OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
Se está descargando tu SlideShare.
×
Eche un vistazo a continuación
Recomendado
Más Contenido Relacionado
Presentaciones para usted (20)
A los espectadores también les gustó (11)
Similares a Bbva bank on Open Stack (20)
Más reciente (20)
Bbva bank on Open Stack
- 1. BBVA Bank on OpenStack OpenStack Summit Paris, November 2014 Jose Maria San José, Jose Luis Lucas, Daniel Chavero,
- 2. 1Introduction
- 3. Vision Why hasn’t a bank 1B customers? Because we can’t
- 4. 2Vision
- 5. Vision: Let’s go Cloud! ● Cloud sets up self provisioning infrastructure ● Hybrid Cloud allows unlimited elasticity (no constraints) ● Active-Active Hybrid Cloud boosts resilience ● Hybrid data model (sensitive aware) ensures privacy ● Programmable automation simplifies management
- 6. BBVA BBVA It's a Cloud World BBVA Datacenter BBVA DMZ ES MX US physical constraints Z Long term transfer Amazon Google Manage-ment & Support no constraints business model constraints
- 7. New lifecycle SecDevOps Cooperation Deployment Package Tested Deployment Package Evolved Deployment Package Development Testing Production Maintenance Cloud Catalog (Virtual Machines, SW packages, SW Developments)
- 8. Strategic Roadmap Private Cloud Cultural engagement. Assure sustainability of IT DevOps Adoption Improve speed of development and deployment without flaws. Hybrid Cloud Internet-scale infrastructure. High Value Applications Web-scale applications on top of Liberty and Hydra. Cloud Consolidation Migrate internal process and applications to internal cloud.
- 9. 3OpenStack
- 10. 3 - OpenStack: the beginnings. ● Our goals. ● Previous experience in public clouds. ● Why OpenStack? ● Why RedHat? ● How are we planning to use it?
- 11. 3 - OpenStack: there we go! ● Environments: PRE and PRO. ● Enclosures with Virtual Connects o HP Blades, Proliant BL 660c o Intel Xeon E5-2660 ● Cloud Controller & Compute & Admin: o 256Gb RAM ● Swift: o 64Gb RAM & 12 HDD 1,2Tb ● Cinder & Glance: o NetApp NFS
- 12. 3 - OpenStack: there we go! ● Infrastructure deployment: Foreman + Puppet (Staypuft)
- 13. 3 - OpenStack: there we go! ● Infrastructure deployment: Foreman + Puppet
- 14. 3 - OpenStack: technical details Router Inet B Router Inet A Internet OpenStack
- 15. Firewall Foreman Management OpenStack BBVA Internal Management NFS Storage Migration RHEV - NFS Nagios Internet Security stuff DMZ/Endpoint Log collector Firewall Route r Service subnet RHEV DNS/NTP
- 16. Firewall Foreman OpenStack components: Swift Management OpenStack BBVA Internal Management NFS Storage RHEV - NFS Nagios Internet Security stuff Swift DMZ/Endpoint Log collector Firewall Route r Service subnet RHEV ● Cinder ● Glance ● Swift DNS/NTP Migration
- 17. Firewall Foreman Swift Management OpenStack BBVA Internal Management WAF NFS Storage RHEV - NFS Nagios Internet Security stuff Cloud Controller Endpoint API Swift DMZ/Endpoint Horizon Load Balancer Log collector Firewall Route r Load Balancer Service subnet OpenStack components: ● Cinder ● Glance ● Swift ● Horizon ● Keystone ● Cloud Controller DNS/NTP MySQL RabbitMQ RHEV Migration
- 18. Firewall Foreman Swift Management OpenStack BBVA Internal Management WAF NFS Storage RHEV - NFS Nagios Internet Security stuff Cloud Controller Endpoint API Swift DMZ/Endpoint Horizon Load Balancer Log collector Firewall Route r Load Balancer Service subnet RHEV Hey!… what about Neutron? OpenStack components: ● Cinder ● Glance ● Swift ● Horizon ● Keystone ● Cloud Controller ● Nova ● Neutron??? DNS/NTP Nova Compute + KVM + VRS MySQL RabbitMQ Migration
- 19. 4SDN
- 20. 4 - SDN: Motivation ● Security Team needs to enforce security at all deployment stages automatically. ● Programmability of network functions to automate deployments. ● Growth capabilities between data centers. ● It’s a good point to introduce SDN into the organization.
- 21. 4 - SDN: Why Nuage? ● Domain Templates. ● Users roles. ● Automation. ● Consumable via REST API. ● Openstack integration via neutron plugin. ● dVRS (Distributed Routing and Switching). ● Hypervisor agnostic solution.
- 22. 4 - SDN: Openstack integration ● Virtualized Services Platform (VSP): ○ Virtualized Services Directory (VSD). ○ Virtualized Services Controller (VSC). ○ Virtual Routing and Switching (VRS). ○ Virtualized Services Gateway (VSG). ● Neutron plugin. ● Basic vs. Advanced mode integration. ● Floating-IPs. ● Horizon customization.
- 23. 4 - SDN: Openstack integration. Firewall VSG Internet Data Cloud Controller Nova Compute DMZ VSC Management OpenStack Router Transit network VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin
- 24. 4 - SDN: Openstack integration (VSD). Firewall VSG Internet Data Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute REST API / WEB GUI ... Neutron Plugin Transit network
- 25. 4 - SDN: Openstack integration (VSD). Firewall VSG Internet Data XMPP Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin Transit network
- 26. 4 - SDN: Openstack integration (VSC). Firewall VSG Internet Data Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin Open Flow Transit network
- 27. 4 - SDN: Openstack integration (VSC). Firewall VSG Internet Data Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin MP-BGP Transit network
- 28. 4 - SDN: Openstack integration (VRS). Firewall VSG Internet Data Transit network Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin VXLAN
- 29. 4 - SDN: Openstack integration (VSG). Firewall VSG Internet Data Break out Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin VXLAN
- 30. 4 - SDN: Openstack integration (Plugin) Firewall VSG Internet Data Cloud Controller Nova Compute DMZ VSC Management OpenStack Router VSD Load Balancer + WAF VRS VRS Nova Compute ... Neutron Plugin REST API Transit network
- 31. 4 - SDN: Openstack integration (Custom)
- 32. 4 - SDN: Openstack integration (Custom)
- 33. 4 - SDN: Openstack integration (Custom)
- 34. 4 - SDN: Openstack integration (Custom)
- 35. 4 - SDN Security based on Nuage ● ACL and policies applied on different network levels. ● Service chaining.
- 36. 5Lesson Learned & Next Steps
- 37. 5 - Lessons learned. ● Internal process to be adapted to consume the Openstack services. ● Difficult to deploy with department silos, is better a “one-team” approach, multi disciplinar.
- 38. 5 - Next steps ● Icehouse > Juno or kilo ● Dockers ● Ceph ● ...
- 39. 5 - One Team, SecDevOps Crew ;) ● Alberto Morgante Medina (Security) ● Leticia García Martín (Security) ● Mariano Ruiz Muñoz (Storage) ● German Moya Olmedo (IT) ● Vicente Miranda Cagigas (IT) ● Alberto Martín (IT) ● Helena Cornic Giron (Networking) ● Cesar Martinez Segura (Networking) ● Enrique Garcia Pablos (Innovation) ● Karim Boumedhel (RedHat) ● Oscar Martin Vega (Nuage Networks) ● Francisco Alcantara Hernandez (Nuage Networks) ● Phillipe Jeurissen (Nuage Networks)
- 40. Thank you!
- 41. Full presentation in youtube: http://www.youtube.com/watch?v=PESWFDPbexs Summary keynote: http://www.youtube.com/watch?v=Pp2TiOKjWLY
