SlideShare una empresa de Scribd logo

Introducing self-service to research (Devopsdays Ghent 2016)

Bart Vanbrabant
Bart Vanbrabant

This talk reports about the introduction of an OpenStack based private cloud at the large research group. (1) The process taking away “pets” and giving them “cattle”. (2) Technical and management challenges for managing a virtual environment with very diverse requirements.

Software
1 de 60
Descargar para leer sin conexión
Introducing self- service to researchers Bart Vanbrabant
About me  Did a PhD at KU Leuven  CTO of Inmanta • KU Leuven spin-off • Develops an orchestration tool • Open source at https://github.com/inmanta/inmanta  Research fellow at KU Leuven  Was here in 2009 2
Research environment Large research group • ~ 80 researchers • Research on software engineering, security, networks and systems, … 3
Research environment Single person silos “Tiger teams” Large project teams 4
Resources for experiments Based on smaller teams and projects Very limited for the single person silo Labs with equipment: mostly desktops out of warranty 5
About my PhD 6 A Framework for Integrated Configuration Management of Distributed Systems
About my PhD 7 A Framework for Integrated Configuration Management of Distributed Systems Een raamwerk voor geïntegreerd configuratiebeheer van gedistribueerde systemen
About my PhD 8 A Framework for Integrated Configuration Management of Distributed Systems
Single person silo 9
Single person silo 10 ME
Networking lab 11
Networking lab 12
Specs  PII 400 mhz  <= 256 ram  4 and 8 GB disks  1x 100M NIC 13
Optiplex GX100 14
15
Specs  PII and PIII: 400 -> 650 Mhz  512M ram  8 GB disks  2x 100M NIC 16
Stacks 17
Lots of them 18
Optiplex GX1 1998? 19
Optiplex GX1 2008 20
Optiplex GX1 2011 21
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD 22
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? 23
Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? Where are they? 24
25
Shadow-IT  Multiple old desktops under desk  Sharing desktop stacks in offices  You can use mine if I can use yours  … 26
Shadow-IT  No pool of hardware to use  No backups  No updates  No idea what is actually available  All machines have a public IP! 27
Cause  Silos  Not just Devs vs Ops • Central IT • Local IT • Research group IT • Researchers  Different goals  Communications through tickets, email, … 28
No silo any more  Researcher with operational skills  Collaborate in projects, using other research as case study  Java and Application servers 29
Tipping point Use a J2EE application as case study 30
Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram 31
Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram In 2011 32
33
Managed servers  Buy one or more beefy servers  Use for a single research project (2 to 5 years)  Peak usage  In DC (“computerzaal”) by local IT staff  Ubuntu LTS 34
Managed servers Buy new server in may 2014 • New OS: 14.04 Buy new server in march 2014 • 2 year old OS: 12.04 35
More recent software?  Researcher: I need a newer version of X  IT staff: There is no update in Ubuntu repo  Researcher: But I really need it!  IT staff: No worry, we installed GCC and increased your quota. But please, put it in a NoBackup folder 36
37
Network zones  DMZ  Intranet  Lab  Experiments 38
Virtualization Managed system Root access on virtual machines No solution for networking and storage 39
Self service 40
Self service  Setup a pool of hardware  Isolate users from each other  Users and teams can create servers, networks, change firewall rules, use multiple zones, offer services to other users, … 41
42
Public cloud Easy: credit card and ready Bounded to their AUP Harder to predict cost Data not on premise Not so cheap 43
Private cloud  Harder to set up and operate  Up-front cost and hosting cost  Better integration with own infrastructure  Fixed size 44
OpenStack  Start with one server with OpenStack Folsom in 2012  Added two servers two months later  Add two servers  Migrated local storage to shared Ceph storage  Add three servers  Upgraded from 1G to 4x1G  Added NetApp NFS archive  Add SSD caching layer in Ceph  Migrated to 2x10G  Add eight server servers  Same interface for users! 45
Current setup  2x controller  1x mgmt server  6x performance nodes • CPU pinning, NUMA awareness, local storage • 2x8 Cores + 64GB ram  6x general purpose • 128GB ram • 2x14 cores • Ceph storage • SSD + SAS disks  2x10G  NetApp filer with 48TB storage 46
Virtual infrastructure  Three different uplinks (network zones)  Different routing and floating IP model  Each user gets their own sandbox with quotas  Team projects get their own project  Security groups by default closed  Routes from and to all user networks within private address range  Access with SSH or OpenVPN 47
Management 48
Config model 49 entity Project: """ A personal sandbox project in OpenStack :param name The username and projectname to create :param email The email address of the user :param subnet_id The third octet of the project :param public_network Create a network in the public zone :param lab_network Create a network in the lab zone (they get their own router) :param exp_network Create a network in the experimental zone """ string name string email number subnet_id bool public_network bool lab_network bool exp_network end index Project(name) index Project(subnet_id) Project personal_projects [0:] -- [1] neutron::Network lab_uplink Project personal_projects [0:] -- [1] neutron::Subnet lab_routing_subnet Project admin_projects [0:] -- [1] keystone::Project admin_project Project personal_projects [0:] -- [1] keystone::Project project Project personal_projects [0:] -- [1] vm::IaaS iaas Project personal_project_public_router [0:] -- [1] neutron::Router public_router Project personal_project_exp_router [0:] -- [1] neutron::Router exp_router
User setup 50 implementation personalProject for Project: # define the user stuff self.project = keystone::Project(iaas=self.iaas, name=name, enabled=true, description="Personal project of {{ name }} ({{ email }})") user = keystone::User(iaas=self.iaas, name=name, email=email, enabled=true, password=password) keystone::Role(project=self.project, user=user, role="Member") keystone::Role(project=self.project, user=user, role="heat_stack_owner") keystone::Role(project=self.project, user=keystone::User[name="admin"], role="admin") keystone::Role(project=keystone::Project[name="openvpn"], user=user, role="Member") std::User(host=self.iaas.access_vm, name=name, shell=“/bin/bash”) end
Public network zone 51 implementation publicNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_net", project=self.project, self.iaas=iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.public_router, dhcp=true, name="{{ name }}_net", network_address="172.16.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.16.{{subnet_id}}.10", allocation_end="172.16.{{subnet_id}}.254") end
Lab network zone 52 implementation labNet for Project: # Create a dedicated router and network for this demo environment router = neutron::Router(name="router-{{name}}", iaas=self.iaas, project=self.project, ext_gateway=self.lab_uplink) net = neutron::Network(name="{{name}}_lab", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=router, dhcp=true, name="{{name}}_lab", network_address="172.17.{{subnet_id}}.0/24", iaas=self.iaas, allocation_start="172.17.{{subnet_id}}.10", allocation_end="172.17.{{subnet_id}}.254") router_port = neutron::RouterPort(project=self.admin_project, iaas=self.iaas, name="{{name}}_lab_routing", address="172.18.0.{{subnet_id}}", subnet=self.lab_routing_subnet, router=router, purged=false) router.routes = neutron::Route(destination="172.16.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.17.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.19.0.0/16", nexthop="172.18.0.253") neutron::Route(destination="172.17.{{subnet_id}}.0/24", nexthop="172.18.0.{{subnet_id}}", router=self.public_router) end
Experimental network zone 53 implementation expNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_exp", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.exp_router, dhcp=true, name="{{ name }}_exp", network_address="172.19.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.19.{{subnet_id}}.10", allocation_end="172.19.{{subnet_id}}.254") end implement Project using personalProject implement Project using labNet when lab_network implement Project using publicNet when public_network implement Project using expNet when exp_network
54
Lessons learned 55
Self-service  Getting money to change things is hard  Got support from local IT  Start small  Documentation  Demo!  Training  Pro-bono services 56
Elasticity  (private) Cloud should be elastic  Resource have to seem infinite  But do enforce quotas  Capacity management and planning  Capacity problems encourages hoarding 57
Resource accounting  Quotes help wasting resources  Abandoned virtual machines  50 useful VM’s vs one VM trashing for weeks?  Working on better monitoring  Anomaly detection  Public shaming 58
Contact  bart.vanbrabant at inmanta.com  @bartvanbrabant  https://bart.vanbrabant.eu  https://inmanta.com  https://github.com/inmanta/inmanta  @inmanta_com 59
Eliminate complexityEliminate complexity 60

Recomendados

Document Similarity with Cloud Computing
Document Similarity with Cloud ComputingDocument Similarity with Cloud Computing
Document Similarity with Cloud ComputingBryan Bende
 
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairRENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairJohn Constable
 
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Frank Dürr
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Dave Holland
 
Distributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedDistributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedWee Hyong Tok
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Belmiro Moreira
 
.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4aminmesbahi
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodePalak Sood
 

Recomendados

Document Similarity with Cloud Computing
Document Similarity with Cloud ComputingDocument Similarity with Cloud Computing
Document Similarity with Cloud ComputingBryan Bende
 
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairRENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hair
RENCI User Group Meeting 2017 - I Upgraded iRODS and I still have all my hairJohn Constable
 
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...
Improving the Efficiency of Cloud Infrastructures with Elastic Tandem Machine...Frank Dürr
 
Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Sanger OpenStack presentation March 2017
Sanger OpenStack presentation March 2017Dave Holland
 
Distributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedDistributed DNN training: Infrastructure, challenges, and lessons learned
Distributed DNN training: Infrastructure, challenges, and lessons learnedWee Hyong Tok
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Belmiro Moreira
 
.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4.NET Core, ASP.NET Core Course, Session 4
.NET Core, ASP.NET Core Course, Session 4aminmesbahi
 
Cloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodeCloud Computing Open Stack Compute Node
Cloud Computing Open Stack Compute NodePalak Sood
 
Using Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems EasyUsing Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems Easynathanmarz
 
OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014Carlos Gonçalves
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERNArne Wiebalck
 
Thread
ThreadThread
ThreadSyed Zaid Irshad
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1Nhan Cao Thanh
 
Taverna summary
Taverna summaryTaverna summary
Taverna summarymyGrid team
 
Kafka overview v0.1
Kafka overview v0.1Kafka overview v0.1
Kafka overview v0.1Mahendran Ponnusamy
 
Vancouver open stack meetup presentation
Vancouver open stack meetup presentationVancouver open stack meetup presentation
Vancouver open stack meetup presentationSean Winn
 
Introduction to Openstack Network
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Networksalv_orlando
 
Microservices in Unikernels
Microservices in UnikernelsMicroservices in Unikernels
Microservices in UnikernelsMadhuri Yechuri
 
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewThang Man
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101Priti Desai
 
OpenStack Introduction
OpenStack IntroductionOpenStack Introduction
OpenStack IntroductionJimi Chen
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in GoAll Things Open
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...Giuseppe Paterno'
 
OpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceOpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceDenis Cavalcante
 
Expanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesExpanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesHPCC Systems
 
Apache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupApache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupSnehal Nagmote
 
Internship presentation
Internship presentationInternship presentation
Internship presentationRiccardo Samperna
 
Open stack and sdn hands-on and demo
Open stack and sdn hands-on and demoOpen stack and sdn hands-on and demo
Open stack and sdn hands-on and demoKyohei Moriyama
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 

Más contenido relacionado

La actualidad más candente

Using Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems EasyUsing Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems Easynathanmarz
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERNArne Wiebalck
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1Nhan Cao Thanh
 
Vancouver open stack meetup presentation
Vancouver open stack meetup presentationVancouver open stack meetup presentation
Vancouver open stack meetup presentationSean Winn
 
Introduction to Openstack Network
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Networksalv_orlando
 
Microservices in Unikernels
Microservices in UnikernelsMicroservices in Unikernels
Microservices in UnikernelsMadhuri Yechuri
 
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewThang Man
 
OpenStack Introduction
OpenStack IntroductionOpenStack Introduction
OpenStack IntroductionJimi Chen
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in GoAll Things Open
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...Giuseppe Paterno'
 
OpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceOpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceDenis Cavalcante
 
Expanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesExpanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesHPCC Systems
 
Apache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupApache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupSnehal Nagmote
 

La actualidad más candente (20)

Using Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems EasyUsing Simplicity to Make Hard Big Data Problems Easy
Using Simplicity to Make Hard Big Data Problems Easy
 
OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014OpenStack 101 @ ENEI 2014
OpenStack 101 @ ENEI 2014
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERN
 
Thread
ThreadThread
Thread
 
Openstack architure part 1
Openstack architure part 1Openstack architure part 1
Openstack architure part 1
 
Taverna summary
Taverna summaryTaverna summary
Taverna summary
 
Kafka overview v0.1
Kafka overview v0.1Kafka overview v0.1
Kafka overview v0.1
 
Vancouver open stack meetup presentation
Vancouver open stack meetup presentationVancouver open stack meetup presentation
Vancouver open stack meetup presentation
 
Introduction to Openstack Network
Introduction to Openstack NetworkIntroduction to Openstack Network
Introduction to Openstack Network
 
Microservices in Unikernels
Microservices in UnikernelsMicroservices in Unikernels
Microservices in Unikernels
 
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
 
OpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical OverviewOpenStack 101: Introduction & Technical Overview
OpenStack 101: Introduction & Technical Overview
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
 
OpenStack Introduction
OpenStack IntroductionOpenStack Introduction
OpenStack Introduction
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in Go
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...OpenStack Explained: Learn OpenStack architecture and the secret of a success...
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
 
OpenStack - Infrastructure as a service
OpenStack - Infrastructure as a serviceOpenStack - Infrastructure as a service
OpenStack - Infrastructure as a service
 
Expanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network CapabilitiesExpanding HPCC Systems Deep Neural Network Capabilities
Expanding HPCC Systems Deep Neural Network Capabilities
 
Apache Kafka Women Who Code Meetup
Apache Kafka Women Who Code MeetupApache Kafka Women Who Code Meetup
Apache Kafka Women Who Code Meetup
 
Internship presentation
Internship presentationInternship presentation
Internship presentation
 

Similar a Introducing self-service to research (Devopsdays Ghent 2016)

Open stack and sdn hands-on and demo
Open stack and sdn hands-on and demoOpen stack and sdn hands-on and demo
Open stack and sdn hands-on and demoKyohei Moriyama
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 
[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the BasicsUlrich Krause
 
XPages -Beyond the Basics
XPages -Beyond the BasicsXPages -Beyond the Basics
XPages -Beyond the BasicsUlrich Krause
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paasrajdeep
 
Leveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network BandwidthLeveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network BandwidthPerforce
 
Openstack – An introduction
Openstack – An introductionOpenstack – An introduction
Openstack – An introductionMuddassir Nazir
 
Extension Library - Viagra for XPages
Extension Library - Viagra for XPagesExtension Library - Viagra for XPages
Extension Library - Viagra for XPagesUlrich Krause
 
HPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyHPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyPeter Clapham
 
Cloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: OpenstackCloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: OpenstackMicrosoft
 
Provisioning Servers Made Easy
Provisioning Servers Made EasyProvisioning Servers Made Easy
Provisioning Servers Made EasyAll Things Open
 
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...NETWAYS
 
ANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptxANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptxShahzadAhmadJoiya3
 
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...Ural-PDC
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementDyaa El-din Ahmed
 
Introduction to Open stack - An Overview
Introduction to Open stack - An Overview Introduction to Open stack - An Overview
Introduction to Open stack - An Overview SpringPeople
 
Python and Oracle : allies for best of data management
Python and Oracle : allies for best of data managementPython and Oracle : allies for best of data management
Python and Oracle : allies for best of data managementLaurent Leturgez
 
Pankaj_Kapila
Pankaj_Kapila Pankaj_Kapila
Pankaj_Kapila Panapka
 
StarlingX - Project Onboarding
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project OnboardingShuquan Huang
 

Similar a Introducing self-service to research (Devopsdays Ghent 2016) (20)

Open stack and sdn hands-on and demo
Open stack and sdn hands-on and demoOpen stack and sdn hands-on and demo
Open stack and sdn hands-on and demo
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
 
Flexible compute
Flexible computeFlexible compute
Flexible compute
 
[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics[DanNotes] XPages - Beyound the Basics
[DanNotes] XPages - Beyound the Basics
 
XPages -Beyond the Basics
XPages -Beyond the BasicsXPages -Beyond the Basics
XPages -Beyond the Basics
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paas
 
Leveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network BandwidthLeveraging Structured Data To Reduce Disk, IO & Network Bandwidth
Leveraging Structured Data To Reduce Disk, IO & Network Bandwidth
 
Openstack – An introduction
Openstack – An introductionOpenstack – An introduction
Openstack – An introduction
 
Extension Library - Viagra for XPages
Extension Library - Viagra for XPagesExtension Library - Viagra for XPages
Extension Library - Viagra for XPages
 
HPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyHPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journey
 
Cloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: OpenstackCloud Architect Alliance #15: Openstack
Cloud Architect Alliance #15: Openstack
 
Provisioning Servers Made Easy
Provisioning Servers Made EasyProvisioning Servers Made Easy
Provisioning Servers Made Easy
 
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
OSDC 2013 | The OpenNebula Cloud Platform for Datacenter Virtualization by Co...
 
ANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptxANN-Lecture2-Python Startup.pptx
ANN-Lecture2-Python Startup.pptx
 
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
Automatic Launch and Tracking the Computational Simulations with LiFlow and S...
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration management
 
Introduction to Open stack - An Overview
Introduction to Open stack - An Overview Introduction to Open stack - An Overview
Introduction to Open stack - An Overview
 
Python and Oracle : allies for best of data management
Python and Oracle : allies for best of data managementPython and Oracle : allies for best of data management
Python and Oracle : allies for best of data management
 
Pankaj_Kapila
Pankaj_Kapila Pankaj_Kapila
Pankaj_Kapila
 
StarlingX - Project Onboarding
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project Onboarding
 

Último

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 

Último (20)

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

Introducing self-service to research (Devopsdays Ghent 2016)

  • 1. Introducing self- service to researchers Bart Vanbrabant
  • 2. About me  Did a PhD at KU Leuven  CTO of Inmanta • KU Leuven spin-off • Develops an orchestration tool • Open source at https://github.com/inmanta/inmanta  Research fellow at KU Leuven  Was here in 2009 2
  • 3. Research environment Large research group • ~ 80 researchers • Research on software engineering, security, networks and systems, … 3
  • 4. Research environment Single person silos “Tiger teams” Large project teams 4
  • 5. Resources for experiments Based on smaller teams and projects Very limited for the single person silo Labs with equipment: mostly desktops out of warranty 5
  • 6. About my PhD 6 A Framework for Integrated Configuration Management of Distributed Systems
  • 7. About my PhD 7 A Framework for Integrated Configuration Management of Distributed Systems Een raamwerk voor geïntegreerd configuratiebeheer van gedistribueerde systemen
  • 8. About my PhD 8 A Framework for Integrated Configuration Management of Distributed Systems
  • 13. Specs  PII 400 mhz  <= 256 ram  4 and 8 GB disks  1x 100M NIC 13
  • 15. 15
  • 16. Specs  PII and PIII: 400 -> 650 Mhz  512M ram  8 GB disks  2x 100M NIC 16
  • 22. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD 22
  • 23. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? 23
  • 24. Desktop hoarding  New desktop every 4 years  Desktops self-managed • Linux • Windows • *BSD  10/4*80 = 200 missing desktops? Where are they? 24
  • 25. 25
  • 26. Shadow-IT  Multiple old desktops under desk  Sharing desktop stacks in offices  You can use mine if I can use yours  … 26
  • 27. Shadow-IT  No pool of hardware to use  No backups  No updates  No idea what is actually available  All machines have a public IP! 27
  • 28. Cause  Silos  Not just Devs vs Ops • Central IT • Local IT • Research group IT • Researchers  Different goals  Communications through tickets, email, … 28
  • 29. No silo any more  Researcher with operational skills  Collaborate in projects, using other research as case study  Java and Application servers 29
  • 30. Tipping point Use a J2EE application as case study 30
  • 31. Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram 31
  • 32. Tipping point Use a J2EE application as case study Deploy Jboss on machines with 256M ram In 2011 32
  • 33. 33
  • 34. Managed servers  Buy one or more beefy servers  Use for a single research project (2 to 5 years)  Peak usage  In DC (“computerzaal”) by local IT staff  Ubuntu LTS 34
  • 35. Managed servers Buy new server in may 2014 • New OS: 14.04 Buy new server in march 2014 • 2 year old OS: 12.04 35
  • 36. More recent software?  Researcher: I need a newer version of X  IT staff: There is no update in Ubuntu repo  Researcher: But I really need it!  IT staff: No worry, we installed GCC and increased your quota. But please, put it in a NoBackup folder 36
  • 37. 37
  • 38. Network zones  DMZ  Intranet  Lab  Experiments 38
  • 39. Virtualization Managed system Root access on virtual machines No solution for networking and storage 39
  • 41. Self service  Setup a pool of hardware  Isolate users from each other  Users and teams can create servers, networks, change firewall rules, use multiple zones, offer services to other users, … 41
  • 42. 42
  • 43. Public cloud Easy: credit card and ready Bounded to their AUP Harder to predict cost Data not on premise Not so cheap 43
  • 44. Private cloud  Harder to set up and operate  Up-front cost and hosting cost  Better integration with own infrastructure  Fixed size 44
  • 45. OpenStack  Start with one server with OpenStack Folsom in 2012  Added two servers two months later  Add two servers  Migrated local storage to shared Ceph storage  Add three servers  Upgraded from 1G to 4x1G  Added NetApp NFS archive  Add SSD caching layer in Ceph  Migrated to 2x10G  Add eight server servers  Same interface for users! 45
  • 46. Current setup  2x controller  1x mgmt server  6x performance nodes • CPU pinning, NUMA awareness, local storage • 2x8 Cores + 64GB ram  6x general purpose • 128GB ram • 2x14 cores • Ceph storage • SSD + SAS disks  2x10G  NetApp filer with 48TB storage 46
  • 47. Virtual infrastructure  Three different uplinks (network zones)  Different routing and floating IP model  Each user gets their own sandbox with quotas  Team projects get their own project  Security groups by default closed  Routes from and to all user networks within private address range  Access with SSH or OpenVPN 47
  • 49. Config model 49 entity Project: """ A personal sandbox project in OpenStack :param name The username and projectname to create :param email The email address of the user :param subnet_id The third octet of the project :param public_network Create a network in the public zone :param lab_network Create a network in the lab zone (they get their own router) :param exp_network Create a network in the experimental zone """ string name string email number subnet_id bool public_network bool lab_network bool exp_network end index Project(name) index Project(subnet_id) Project personal_projects [0:] -- [1] neutron::Network lab_uplink Project personal_projects [0:] -- [1] neutron::Subnet lab_routing_subnet Project admin_projects [0:] -- [1] keystone::Project admin_project Project personal_projects [0:] -- [1] keystone::Project project Project personal_projects [0:] -- [1] vm::IaaS iaas Project personal_project_public_router [0:] -- [1] neutron::Router public_router Project personal_project_exp_router [0:] -- [1] neutron::Router exp_router
  • 50. User setup 50 implementation personalProject for Project: # define the user stuff self.project = keystone::Project(iaas=self.iaas, name=name, enabled=true, description="Personal project of {{ name }} ({{ email }})") user = keystone::User(iaas=self.iaas, name=name, email=email, enabled=true, password=password) keystone::Role(project=self.project, user=user, role="Member") keystone::Role(project=self.project, user=user, role="heat_stack_owner") keystone::Role(project=self.project, user=keystone::User[name="admin"], role="admin") keystone::Role(project=keystone::Project[name="openvpn"], user=user, role="Member") std::User(host=self.iaas.access_vm, name=name, shell=“/bin/bash”) end
  • 51. Public network zone 51 implementation publicNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_net", project=self.project, self.iaas=iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.public_router, dhcp=true, name="{{ name }}_net", network_address="172.16.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.16.{{subnet_id}}.10", allocation_end="172.16.{{subnet_id}}.254") end
  • 52. Lab network zone 52 implementation labNet for Project: # Create a dedicated router and network for this demo environment router = neutron::Router(name="router-{{name}}", iaas=self.iaas, project=self.project, ext_gateway=self.lab_uplink) net = neutron::Network(name="{{name}}_lab", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=router, dhcp=true, name="{{name}}_lab", network_address="172.17.{{subnet_id}}.0/24", iaas=self.iaas, allocation_start="172.17.{{subnet_id}}.10", allocation_end="172.17.{{subnet_id}}.254") router_port = neutron::RouterPort(project=self.admin_project, iaas=self.iaas, name="{{name}}_lab_routing", address="172.18.0.{{subnet_id}}", subnet=self.lab_routing_subnet, router=router, purged=false) router.routes = neutron::Route(destination="172.16.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.17.0.0/16", nexthop="172.18.0.254") router.routes = neutron::Route(destination="172.19.0.0/16", nexthop="172.18.0.253") neutron::Route(destination="172.17.{{subnet_id}}.0/24", nexthop="172.18.0.{{subnet_id}}", router=self.public_router) end
  • 53. Experimental network zone 53 implementation expNet for Project: # define network and subnet net = neutron::Network(name="{{ name }}_exp", project=self.project, iaas=self.iaas) subnet = neutron::Subnet(project=self.project, network=net, router=self.exp_router, dhcp=true, name="{{ name }}_exp", network_address="172.19.{{ subnet_id }}.0/24", iaas=self.iaas, allocation_start="172.19.{{subnet_id}}.10", allocation_end="172.19.{{subnet_id}}.254") end implement Project using personalProject implement Project using labNet when lab_network implement Project using publicNet when public_network implement Project using expNet when exp_network
  • 54. 54
  • 56. Self-service  Getting money to change things is hard  Got support from local IT  Start small  Documentation  Demo!  Training  Pro-bono services 56
  • 57. Elasticity  (private) Cloud should be elastic  Resource have to seem infinite  But do enforce quotas  Capacity management and planning  Capacity problems encourages hoarding 57
  • 58. Resource accounting  Quotes help wasting resources  Abandoned virtual machines  50 useful VM’s vs one VM trashing for weeks?  Working on better monitoring  Anomaly detection  Public shaming 58
  • 59. Contact  bart.vanbrabant at inmanta.com  @bartvanbrabant  https://bart.vanbrabant.eu  https://inmanta.com  https://github.com/inmanta/inmanta  @inmanta_com 59