509, ldap or Active Directory.
3.4. Configure Cloud Services¶
OpenNebula operates coordinating a set of specialized daemons and services to provide specific functions. You can get an in-depth overview of the main OpenNebula components, their configuration files, start and stop procedures as well as logging facilities in the OpenNebula Services Guide.
Step 4. Operate your Cloud¶
4.1. Define a Provisioning Model¶
Before configuring multi-tenancy and defining the provisioning model of your cloud, we recommend you go through this introduction to the OpenNebula provisioning model. In a small installation with a few Hosts, you can skip this guide and use OpenNebula without giving much thought to infrastructure partitioning and provisioning. But for medium and large deployments you will probably want to provide some level of isolation and structure.
OpenNebula helps you to define a provisioning model with two concepts:
- Users and Groups. OpenNebula features advanced multi-tenancy with powerful users and groups management, an Access Control List mechanism allowing different role management with fine-grain permission granting over any resource. The resource quota management subsystem lets you track and limit computing, storage and networking utilization.
- Virtual Data Centers VDCs let you assign one or more user groups to a pool of physical resources. Virtual Data Centers (VDCs) allow the creation of logical pools of resources (which could belong to different clusters and zones) and allocate them to user groups.
4.2. Manage Virtual Resources¶
Now everything is ready for operation. OpenNebula provides full control to manage virtual resources.
- Virtual machine image management that allows you to store disk images in catalogs (termed datastores), that can then be used to define VMs or shared with other users. The images can be OS installations, persistent datasets or empty data blocks that are created within the datastore.
- Virtual network management of Virtual networks that can be organized in network catalogs and provide means to interconnect virtual machines. This kind of resource can be defined as IPv4, IPv6, or mixed networks, and can be used to achieve full isolation between virtual networks. Networks can be easily interconnected by using virtual routers and KVM, LXC and Firecracker users can also dynamically configure security groups
- Virtual machine template management with a template catalog system that allows the registering of virtual machine definitions in the system, to be instantiated later as Virtual Machine instances.
- Virtual machine instance management with a number of operations that can be performed to control the lifecycle of the virtual machine instances, such as migration (live and cold), stop, resume, cancel, power-off,… or backup.
- OneFlow allows multi-VM application and auto-scaling to define, execute and manage multi-tiered elastic applications, or services composed of interconnected Virtual Machines with deployment dependencies between them and auto-scaling rules.
- Application insight with OneGate allows Virtual Machine guests to pull and push VM information from OpenNebula. Users and administrators can use it to gather metrics, detect problems in their applications, and trigger OneFlow elasticity rules from inside the VM.
Several reference guides are provided for more information about definition files, templates, and the CLI.
Step 5. Integrate with other Components¶
This step is optional and only for integrators and builders.
Because no two clouds are the same, OpenNebula provides many different interfaces that can be used to interact with the functionality offered to manage physical and virtual resources.
- Modular and extensible architecture with customizable plug-ins for integration with any third-party data center infrastructure platform for storage, monitoring, networking, authentication, virtualization and market.
- Rich API set that offers all the functionality of OpenNebula components, with bindings for ruby and java and XML-RPC API. These APIs will ease the integration of your cloud with higher level tools such as billing, self-service portals…
- OneFlow API to create, control and monitor multi-tier applications or services composed of interconnected Virtual Machines.
- Sunstone custom routes and tabs to extend the sunstone web UI interface.
- Hook Manager to trigger administration scripts upon resource state changes or API calls.