openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #07757
Re: Documentation: Basic Concepts of OpenStack are lacking from official Getting Started PDF
I'll take a stab at some of these inline for a quick answer (But - do still
file the bugs!)
Thanks,
Kiall
On Mon, Feb 20, 2012 at 5:16 AM, Alexey Eromenko <al4321@xxxxxxxxx> wrote:
> Hello all,
>
> Anne: You were recommended contact by Todd Deshane ("deshantm" on IRC)
> about this issue.
>
> The problem:
> I'm new to OpenStack and while learning it, all of it's concepts seem wild.
>
> I have read the OpenStack Getting Started Guide PDF (from
> docs.openstack.org), but it doesn't explain the most basic concepts.
>
> Things like:
> 1. Why Object Storage (swift) vs. Network File System (NFS)
> =============================================
> According to: "notmyname"
> <notmyname> technologov: the things that object storage in general
> (and swift specifically) provides is large scale, cheap, and durable
> storage
>
> <notmyname> technologov: object storage is all about relaxing some of
> the constraints of a posix-style system. for example, if you don't
> have to provide atomic operations (ie you can rely on eventual
> consistency), you can much more easily scale a storage system and not
> have a central point of failure
>
> Also:
> I have seen a video, that explains a bit about hashing searches, but
> very incomplete.
> Also what happens if new servers get added or removed ?
> Such concepts need to be added into the docs.
>
> Does Object Storage also stores files ? (seems yes)
>
Object Storage can store files (it can store anything you like really..),
but these files are only accessible over HTTP.
>
> 2. Nova vs Images (glance) vs. Object Storage (swift)
> =============================================
>
> Both (1) Nova-volume and (2) glance and (3) swift seem capable of
> storing VM hard disks.
> What's the conceptual difference between the three ?
>
nova-volume is akin to Amazon's EBS. Think of it as a USB drive you can
attach to any of your running instances. (It's also possible to boot the
instance off this drive, but that's another topic..)
Swift (Object Storage) is akin to Amazon S3. Think of it as an web service
API for storing and retrieving blobs of data (eg "files", "machine images"
etc).
Glance is the service Nova asks for a machine image when you boot an
instance. Glance can be configured to host the images itself (on the local
disk of the glance serve), or it can be configured to ask Swift (Object
Storage) for the image.
>
> Possible Answer:
> "<notmyname> technologov: nova-volume is for block storage attached to
> a VM. glance is to manage the VM images in a nova cluster and provide
> nice ways of storing them (a bridge to the storage, not the storage
> itself). swift is an object storage system that can be used by glance
> or on its own. swift isn't a filesystem, so it's not "mountable" like
> the devices managed with nova-volume"
>
> Arguments & Discussion:
> <technologov> come on... "mountable" term is a joke... nowadays you
> can mount GMail or Wikipedia... via FUSE
> <technologov> w.p. is not a Filesystem either :)
>
> <notmyname> ok, so you don't use swift like a traditional hard drive.
> the only access to it is API-based (and the API is http)
> <notmyname> that can be wrapped into a FUSE filesystem (but there are
> big tradeoffs in doing so--advantages too, of course)
>
FUSE in my opinion should receive nothing more than a cursory footnote in
the documentation. "Anything" is mountable via FUSE, and any mention of
FUSE or the ability to mount Swift is only going to cause confusion.
>
> Once we can agree on the concepts, need to patch official docs.
>
> 3. Minimal OpenStack setup for new developers to get started is ?
> =============================================
> Nova only ? Glance and Swift are optional modules, right?
>
There are 2 "main" OpenStack projects that can both be used in isolation,
or together.
Nova is a Compute service - It manages VMs.
Swift is an Object Storage service - It manages blobs of data.
A company wishing to build a CDN might deploy Swift, without Nova.
A company wising to offer hosting services might deploy Nova, and *
optionally*, Swift.
Glance is required by Nova.
>
> I'd be glad to help to improve docs, but I don't understand those
> concepts myself.
>
> More docs issues:
> =============================================
> 4. Hierarchies & terminology:
> How do you call Live-migration-domain in OpenStack lingo ? (group of
> hosts, where virtual machines can be live-migrated from one to the
> next)
> Are there any other types of domains / virtual machine groups / host
> machine groups in OpenStack concept / terminology ?
>
> 5. Cross-platform host OS support:
> Currently the heavy use of "iptables" mandates Linux host. This
> assumption is true if you only support KVM, Xen, LXC, OVZ, UML.
> With a possible future port of OpenStack to VirtualBox engine, this
> assumption is false.
>
All the iptables code is contained in an interchangeable class. You could
write a driver for MS Windows Firewall if you wanted to.
5.a. Is "iptables" mandatory or optional ?
>
Optional. You can swap it out for anything you wish, assuming a driver
exists or you can write one for it..
> 5.b. What other OpenStack features exist that may fail on FreeBSD
> hosts ? And on Windows hosts ?
> NOTE: I'm OK if OpenStack effort stays Linux-only, but this must be
> clearly documented, along with portability hints.
>
I think its more than okay for OpenStack to be Linux only (Hell - If it
wasn't easy to port to multiple Linux distro's I would say its okay to be
Ubuntu, or RedHat, or <insert name of exactly 1 distro here> only.).
Porting OpenStack to multiple OS's seems rather pointless, given that there
would be no (to my knowledge) customer facing advantages.
>
> 6. Also Dashboard GUI was not covered in getting started PDF, which
> seems important.
>
The Dashboard is not an official/core project yet. The first official
release of Dashboard will be the Essex release around April.
>
> 7. Security: Remote VM control is secured ? How ? Libvirtd ?
> (From my quick look it seems that nova connects to remote
> nova-compute, not to libvirtd.)
>
I'm not entirely sure what you're asking here - but I'll try!
Terminal/VNC access is (was? I've not looked at the Essex VNC changes)
proxied via a nova service that performed access control.
IP access is secured based on user defined rules via iptables and
nwfilter (assuming KVM+Libvirt+Iptables).
>
> 8. Which other important concepts might I miss ?
>
> --
> -Alexey Eromenko "Technologov", 20.02.2012.
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
References