peshkova - Fotolia
The best way to evaluate a technology is to talk to one of its users and proponents. Today we have the pleasure of interviewing Edgar Magana, who sits on the Board of Directors of the OpenStack Foundation. The OpenStack Foundation is the organization that coordinates the work of the many different sponsors and contributors to OpenStack open source projects.
Edgar is in a unique position to comment on OpenStack because he is both a user and a developer. He currently works as a cloud operations architect at Workday, an HR and financials enterprise resource planning software company. He also has implemented OpenStack at Cisco and PLUMgrid.
At the OpenStack Foundation, Edgar works as a specialist on networking -- specifically software-defined networking. He joined the OpenStack Neutron networking project in 2011 and now writes code for Nova, DevStack, Neutron, Heat and other projects, and is working on writing the OpenStack networking guide. I sat down with Edgar to get his perspective on OpenStack and to discuss common OpenStack challenges.
Edgar Magana: There are not many options for cloud management. There are two: OpenStack and VMware. We chose OpenStack because it is open source. We wanted to have the opportunity to manipulate the code for our requirements. You have the opportunity to modify the code if you want to.
Some people are going to be alarmed to hear you say you changed the code. They will not have the skills need to do that. What code did you change in OpenStack?
Magana: OpenStack works out of the box, but Distributed Resources Scheduler does not exist in OpenStack. We are working on that at Workday. That is a piece of code that will restart VMware VMs when they die.
OpenStack has different plug-ins for different backend systems. One is for VMware.
We plan to submit this code to the OpenStack project. It should be submitted to Nova.
Why did you ultimately decided on OpenStack at the three companies where you implemented it?
Magana: We wanted to have a cloud management system that does not require licensing, one that would give us certain control over the API for accessing, managing and customizing all cloud resources such as instances, networks, ports, volumes and others.
There are basically two leading technologies for cloud management: One is OpenStack and the other is VMware. We did not want to be trapped in a vendor lock-in and the VMware proposition was in that direction.
OpenStack provided a less mature solution with total openness of the code and APIs, but what was even more important is it has an exponentially growing open source community whose goal is to make the platform as reliable, scalable and feature rich as possible. That, for us, was unique.
What VM do you use?
Magana: Workday uses CentOS and KVM. We take the vanilla CentOS image and take away certain packages and add others. One of our focuses is to add items that enhance security.
What front end do you use?
Magana: OpenStack provides RESTful APIs. They created a user interface (UI), Dashboard. It just makes REST calls to the system. The command-line interface (CLI) talks exactly the same. You type a human-understandable command. If you compare REST calls from UI versus CLI, they are identical. We only use Curl commands directly.
What OpenStack models do you use?
Magana: Computer, Nova, Cinder, Glance, Neutron, KeyStore and Heat. We implement Horizon as a demo, not operations, tool.
What would you say to the criticism that OpenStack is difficult to deploy?
Magana: I would say that the problem seems bigger than it really is. I don't think the problem is to deploy OpenStack, but with getting experience with and knowledge about OpenStack. The frustration starts when operators try to deploy a very complex architecture that their system admins do not understand. There's no need for that. They should start with simpler architectures with a strong continuous integration (CI)/continuous delivery (CD) system that will help their team to gain the necessary experience and knowledge.
What advice do you have for someone starting from scratch?
Magana: I would recommend them to get advice from other OpenStack users and the whole community. We have Internet Relay Chat channels, mailing lists and in-person forums to share deployment references, architectures, ideas, processes and any kind of best practices. Open source means community engagement. Don't be the isolated part of that.
What OpenStack challenges have you faced?
Magana: OpenStack doesn't really have a reference architecture, so we had to design our own. Other important OpenStack challenges were security and performance. We had to make a few changes to fulfill all of our security requirements. In terms of performance, there were no best practices available for the large amount of configuration parameters for all of the projects and services that keep OpenStack running. So we have to have our CI/CD system pushing performance-related changes, which makes it very hard to find the best configuration.
How have you overcome those OpenStack challenges?
Magana: We decided to simplify our design and create, as soon as possible, a developer platform where our engineers who did not have OpenStack experience could safely test and interact with OpenStack without affecting other team members. So we created the concept of over cloud, which is basically OpenStack on OpenStack. We install a small disposable cloud on the top of our Development OpenStack system. This framework is extremely powerful because we could thoroughly test any change in either configuration management or even python code and reliably pushing those changes to production.
OpenStack Neutron networking for cloud administrators
OpenStack versus VMware for public cloud
Tips to simplify your OpenStack installation