Network slicing is an innovative network architecture technology that’s also one of the most exciting promises of 5G telecom networks. Imagine a single spectrum of the network that can be divided logically for different use cases with specific characteristics and network requirements like latency, high bandwidth, security, etc.

Plus, services in those different slices can be managed separately, enabling privacy and dedicated bandwidth to run critical operations. The technology also offers huge performance boosts for specific use cases, such as industrial internet of things, autonomous driving, and more.

There are various annotations about the standardization about NS from various vendors. However, currently, various proof-of-concepts are undergoing to test the operations, performance and basic and ready-to-run architectures for NS.

PoCs and analysis conducted in communities like OpenStack and ETSI OSM have come to some conclusions around network slicing and its readiness. Experts note that end-to-end virtualization, dynamic centralized orchestration and quality-of-service manageability are basic requirements for successful NS implementation.

Last year at the OpenStack Summit in Vancouver, architects Curtis Collicutt and Corey Erickson evaluated OpenStack networking projects for network slicing implementation. More recently at the Mobile World Congress 2019, Telefonica and Telenor collaborated to demonstrate orchestration of network services like enhanced mobile broadband (eMBB) and ultra-reliable low-latency communications (URLLC) in network slicing environments.

Let’s take a look at the capabilities of Open Source MANO (OSM) and OpenStack for network slicing.

Orchestrating 5G network slices with OSM

The latest release 5 of ETSI OSM came with major enhancements to support network slicing features. OSM has integrated slice manager and extended information model for network slicing template (NST) and network slice instance (NSI).

Having a common information model is a vital feature of OSM. Modelling across different entities like network function packages (VNF, PNF and hybrid NFs), network service packages and network slices packages help to overcome complex network operations for repetitive function and drastically simplify and automation daily operations. OSM network slice feature with its IM allows network services to stay self-contained and agnostic to technology infrastructure for completely different network characteristics in each service.

The proof-of-concept demo included the deployment of two network slices with some input parameters and operating them through day-2 operations at the network slice level.

Deployment

• Each slice is modeled as a set of network services connected by networks or VLDs
• Simple input parameters determine the type of slice to be created on demand
• The two slices share some network services (shared NS Subnets)
  • If the shared NS has already been deployed, it won’t be re-deployed
  • It will be reused, but the initial configuration for the second network slice can still be done in the shared NS to let it know that new elements are present.

Operation

Running day-two primitives at Network Slice level (handled as a single object)

• OSM, behind the scenes, maps them to a sequence of calls to NS primitives, which, in turn, are derived in calls to VNF primitives

Here’s a graphic of how it works. Slice one is dedicated to enhanced mobile broadband (eMBB) and slice two is for enhanced mobile broadband (eMBB) use cases.

OpenStack support for network slicing

In the last two years, OpenStack has focused on support to fulfill orchestration and infrastructure management requirements for telco cloud. The software contains various projects across networking and compute domains that can be utilized for various aspect required in network slicing.

As discussed in a session by Interdynamix architects, OpenStack can be focused to satisfy quality of service, isolation, segregation, sharing networks and automation/orchestration via Neutron APIs.  OpenStack, in this use case, is mainly highlighted for policy and scheduling features in its projects like Neutron for networking and Nova for compute. OpenStack’s group based policy (GBP) is suggested to be used for network slicing. It can be responsible for enabling self-service automation and application scaling, separation of policies for slices, managing security requirements, etc.

Complementary OSF projects like StarlingX and Zuul also have capabilities that align to support 5G network slicing.

About the author

Sagar Nangare is a technology blogger, focusing on data center technologies (networking, telecom, cloud, storage) and emerging domains like edge computing, IoT, machine learning, AI). He works at Calsoft Inc. as a digital strategist.

The post What’s next: 5G network slicing with ETSI OSM 5 and OpenStack appeared first on Superuser.

The Challenge

Platform agility is only possible if there is complete operational visibility across following components in NFV stack:

• Virtualized Network Functions (VNF)
• Virtualized Infrastructure Manager (VIM) where VNF workloads are deployed as either VMs/Containers
• Hardware/Infrastructure layer – Racks, Bare metal nodes
• Network Layer – Switches, Routers, SDNs

Most of the vendors offer different suites of monitoring tools in each component in order to ensure operational and production readiness of the layer that they are operating in. For instance, each VNF vendor rolls out a Virtual Network Functions Manager (VNFM) that handles life cycle events e.g. self-remediation of a service in VNF should it encounter a problem. However, this VNF-specific monitoring tool doesn’t have visibility of the issues that are occurring in any other components. Problem diagnosis requires an operator to interrogate multiple systems. This means multiple UI’s, multiple monitoring models and multiple views and / or reports.

---

The Aptira Solution

A centralised Service and Platform Assurance system is required to integrate with multiple heterogenous components. This solves the lack of complete visibility of the whole Network Functions Virtualisation platform across different Network Functions Virtualisation Infrastructure (NFVi) Points of Presence (PoPs). Implementing such a centralised system requires identifying all the failure domains in platform, their critical data points and mechanism to extract these data points.

So, key responsibilities of the system include:

• A data collection mechanism to collect data points such as performance metrics, usage
• A policy framework that defines a set of policies to correlate the data collected and perform corrective actions by detecting anomalies
• A single dashboard view that gives the information of all KPIs in the system such as Alarms, Capacity, Impacted services/components, Congestion

A representation of such a system is shown below:

Aptira solved this for a large Telco by developing a framework using Open Source tools – TICK Stack and Cloudify. TICK stack was selected due to its wide community support and the stack’s existing integrations with 3rd party software components. Cloudify was selected because of its ability to handle CLAMP policies at scale across NFV domains.

TICK Stack uses Telegraf as its data collection component that uses a wide range of plugins to collect different set of data from multiple sources. Aptira used REST plugins to fetch the data from components such as VNFM, OpenStack, Kubernetes endpoints and used SNMP plugins from legacy VNFs. Once data is collected, they are then stored in InfluxDB database for further analysis.

TICK Stack uses the Kapacitor component for defining event management policies. These policies correlate events/data collected and triggers a corrective action. Aptira designed and implemented policies that acted on data collected from OpenStack endpoints and the VNF telemetry data to detect anomalies and triggers a remediation plan. For example, detecting that a VNF is unhealthy (e.g. due to high CPU load/throughput) and triggering a remediation process (e.g. Auto-Scale to distribute high-load across more instances of the VNF).

Since a VNF is modelled and orchestrated by Cloudify NFVO, Kapacitor policies interacts with Cloudify to perform a corrective action at a domain level, such as rerouting all the traffic being sent to the affected VNF to another VNF, and thereby applying a close loop control policy.

---

The Result

To have a complete visibility of the platform and the services that are running on them, it is important to have a subsystem integrated in Network Functions Virtualisation platform that not only ensures the uptime of the components, but also provides enough information to the Operations team to identify anomaly patterns and provide a quick feedback to the teams concerned.

These Open Source tools have enabled us to provide the required visibility into their NFV platform, reducing the customer’s OPEX costs and increasing flexibility of their platform.

---

The post Platform and Service Assurance in a Network Functions Virtualisation (NFV) Platform appeared first on Aptira.

Placement update 19-20. Lots of cleanups in progress, laying in the groundwork to do the nested magic work (see themes below).

The poll to determine what to do with the weekly meeting will close at the end of today. Thus far the leader is office hours. Whatever the outcome, the meeting that would happen this coming Monday is cancelled because many people will be having a holiday.

Most Important

The spec for nested magic is ready for more robust review. Since most of the work happening in placement this cycle is described by that spec, getting it reviewed well and quickly is important.

Generally speaking: review things. This is, and always will be, the most important thing to do.

What's Changed

• os-resource-classes 0.4.0 was released, promptly breaking the placement gate (tests are broken not os-resource-classes). Fixes underway.

• Null root provider protections have been removed and a blocker migration and status check added. This removes a few now redundant joins in the SQL queries which should help with our ongoing efforts to speed up and simplify getting allocation candidates.

• I had suggested an additional core group for os-traits and os-resource-classes but after discussion with various people it was decided it's easier/better to be aware of the right subject matter experts and call them in to the reviews when required.

Specs/Features

• https://review.opendev.org/654799 Support Consumer Types. This is very close with a few details to work out on what we're willing and able to query on. It's a week later and it still only has reviews from me so far.

• https://review.opendev.org/658510 Spec for Nested Magic. Un-wipped.

• https://review.opendev.org/657582 Resource provider - request group mapping in allocation candidate. This spec was copied over from nova. It is a requirement of the overall nested magic theme. While it has a well-defined and refined design, there's currently no one on the hook implement it.

These and other features being considered can be found on the feature worklist.

Some non-placement specs are listed in the Other section below.

Stories/Bugs

(Numbers in () are the change since the last pupdate.)

There are 20 (-3) stories in the placement group. 0 are untagged. 2 (-2) are bugs. 5 are cleanups. 11 (-1) are rfes. 2 are docs.

If you're interested in helping out with placement, those stories are good places to look.

On launchpad:

• Placement related nova bugs not yet in progress on launchpad: 16 (0).

• Placement related nova in progress bugs on launchpad: 7 (+1).

osc-placement

osc-placement is currently behind by 11 microversions. No change since the last report.

Pending changes:

• https://review.openstack.org/#/c/640898/ Add 'resource provider inventory update' command (that helps with aggregate allocation ratios).

• https://review.openstack.org/#/c/651783/ Add support for 1.22 microversion

• https://review.openstack.org/586056 Provide a useful message in the case of 500-error

Main Themes

Nested Magic

At the PTG we decided that it was worth the effort, in both Nova and Placement, to make the push to make better use of nested providers — things like NUMA layouts, multiple devices, networks — while keeping the "simple" case working well. The general ideas for this are described in a story and an evolving spec.

Some code has started, mostly to reveal issues:

• https://review.opendev.org/657419 Changing request group suffix to string

• https://review.opendev.org/657510 WIP: Allow RequestGroups without resources

• https://review.opendev.org/657463 Add NUMANetworkFixture for gabbits

• https://review.opendev.org/658192 Gabbi test cases for can_split

Consumer Types

Adding a type to consumers will allow them to be grouped for various purposes, including quota accounting. A spec has started. There are some questions about request and response details that need to be resolved, but the overall concept is sound.

Cleanup

As we explore and extend nested functionality we'll need to do some work to make sure that the code is maintainable and has suitable performance. There's some work in progress for this that's important enough to call out as a theme:

• https://storyboard.openstack.org/#!/story/2005712 Some work from Tetsuro exploring ways to remove redundancies in the code. There's a stack of good improvements.

• https://review.opendev.org/643269 WIP: Optionally run a wsgi profiler when asked. This was used to find some of the above issues. Should we make it generally available or is it better as a thing to base off when exploring?

• https://review.opendev.org/660691 Avoid traversing summaries in _check_traits_for_alloc_request

Ed Leafe has also been doing some intriguing work on using graph databases with placement. It's not yet clear if or how it could be integrated with mainline placement, but there are likely many things to be learned from the experiment.

Other Placement

Miscellaneous changes can be found in the usual place.

There are several os-traits changes being discussed.

Other Service Users

New discoveries are added to the end. Merged stuff is removed. Starting with the next pupdate I'll also be removing anything that has had no reviews and no activity from the author in 4 weeks. Otherwise these lists get too long and uselessly noisy.

• https://review.openstack.org/552924 Nova: Spec: Proposes NUMA topology with RPs

• https://review.openstack.org/622893 Nova: Spec: Virtual persistent memory libvirt driver implementation

• https://review.openstack.org/641899 Nova: Check compute_node existence in when nova-compute reports info to placement

• https://review.openstack.org/601596 Nova: spec: support virtual persistent memory

• https://review.openstack.org/#/q/topic:bug/1790204 Workaround doubling allocations on resize

• https://review.openstack.org/645316 Nova: Pre-filter hosts based on multiattach volume support

• https://review.openstack.org/647396 Nova: Add flavor to requested_resources in RequestSpec

• https://review.openstack.org/633204 Blazar: Retry on inventory update conflict

• https://review.openstack.org/#/q/topic:bp/count-quota-usage-from-placement Nova: count quota usage from placement

• https://review.openstack.org/#/q/topic:bug/1819923 Nova: nova-manage: heal port allocations

• https://review.openstack.org/648665 Nova: Spec for a new nova virt driver to manage an RSD

• https://review.openstack.org/625284 Cyborg: Initial readme for nova pilot

• https://review.openstack.org/629142 Tempest: Add QoS policies and minimum bandwidth rule client

• https://review.openstack.org/648687 Nova-spec: Add PENDING vm state

• https://review.openstack.org/650188 nova-spec: Allow compute nodes to use DISK_GB from shared storage RP

• https://review.openstack.org/651024 nova-spec: RMD Plugin: Energy Efficiency using CPU Core P-State control

• https://review.openstack.org/650963 nova-spec: Proposes NUMA affinity for vGPUs. This describes a legacy way of doing things because affinity in placement may be a ways off. But it also may not be.

• https://review.openstack.org/#/q/topic:heal_allocations_dry_run Nova: heal allocations, --dry-run

• https://review.opendev.org/656448 Watcher spec: Add Placement helper

• https://review.opendev.org/659233 Cyborg: Placement report

• https://review.opendev.org/657884 Nova: Spec to pre-filter disabled computes with placement

• https://review.opendev.org/657801 rpm-packaging: placement service

• https://review.opendev.org/657016 Delete resource providers for all nodes when deleting compute service

• https://review.opendev.org/654066 nova fix for: Drop source node allocations if finish_resize fails

• https://review.opendev.org/660924 neutron: Add devstack plugin for placement service plugin

• https://review.opendev.org/661179 ansible: Add playbook to test placement

• https://review.opendev.org/656885 nova: WIP: Hey let's support routed networks y'all!

End

As indicated above, I'm going to tune these pupdates to make sure they are reporting only active links. This doesn't mean stalled out stuff will be ignored, just that it won't come back on the lists until someone does some work related to it.

DENVER —  At the first Open Infrastructure Summit, continuous integration/continuous delivery project Zuul crossed the threshold to independent project status along with Kata Containers.

After graduation, now what? James Blair, Zuul maintainer and office of the CTO, Red Hat says that like all new grads, the project gating system is asking a lot of important “What if?” questions:

• What if we make this change?
• What if we upgrade this dependency?
• What happens to the whole system if this micro-service changes?
• What if the base container image changes?

Zuul is a project under the OSF’s CI/CD strategic focus area. The community is busy adding new features but one especially worth focusing on is changing the way people develop containerized software.

‘Zuul has been quietly running one of the world’s largest ci systems for the last few years’ -James Blair #OpenStackSummit #keynotes pic.twitter.com/mGzCveOMGc

— Kendall Nelson (@knelson92) May 21, 2018

Zuul is more than CI/CD, Blair says. It’s a new way of testing that gives developers freedom to experiment, is called speculative execution. “We’ve done it for years with Git, but now we can do it with containers,” he adds.

Here’s why that’s important.

Container images are built on layers. In the stacked image system, the registry is intermediary. This can lead to images in production with inadequate testing and upstream images breaking downstream. “We want to know that changes to base images won’t break the images composed on top,” he says.

With Zuul speculative container images, registries are created as needed. Registries are ephemeral, lasting only as long as each test. Every deployment sees its future state, including the layers it depends on. And this process is invisible to deployment tooling. Test jobs use Zuul’s registry and speculative or production images. When images have been reviewed and pass tests, they’re safe to promote to production.

A key design point: You can use actual production deployment tooling in tests. Zuul speculative container images makes testing more like production, not the other way around. Zuul allows its users to move fast without fear, because its speculative execution feature allows them to find issues and verify solutions in complex systems before committing a single change to production.

Catch the whole six-minute presentation below and check out the other Zuul talks from the Summit.

Get involved

Get the Source
Zuul is Free and Open Source Software. Download the source from git.zuul-ci.org or install it from PyPI.

Read the Docs
Zuul offers extensive documentation.

Join the Mailing List
Zuul has mailing lists for announcements and discussions.

Chat on IRC
Join #zuul on FreeNode.

The post What’s next for Zuul appeared first on Superuser.

The post Network Functions Virtualisation Orchestration (NFVO) Homologation appeared first on Aptira.

At the recent Open Infrastructure Summit in Denver, Whitestack announced the results of the initiative called “Open Multivendor NFV Showcase,” an effort to demonstrate that network function virtualization-orchestrated network services, integrating VNF from multiple vendors, on top of commoditized hardware, is possible.

This effort, organized by Whitestack, has the support of relevant institutions in the NFV field, in particular: Intel, the OpenStack Foundation, Open Source MANO and the ETSI NFV Plugtests Programme.

For this first edition, Whitestack invited a number of vendors and projects that provide a complete end-to-end service chain, covering critical parts of a typical mobile network. Specifically, the following VNF vendors were integrated to provide a fully-functional and automated network service:

• Fortinet: Next Generation FW.
• Open Air Interface: LTE EPC core.
• Mobileum: Diameter Routing Agent and Network Traffic Redirection.
• ng4T: vTester supporting Cloud-RAN, vHSS and other functions.

See the complete session, including a live demo here or below and download the complete report by clicking here.

The post Takeaways from the first open multi-vendor NFV showcase appeared first on Superuser.

The post OpenStack Container Orchestration with Kolla-Ansible appeared first on Aptira.

As I needed the functionality, I wrote this:

https://salsa.debian.org/openstack-team/puppet/puppet-module-debian-archvsync

The matching Debian package has been uploaded and is now in the NEW queue. Thanks a lot to Waldi for packaging ftpsync, which I’m using.

Comments and contributions are welcome.

DENVER — Some pairings really do spark joy. Peanut butter and chocolate. Wine and cheese. Biscuits and gravy. The concept crosses over to the tech world: Firecracker and Kata Containers.

On the Open Infrastructure keynote stage in Denver, Samuel Ortiz, architecture committee, Kata Containers and Andreea Florescu, maintainer, Firecracker project, talked about how the projects are working together.

The pair introduced a new collaborative project: rust-vmm. Firecracker allows Kata Containers to support a large number of container workloads, but not all of them. OSF, Amazon, Intel, Google and others are now collaborating to build a custom container hypervisor. Enter rust-vmm, a project featuring shared virtualization components to build specialized VMMs.

But let’s get up to speed on the two projects and what’s next for them in detail.

Kata Containers

Kata Containers aim to improve security in the container ecosystem by adding lightweight VMs and hypervisors as another, hardware-based workload isolation layer for containers. Kata Containers has offered a number of enhancements since May 2018 (six releases to date, with another shipping soon) including:

• Improved performance with VM templating, TC mirroring to improve networking performance and the soon-to-be integrated Virtio-fs support.
• Improved simplicity and operability by adding distributed tracing support, live update and overall simplified architecture based on vsock.
• Improved industry support by adding new hardware architectures like ARM64, ppc64 and s390
• Even stronger security architecture by adding more libcontainer-based isolation layers inside the virtual machine, but most importantly by supporting more hypervisors, including QEMU, NEMU and Firecracker.

Firecracker

Firecracker is an open-source, lightweight virtual machine monitor written in Rust. It leverages Linux Kernel Virtual Machine (KVM) to provide isolation for multi-tenant cloud workloads like containers and functions.

What makes it great:

• It “boots blazingly fast” (under 125 milliseconds)
• Low memory footprint, helping it achieve high densities (<5MiB)
• Oversubscription
• Security: two boundaries–virtualization and jailer

Florescu also outlined some of the main enhancements in progress:

• ARM and AMD support
• Refactoring the codebase for standalone virtualization components that can be used by other projects.
• Container integration: Transitioning from an experimental implementation of Vsock to a production ready version; also integrating firecracker-containerd, which is a container runtime on top of Firecracker.

Check out the whole 12-minute keynote below and stay tuned for a video from their Summit session titled “Tailor-made security: Building a container specific hypervisor.”

Photo // CC BY NC

The post Firecracker and Kata Containers: Sparking more open collaboration appeared first on Superuser.

The post Zenoss Implementation appeared first on Aptira.

Implementing cloud computing solutions that runs in hybrid environments might be the final solution when comes to finding the best benefits/cost ratio.

This post will be the main thread to build and describe the KIAB/Kubebox project (www.kubebox.org and/or www.kiab.org).

Spoiler alert!

The name

First thing first, the name.. I have in my mind two names having the same meaning. The first one is KIAB (Kubernetes In A Box) this name came to my mind as the Kiai sound from karatekas (practitioners of karate). The second one is more traditional, “Kubebox”. I have no preference but it would be awesome if you help me to decide the official name for this project.

Add a comment and contribute to select the project name!

Introduction

This project is about to integrate together already market available devices to run cloud software as an appliance.

The proof-of-concept delivered in this series of posts will allow people to put a well-known set of hardware devices into a single chassis for either create their own cloud appliances, research and development, continuous integration, testing, home labs, staging or production-ready environments or simply just for fun.

Hereby it’s humbly presented to you the design of KubeBox/KIAB an open chassis specification for building cloud appliances.

The case enclosure is fully designed, and hopefully in the last phases for building the first set of enclosures, now, the posts will appear in the mean time I have some free cycles for writing the overall description.

Use cases

Several use cases can be defined to run on a KubeBox chassis.

• AWS outpost.
• Development environments.
• EDGE.
• Production Environments for small sites.
• GitLab CI integration.
• Demos for summits and conferences.
• R&D: FPGA usage, deep learning, AI, TensorFlow, among many others.
• Marketing WOW effect.
• Training.

Enclosure design

The enclosure is designed as a rackable unit, using 7U. It tries to minimize the space used to deploy an up to 8-node cluster with redundancy for both power and networking.

Cloud appliance description

This build will be described across several sub-posts linked from this main thread. The posts will be created particularly without any specific order depending on my availability.

• Backstory and initial parts selection.
• Designing the case part 1: Design software.
• A brief introduction to CAD software.
• Designing the case part 2: U’s, brakes, and ghosts.
• Designing the case part 3: Sheet thickness and bend radius.
• Designing the case part 4: Parts Allowance (finish, tolerance, and fit).
• Designing the case part 5: Vent cutouts and frickin’ laser beams!.
• Designing the case part 6: Self-clinching nuts and standoffs.
• Designing the case part 7: The standoffs strike back.
• A brief primer on screws and PEMSERTs.
• Designing the case part 8: Implementing PEMSERTs and screws.
• Designing the case part 9: Bend reliefs and flat patterns.
• Designing the case part 10: Shelf caddy, to be used with GPU, MB, disks, any other peripherals you want to add to the enclosure.
• Designing the case part 11: Components rig.
• Designing the case part 12: Power supply.
• Designing the case part 13: Networking.
• Designing the case part 14: 3D printed supports.
• Designing the case part 15: Adding computing power.
• Designing the case part 16: Adding Storage.
• Designing the case part 17: Front display and bastion for automation.
• Manufacturing the case part 1: PEMSERT installation.
• Manufacturing the case part 2: Bending metal.
• Manufacturing the case part 3: Bending metal.
• KubeBox cloud appliance in detail!.
• Manufacturing the case part 0: Getting quotes.
• Manufacturing the case part 1: Getting the cases.
• Software deployments: Reference architecture.
• Design final source files for the enclosure design.
• KubeBox is fully functional.

Update log:

Welcome to the latest edition of the OpenStack Foundation Open Infrastructure newsletter, a digest of the latest developments and activities across open infrastructure projects, events and users. Sign up to receive the newsletter and email community@openstack.org to contribute.

Spotlight on the Open Infrastructure Summit Denver

The global community gathered recently in Denver for the Open Infrastructure Summit followed by the Project Teams Gathering (PTG). This was the first edition under the new name, which was changed to better reflect the diversity of open-source communities collaborating at the Summit. With the co-location of the PTG, the week had more collaborative sessions than ever and attendees had the opportunity to collaborate throughout the week with presentations, workshops, and collaborative sessions covering the development, integration and deployment of more than 30 open-source projects.

The theme of the week was “Collaboration without Boundaries,” a call to the community shared by Jonathan Bryce in his Monday morning keynote. Collaboration was exemplified throughout the week from the developers, operators and vendors attending the event:

• Developers from the Kata Containers and Firecracker projects highlighted the progress around community collaboration and project integration. They also discussed Rust-VMM, a cross-project collaborative initiative to develop container-specific hypervisors.
• Operators from Baidu, Blizzard Entertainment, CERN, Box, Adobe Advertising Cloud and more presented their open infrastructure use cases, highlighting the integration of multiple technologies including Ceph, Kata Containers, Kubernetes, and OpenStack among 30+ other projects.
• 5G was front and center at the Denver Summit. In a demonstration of open collaboration, Ericsson partnered with AT&T to host a 5G Lounge where attendees could test the latency of network speeds while playing a virtual reality game, Strike a Light. Users like China Mobile and AT&T presented about their 5G deployments. At AT&T, 5G is powered by an Airship-based containerized OpenStack cloud.
• The NIST Public Working Group on Federated Cloud and The Open Research Cloud Alliance discussed possible federation deployment and governance models that embody the key concepts and design principles being developed in the NIST/IEEE Joint working group and ORCA. They want to encourage developers, users and cloud operators to provide use cases and feedback as they move forward in these efforts.

Denver Summit session videos are now available and for more Summit announcements, user sessions and news from the Open Infrastructure ecosystem, check out the Superuser recap.
Next, the Open Infrastructure Summit and PTG are heading to Shanghai. Registration and Sponsorship sales are now open. If you’re interested in speaking, the Call for Presentations is open. Check out the list of Tracks and submit your presentations, panels and workshops before July 2, 2019.

OpenStack Foundation news

• At the Open Infrastructure Summit, the OpenStack Board of Directors confirmed Zuul as a top-level Open Infrastructure project, joining OpenStack and recently confirmed Kata Containers.

• The OSF launched the OpenStack Ironic Bare Metal Program in Denver, highlighting the commercial ecosystem for Ironic, at-scale deployments of Ironic, and evolution of OpenStack beyond virtual machines. Case studies by CERN and Platform9 were published along with the announcement

OpenStack Foundation project news

Airship

• The Airship team delivered its first release at the Open Infrastructure Summit Denver. Airship 1.0 delivers a wide range of enhancements to security, resiliency, continuous integration and documentation, as well as upgrades to the platform, deployment and tooling features.

Kata Containers

• The community delivered several talks during the Open Infrastructure Summit in Denver that you can check out among the videos from the event.

• Kata Containers continues to provide improvements around performance, stability and security.  Expected this week, the 1.7 release of Kata Containers includes experimental support for virtio-fs in the NEMU VMM. For workloads which require host to guest sharing, virtio-fs provides improved performance and compatibility compared to 9pfs. This release adjusts the guest kernel in order to facilitate Docker-in-Kata use cases, and adds support for the latest version of Firecracker.

OpenStack

• Following the open design principle, The OpenStack community at large discussed the future of OpenStack at various Forum sessions at the Open Infrastructure Summit in Denver. This was followed by the Project Teams Gathering event, where 46 different OpenStack project teams, SIGs and workgroups came to meet in-person and discuss their work for the Train release cycle. You can catch up on those discussions by reading the session and meeting summaries posted on the openstack-discuss mailing-list.

StarlingX

• There were five sessions dedicated to the project at the Open Infrastructure Summit in Denver, check out the videos here.

• Participants packed room for a hands-on workshop to try out the StarlingX platform on  hardware donated by Packet.com. If you missed this one, keep an eye out for similar workshops at community upcoming industry events.
• The team had great discussions during Forum sessions as well as at the PTG to deep dive into the details of processes, testing and roadmap planning for the upcoming two releases.

Zuul

• The community delivered several talks during the Open Infrastructure Summit in Denver that you can check out among the videos from the event.

• Zuul 3.8.1 was released, fixing a memory leak introduced in the previous 3.8.0 release. Users should update to at least 3.8.0 to fix this bug. More info can be found in the release notes.

• Nodepool 3.6.0 was released. This release improves API rate limiting against OpenStack clouds and statsd metric gathering performed by the builder process. Find more info in the release notes.

OSF @ Open Infrastructure community events

• KubeCon + CloudNativeCon in Barcelona, May 20-23
  • Chris Hoge, senior strategic program manager, OSF, will head up several sessions.
• Network Virtualization & SDN Europe in Berlin, May 21-23
  • Check out the edge computing and NFV sessions with Ildiko Vancsa, ecosystem lead, OSF.
• OpenInfra Day Poland, June 11
• Network Technology Seminar in Geneva, June 18-19

Questions / feedback / contribute

This newsletter is written and edited by the OpenStack Foundation staff to highlight open infrastructure communities. We want to hear from you!
If you have feedback, news or stories that you want to share, reach us through community@openstack.org . To receive the newsletter, sign up here.

The post Inside open infrastructure: The latest from the OpenStack Foundation appeared first on Superuser.

The Challenge

The customer is running an internal Big Data system, which collects data from various internal data sources, providing a static view of this data to the management team. They are using a Hadoop-based system and have been experiencing issues with scalability. As such, they want to explore a Cloud-based hosting platform, which will give them more flexibility and scalability. They’d also like to migrate their existing production system onto the new hosting platform once it is proven to be stable and production ready.

The design of the Cloud platform had to balance short term specific goals against long term objectives. The Customer’s future vision for the platform included minimisation of the total cost of operational ownership, by designing the platform to require minimal operational intervention, and by maximising the use of automation in all stages of the operations lifecycle.

The challenge was even greater because Aptira was brought into the project relatively late in its development cycle, and therefore many decisions had already been made. Examples include a hardware and networking platforms having been selected, the rack placement of these machines being already defined, and the general approach to management of virtual and physical machines already having been determined.

---

The Aptira Solution

We may be a little biased when it comes to OpenStack, but there really is no better system for requirements such as these. As such, we’ve offered to build an OpenStack cloud to host their Big Data system.

This OpenStack will be integrated with their existing Cisco Application Centric Infrastructure (ACI) in order to provide a complete end-to-end Software Defined Networking (SDN) solution.

A complication that Aptira had to design around was the version compatibilities across the integrated subsystem. For example, Cisco ACI was only supported on OpenStack Ocata, which was rapidly approaching end of support. The integration design required painstaking attention to detail to enable functionality while at the same time honouring the design decisions made by the customer.

We have produced a complete design document which they can use to guide their OpenStack and upgrade their Big Data system from static infrastructure onto a flexible OpenStack Cloud solution.

---

The Result

This project is still in development – stay tuned for updates!

---

The post Big Data appeared first on Aptira.

ReAR is a pretty impressive disaster recovery solution for Linux. Relax-and-Recover, creates both a bootable rescue image and a backup of the associated files you choose.

When doing disaster recovery of a system, this Rescue Image plays the files back from the backup and so in the twinkling of an eye the latest state.

Various configuration options are available for the rescue image. For example, slim ISO files, USB sticks or even images for PXE servers are generated. As many backup options are possible. Starting with a simple archive file (eg * .tar.gz), various backup technologies such as IBM Tivoli Storage Manager (TSM), EMC NetWorker (Legato), Bacula or even Bareos can be addressed.

The ReaR written in Bash enables the skilful distribution of Rescue Image and if necessary archive file via NFS, CIFS (SMB) or another transport method in the network. The actual recovery process then takes place via this transport route.

In this specific case, due to the nature of the OpenStack deployment we will choose those protocols that are allowed by default in the Iptables rules (SSH, SFTP in particular).

But enough with the theory, here’s a practical example of one of many possible configurations. We will apply this specific use of ReAR to recover a failed control plane after a critical maintenance task (like an upgrade).

01 - Prepare the Undercloud backup bucket.

We need to prepare the place to store the backups from the Overcloud. From the Undercloud, check you have enough space to make the backups and prepare the environment. We will also create a user in the Undercloud with no shell access to be able to push the backups from the controllers or the compute nodes.

groupadd backup
useradd -g backup -d /data/backup -s /sbin/nologin backup
echo "backup:backup" | chpasswd
chown -R backup:backup /data
chmod -R 755 /data

02 - Run the backup from the Overcloud nodes.

#Install packages
sudo yum install rear genisoimage syslinux lftp -y

#Configure ReAR
cat << EOF >> /etc/rear/local.conf
OUTPUT=ISO
OUTPUT_URL=sftp://backup:backup@undercloud-0/data/backup/
BACKUP_URL=sftp://backup:backup@undercloud-0/data/backup/
EOF

Now run the backup, this should create an ISO image in the Undercloud node (/data/backup/).

sudo rear -d -v mkbackup

Now, simulate a failure xD

# sudo rm -rf /

After the ISO image is created, we can proceed to verify we can restore it from the Hypervisor.

03 - Prepare the hypervisor.

# Install some required packages
sudo yum install -y fuse-sshfs

# Mount the Undercloud backup folder to access the images
mkdir -p /data/backup
sudo sshfs -o allow_other root@undercloud-0:/data/backup /data/backup
ls /data/backup/*

04 - Stop the damaged controller node.

virsh shutdown controller-0

# Wait until is down
watch virsh list --all

# Backup the guest definition
virsh dumpxml controller-0 > controller-0.xml
cp controller-0.xml controller-0.xml.bak

Now, we need to change the guest definition to boot from the ISO file.

Edit controller-0.xml and update it to boot from the ISO file.

Find the OS section,add the cdrom device and enable the boot menu.

<os>
<boot dev='cdrom'/>
<boot dev='hd'/>
<bootmenu enable='yes'/>
</os>

Edit the devices section and add the CDROM.

<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='/data/backup/rear-controller-0.iso'/>
<target dev='hdc' bus='ide'/>
<readonly/>
<address type='drive' controller='0' bus='1' target='0' unit='0'/>
</disk>

Update the guest definition.

virsh define controller-0.xml

Restart and connect to the guest

virsh reset controller-0
virsh console controller-0

You should be able to see the boot menu to start the recover process, select Recover controller-0 and follow the instructions.

You yould see a message like:

Welcome to Relax-and-Recover. Run "rear recover" to restore your system !

RESCUE controller-0:~ # rear recover

The image restore should progress quickly.

COntinue to see the restore evolution.

Now, each time you reboot the node will have the ISO file as the first boot option so it’s something we need to fix. In the mean time let’s check if the restore went fine.

Reboot the guest booting from the hard disk.

Now we can see that the guest VM started successfully.

Now we need to restore the guest to it’s original definition, so from the Hypervisor we need to restore the controller-0.xml.bak file we created.

#From the Hypervisor
virsh shutdown controller-0
watch virsh list --all
virsh define controller-0.xml.bak
virsh start controller-0

Enjoy.

Considerations:

• Space.
• Multiple protocols supported but we might then to update firewall rules, that’s why I prefered SFTP.
• Network load when moving data.
• Shutdown/Starting sequence for HA control plane.
• Do we need to backup the data plane?
• User workloads should be handled by a third party backup software.

Woo! Placement update 19-19. First one post PTG and Summit. Thanks to everyone who helped make it a useful event for Placement. Having the pre-PTG meant that we had addressed most issues prior to getting there meaning that people were freed up to work in other areas and the discussions we did have were highly coherent.

Thanks, also, to everyone involved in getting placement deleted from nova. We did that while at the PTG and had a little celebration.

Most Important

We're still working on narrowing priorities and focusing the details of those priorities. There's an etherpad where we're taking votes on what's important. There are three specs in progress from that that need review and refinement. There are two others which have been put on the back burner (see specs section below).

What's Changed

• We're now running a subset of nova's functional tests in placement's gate.

• osc-placement is using the PlacementFixture to run its functional tests making them much faster.

• There's a set of StoryBoard worklists that can be used to help find in progress work and new bugs. That section also describes how tags are used.

• There's a summary of summaries email message that summarizes and links to various results from the PTG.

Specs/Features

As the summary of summaries points out, we have two major features this cycle, one of which is large: getting consumer types going and getting a whole suite of features going to support nested providers in a more effective fashion.

• https://review.opendev.org/654799 Support Consumer Types. This is very close with a few details to work out on what we're willing and able to query on. It only has reviews from me so far.

• https://review.opendev.org/658510 Spec for Nested Magic. This is associated with a lengthy story that includes visual artifacts from the PTG. It covers several related features to enable nested-related requirements from nova and neutron. It is a work in progress, with several unanswered questions. It is also something that efried started but will be unable to finish so the rest of us will need to finish it up as the questions get answered. And it also mostly subsumes a previous spec on subtree affinity. (Eric, please correct me if I'm wrong on that.)

• https://review.opendev.org/657582 Resource provider - request group mapping in allocation candidate. This spec was copied over from nova. It is a requirement of the overall nested magic theme. While it has a well-defined and refined design, there's currently no one on the hook implement it.

There are also two specs that are still live but de-prioritized:

• https://review.openstack.org/649992 support any trait in allocation candidates

• https://review.openstack.org/649368 support mixing required traits with any traits

These and other features being considered can be found on the feature worklist.

Some non-placement specs are listed in the Other section below.

Stories/Bugs

There are 23 stories in the placement group. 0 are untagged. 4 are bugs. 5 are cleanups. 12 are rfes. 2 are docs.

If you're interested in helping out with placement, those stories are good places to look.

On launchpad:

• Placement related nova bugs not yet in progress on launchpad: 16. +3

• In progress placement bugs on launchpad: 6. +2. These are placement-related, in nova.

Of those there two interesting ones to note:

• https://bugs.launchpad.net/nova/+bug/1829062 nova placement api non-responsive due to eventlet error. When using placement-in-nova in stein, recent eventlet changes can cause issues. As I've mentioned on the bug the best way out of this problem is to use placement-in-placement but there are other solutions.

• https://bugs.launchpad.net/nova/+bug/1829479 The allocation table has residual records when instance is evacuated and the source physical node is removed. This appears to be yet another issue related to orphaned allocations during one of the several move operations. The impact they are most concerned with, though, seems to be the common "When I bring up a new compute node with the same name there's an existing resource provider in the way" that happens because of the unique constrain on the rp name column.

I'm still not sure that constraint is the right thing unless we want to make people's lives hard when they leave behind allocations. We may want to make it hard because it will impact quota...

osc-placement

osc-placement is currently behind by 11 microversions. No change since the last report.

Pending changes:

Note: a few of these having been sitting for some time with my +2 awaiting review by some other placement core. Please remember osc-placement when reviewing.

• https://review.openstack.org/#/c/640898/ Add 'resource provider inventory update' command (that helps with aggregate allocation ratios).

• https://review.openstack.org/#/c/651783/ Add support for 1.22 microversion

• https://review.openstack.org/586056 Provide a useful message in the case of 500-error

• https://review.openstack.org/650257 Remove unused cruft from doc and releasenotes config

• https://review.openstack.org/652100 Improve aggregate version check error messages with min_version

• https://review.opendev.org/653285 Expose version error message generically

Main Themes

Now that the PTG has passed some themes have emerged. Since the Nested Magic one is rather all encompassing and Cleanup is a catchall, I think we can consider three enough. If there's some theme that you think is critical that is being missed, let me know.

For people coming from the nova-side of the world who need or want something like review runways to know where they should be focusing their review energy, consider these themes and the links within them as a runway. But don't forget bugs and everything else.

Nested Magic

At the PTG we decided that it was worth the effort, in both Nova and Placement, to make the push to make better use of nested providers — things like NUMA layouts, multiple devices, networks — while keeping the "simple" case working well. The general ideas for this are described in a story and an evolving spec.

Some code has started, mostly to reveal issues:

• https://review.opendev.org/657419 Changing request group suffix to string

• https://review.opendev.org/657510 WIP: Allow RequestGroups without resources

• https://review.opendev.org/657463 Add NUMANetworkFixture for gabbits

• https://review.opendev.org/658192 Gabbi test cases for can_split

Consumer Types

Adding a type to consumers will allow them to be grouped for various purposes, including quota accounting. A spec has started. There are some questions about request and response details that need to be resolved, but the overall concept is sound.

Cleanup

As we explore and extend nested functionality we'll need to do some work to make sure that the code is maintainable and has suitable performance. There's some work in progress for this that's important enough to call out as a theme:

• https://storyboard.openstack.org/#!/story/2005712 Some work from Tetsuro exploring ways to remove redundancies in the code. There's a related WIP

• https://review.opendev.org/659522 Enhance debug logging in allocation candidate handling

• https://review.opendev.org/658164 Start of a stack that will allow us to remove the protections against null root providers (which turns out is a pretty significant performance hit).

• https://review.opendev.org/643269 WIP: Optionally run a wsgi profiler when asked. This was used to find some of the above issues. Should we make it generally available or is it better as a thing to base off when exploring?

Ed Leafe has also been doing some intriguing work on using graph databases with placement. It's not yet clear if or how it could be integrated with mainline placement, but there are likely many things to be learned from the experiment.

Other Placement

• https://review.opendev.org/#/q/topic:refactor-classmethod-diaf A suite of refactorings that given their lack of attention perhaps we don't need or want, but let's be explicit about that rather than ignoring the patches if that is indeed the case.

• https://review.opendev.org/645255 A start at some unit tests for the PlacementFixture which got lost in the run up to the PTG. They may be less of a requirement now that placement is running nova's functional tests. But again, we should be explicit about that decision.

Other Service Users

New discoveries are added to the end. Merged stuff is removed.

• https://review.openstack.org/552924 Nova: Spec: Proposes NUMA topology with RPs

• https://review.openstack.org/622893 Nova: Spec: Virtual persistent memory libvirt driver implementation

• https://review.openstack.org/641899 Nova: Check compute_node existence in when nova-compute reports info to placement

• https://review.openstack.org/601596 Nova: spec: support virtual persistent memory

• https://review.openstack.org/#/q/topic:bug/1790204 Workaround doubling allocations on resize

• https://review.openstack.org/645316 Nova: Pre-filter hosts based on multiattach volume support

• https://review.openstack.org/647396 Nova: Add flavor to requested_resources in RequestSpec

• https://review.openstack.org/633204 Blazar: Retry on inventory update conflict

• https://review.openstack.org/#/q/topic:bp/count-quota-usage-from-placement Nova: count quota usage from placement

• https://review.openstack.org/#/q/topic:bug/1819923 Nova: nova-manage: heal port allocations

• https://review.openstack.org/648665 Nova: Spec for a new nova virt driver to manage an RSD

• https://review.openstack.org/625284 Cyborg: Initial readme for nova pilot

• https://review.openstack.org/629142 Tempest: Add QoS policies and minimum bandwidth rule client

• https://review.openstack.org/648687 Nova-spec: Add PENDING vm state

• https://review.openstack.org/650188 nova-spec: Allow compute nodes to use DISK_GB from shared storage RP

• https://review.openstack.org/651024 nova-spec: RMD Plugin: Energy Efficiency using CPU Core P-State control

• https://review.openstack.org/651455 puppet: Debian: Add support for placement-api over uwsgi

• https://review.openstack.org/650963 nova-spec: Proposes NUMA affinity for vGPUs. This describes a legacy way of doing things because affinity in placement may be a ways off. But it also may not be.

• https://review.openstack.org/#/q/topic:heal_allocations_dry_run Nova: heal allocations, --dry-run

• https://review.openstack.org/642527 Neutron: Fullstack test for placement sync

• https://review.opendev.org/656448 Watcher spec: Add Placement helper

• https://review.opendev.org/659233 Cyborg: Placement report

• https://review.opendev.org/657884 Nova: Spec to pre-filter disabled computes with placement

• https://review.opendev.org/657801 rpm-packaging: placement service

• https://review.opendev.org/657016 Delete resource providers for all nodes when deleting compute service

End

I'm out of practice on these things. This one took a long time.

The post Custom OpenStack Lab with Ceph Storage and Ansible Playbooks appeared first on Aptira.

The post Custom OpenStack Tools & Training appeared first on Aptira.

The post Creating Virtual WAN Links using OpenKilda and Noviflow appeared first on Aptira.

The post Custom OpenStack Integration with Puppet appeared first on Aptira.

DENVER — At the first Open Infrastructure Summit, James Penick, architecture director, offered a rare glimpse into the inner workings of entertainment giant Verizon Media.

Verizon Media (formerly Oath) is a subsidiary of the telecom giant that most of us probably use every day: TechCrunch, Huffington Post, Yahoo! and Engadget. Keeping these asset-rich sites up and running requires a heavy underpinning of reliable infrastructure.

Penick describes how and why Verizon Media transitioned from an infrastructure built almost entirely on proprietary, custom platforms to one predominantly powered by open infrastructure. His keynote was one of a series that underlined the importance of bare metal, here’s more on the recently announced OpenStack Ironic Bare Metal Program.

#BareMetal meets #MetalBear. It ain’t easy! #OpenInfrastructureSummit #OpenInfra #OpenStack #OpenSource #OpenInfraSummit @OpenStack pic.twitter.com/qOWcQ3MBae

— Gary Kevorkian @ #OpenInfraSummit (@GARY805) April 29, 2019

The numbers are eye popping: hundreds of thousands of machines with millions of CPU cores on a private cloud that are mainly managed with open-source tech. Penick paints himself as something of an outsider, noting that a boss told him he was the only software architect he’d ever met who didn’t insist on building everything from scratch myself.

“I told him that I chose to use OpenStack because it exists and it has an active and passionate global community who are always working to improve their product. The value of that force multiplication can not be understated.”

Although the team wasn’t starting from nothing, Penick realized they did have to start with bare metal. “We realized that before we grab our tools and build that house, it’s got to stand on something. It needs a foundation,” he says. “Bare metal is the rebar and concrete which form the foundation of your infrastructure. VMs, Containers, and functions are all awesome, but each platform stands on the one beneath.

While it may seem like the buzz word du jour, Penick says that bare metal is “not glamorous, it’s not the latest flashy, cool, new toy, but you’ve got to deal with it.”  So his team invested there, changed the business to make infrastructure-as-a-service bare metal an option, then a default and then “make it unavoidable.” That’s how he says that what was once a heretical idea became common sense.

I have to agree, @ThePenick killed it up there!

4M cores of openstack and a really relevant story about how they ended up betting on open source for their infrastructure, and why you can too. #fortheloveofopen #OpenInfraSummit https://t.co/KaRDif8upA

— Mark Collier (@sparkycollier) May 1, 2019

And what did they build on it? Virtual machines, Kubernetes, containers and much more. Our production workloads run at all levels of this stack and my dream is to one day push as much of our workloads into higher functions as much as possible.

Penick concludes by encouraging active involvement in open source.

“Don’t just consume; participate and give back. The more you put engineering, operations and architectural talent into contribute experience and perspective,” he says.  The more you help shape and guide the direction of the product to better suit your needs! I hope that our experiences moving over four million cores of infrastructure to open technologies like OpenStack Ironic will help give you the confidence to do the same.”

Check out the whole keynote below.

Photo // CC BY NC

The post How Verizon Media rocks bare metal appeared first on Superuser.

The post VMware to OpenStack Migration appeared first on Aptira.

YET AGAIN we returned to Denver, the city that brings snow and trains together. This time we were here not just for the Project Teams Gathering but also for the OpenStack Summit and Forum. Although the time allotment for all the activity this week was very compacted and our brains …

Open Infrastructure Summit followed by OpenStack PTG held in Denver, USA on 29th April 2019 till 4th May 2019.

We had good discussions at QA forum sessions in Summit and PTG. I am summarizing the QA related discussions.

    Summit: QA Forum sessions:

    1. OpenStack QA – Project Update: Tuesday, April 30, 2:35pm-2:55pm

We gave the updates on what we finished on Stein and draft plan for Train cycle.
The good thing to note is we still have a lot of activity going on in QA.
As overall QA projects, we did >3000 reviews and 750 commits. Video is not up still so I am copying the slide link below. Slides: https://docs.google.com/presentation/d/10zupeFZuOlxroAMl29qVJl78nD4_YWHkQxANNVlIjE0/edit?ts=5cc73ae8#slide=id.p1

    2. OpenStack QA – Project Onboarding : Wednesday, May 1, 9:00am-9:40am

We did host the QA onboarding sessions but there were only 3 attendees and no new contributor. I think it is hard to see any new contributor in summits now so I am thinking whether we should host the onboarding sessions from next time.

Etherpad: https://etherpad.openstack.org/p/DEN-qa-onboarding

    3. Users / Operators adoption of QA tools / plugins : Wednesday, May 1, 10:50am-11:30am

As usual, we had more attendees in this session and useful feedback. There are few tooling is being shared by attendees:

1. Python hardware module for bare metal detailed hardware inspection & anomaly detection https://github.com/redhat-cip/hardware

2. Workload testing: https://opendev.org/x/tobiko/ Another good idea from Doug was plugin feature in openstack-health dashboard.

That is something we discussed in PTG. For more details on this, refer the PTG ” OpenStack-health improvement” section.
Etherpad: https://etherpad.openstack.org/p/Den-forum-qa-ops-user-feedback

    QA PTG: 2nd – 3rd May:

We were 3-4 attendee in the room always and others attended per topics. Good discussions and few good improvement ideas about gate stability and dashboard etc.

    1. Topic: Stein Retrospective:

We collect good and need improvement things in this session. In term of good things, we completed the OpenStack gate migration fro Xenial to Bionic, lot of reviews and code. Doug from AT&T mentioned about to add tempest and patrole to gates and check in their production deployment process, “Thank you for all of the hard work from the QA team!!!” Slow reviews are a concern as we have a good number of the incoming request. This is something we should improve in Train.

Action items:

gmann: start the plan for backlogs especially for review and doc cleanup.

masayukig: plan to have resource leakage check in gate.

ds6901:will work with his team to clean up leaks and submit bugs

    2. Topic: Keystone system-scope testing:

QA and Keystone team gathered together in this cross-project session about next steps on system scope testing. We talked on multiple points about how to cover all new roles for system scope and how to keep the backward compatibility testing for stable branches still testing the without system scope. We decided to move forward for system_admin as of now and fall back the system_admin to project scope if there is no system_scope testing flag is true on Tempest side (this will cover the stable branch testing unaffected).

We agreed :

– To move forward with system admin – https://review.opendev.org/#/c/604909/

– Add tempest job to test system scope – https://review.opendev.org/#/c/614484/

– Then add to tempest full – gmann – Then add testing for system reader

– Investigate more advanced RBAC testing with Patrole – gmann

Etherpad: https://etherpad.openstack.org/p/keystone-train-ptg-testing-system-scope-in-tempest

    3. Topic: new whitebox plugin for tempest:

This is a new idea from artom about testing things outside of Tempest’s scope (currently mostly used to check instance XML for NFV use case tests). Currently, this tool does ssh into VM and fetch the xml for further verification etc. We agreed on point to avoid any duplicate test verification from the Tempest or nova functional tests This is good to tests from more extra verification by going inside VM like after migration data, CPU pinning etc. As next step artom to propose the QA spec with details and proposal of this plugin under QA program.

    4. Topic: Document the QA process or TODO things for releases, stable branch cut:

Idea is to start a centralized doc page for QA activities and process etc. we want to use the qa-specs repo to publish the content to doc.openstack.org/qa/. This can be not so easy and need few tweaks on doc jobs. I will get into the details and then discuss with infra team. This is a low priority for now.

    5. Topic: Plugin sanity check:

Current tempest-plugins-sanity job is not stable and so it is n-v. We want to make it voting by only installing the active plugins. many plugins are failing either they are dead or not so active. We agreed on: – make faulty plugins as blacklist with bug/patch link and notify the same on ML every time we detect any failure – Publish the blakclist on plugins-registry doc. – After that make this job voting, make the process of fixing and removing the faulty plugin which unblocks the tempest gate with author self-approve. – Make sanity job running on plugins which are dependent on each other. For example, congress-tempest-plugin use neutron-tempest-plugin, mistral-tempest-plugin etc so all these plugins should have a sanity job which can install and list these plugins tests only not all the plugins.

    6. Topic: Planning for Patrole Stable release:

We had a good amount of discussions for Patrole improvements area to release it stable. Refer the below ML thread for details and further discussions on this topic: – http://lists.openstack.org/pipermail/openstack-discuss/2019-May/005870.html

    7. Topic: How to make tempest-full stable:

Current integrated-gate jobs (tempest-full) is not so stable for various bugs specially timeout. We discussed the few ideas to improve it. Refer the below ML thread for details and further discussions on this topic : http://lists.openstack.org/pipermail/openstack-discuss/2019-May/005871.html

    8. Topic: OpenStack-Health Improvement:

Doug from AT&T has few improvement ideas for health dashboard which has been discussed in PTG:

– Test Grouping – Define groups

– Assigned test to groups – filter by groups

– Compare 2 runs = Look into push AQuA report to subunit2SQL as a tool

Action Items:

– Doug is going to write the spec for plugin approach. All other ideas can be done after we have the plugin approach ready.

– filter

– presentation

    9. Topic: Stein Backlogs & Train priorities & Planning:

We collected the Train items in below mentioned etherpad with the assignee. Anyone would like to help on any of the item, ping me on IRC or reply here.

Etherpad: https://etherpad.openstack.org/p/qa-train-priority

    10. Topic: grenade zuulv3 jobs review/discussions:

We did not get the chance to review these. Let’s continue it after PTG.

    Full Detail discussion: https://etherpad.openstack.org/p/qa-train-ptg

The Challenge

The telco’s IT team is relatively new and did not have the resources available to perform this validation. They had no internal lab infrastructure, no F5 technical knowledge and no staff able to perform the evaluation. Nonetheless, it was critical to the organisation’s business plan to show that this VNF could be lifecycle managed through the following use cases:

• Onboarding
• Building test configurations
• Auto-healing
• Auto-scaling
• Removing test configurations

In order for the proposed solution to be accepted, we needed to verify that this solution would work not only as per the vendor claims, but also as per the client’s specific market requirements. Unfortunately, the client did not have a clear definition of a completed outcome for this evaluation, so there were no hard and fast success metrics. Rather, the customer wanted to approach this in an organic way, providing feedback as the project progressed and ongoing deliverables for us to achieve.

---

The Aptira Solution

This assignment required not only broad and deep technical knowledge, but also the ability to think on the fly as problems arose or as technical requirements are clarified. Aptira was able to allocate an internal team and spin up a dedicated lab environment to perform this evaluation, thus resolving the customer’s resource constraints. This team was spread between Australia (Sydney and Melbourne) and Taiwan.

Due to Aptira’s status as the Cloudify distributor for the Asia-Pacific area, and a deep base of knowledge on the Cloudify Service Orchestration platform, Aptira was able to leverage Cloudify’s framework for this solution.

In order to speed up the process, our team was able to assign tasks amongst themselves to work in parallel:

• Lab access, environment details
• VIM configuration and core software installation
• Orchestration policy development and testing
• F5 Technical ramp-up and liaison with F5 designated Technical consultant

We worked in consultation with the customer to prepare an architecture design that would not only demonstrate the capabilities of Cloudify but also provide them the required direction for designing their Network Functions Virtualisation (NFV) platform for hosting Telco workloads. Following is high level diagram of this architecture utilising Cloudify’s NFV Orchestrator and F5’s NFV Infrastructure:

The work was performed entirely using Aptira’s resources. Most development had previously been completed on the developer’s own infrastructure and integrated into Aptira’s own lab environment for testing and ultimately to demonstrate the results to the customer.

We found that the availability of an F5 technical consultant was a mandatory requirement, primarily due to the complexity of the NFV implementation. The implementation requires both a licensing server and a Virtual Network Functions Manager (VNFM) server to operate and the issue license keys by F5 – all the evaluation keys had expiry dates and the system would not function without the keys. The VNFM for the F5 loadbalancer/firewall was also quite complex and not intuitive, so the availability of a deeply knowledgeable F5 consultant minimised delays.

Jira and Confluence has been used for feature/task tracking and documentation respectively. The team also used both Slack and email for online collaboration, ensuring fast communication and input into the ongoing deliverables.

---

The Result

Aptira completed the development of the use cases for the F5 loadbalancer/firewall exactly on schedule, under budget, with all required functionality and with no technical issues in any component of the stack.

It is worth highlighting that as we mentioned earlier in this article, the F5 technical consultant should be seen as mandatory in F5 projects in order to enable rapid turn-around (and even anticipation) of questions and issues.

---

The post F5 NFV Automation appeared first on Aptira.

This analysis was performed using Kata containers version 1.6.2, the latest at the time of writing.

After attending a Kata Containers workshop at OpenInfra Days 2019 in London, we were impressed by their start-up time, only marginally slower compared to ordinary runC containers in a Kubernetes cluster. We were naturally curious about their disk I/O bound performance and whether they also live up to the speed claims. In this article we explore this subject with a view to understanding the trade offs of using this technology in environments where I/O bound performance and security are both critical requirements.

fio fio_jobfile.fio --fallocate=none --runtime=30 --directory=$SCRATCH_DIR --output-format=json+ --blocksize=65536 --output=65536.json

[global]
; Parameters common to all test environments

; Ensure that jobs run for a specified time limit, not I/O quantity
time_based=1

; To model application load at greater scale, each test client will maintain
; a number of concurrent I/Os.
ioengine=libaio
iodepth=8

; Note: these two settings are mutually exclusive
; (and may not apply for Windows test clients)
direct=1
buffered=0

; Set a number of workers on this client
thread=0
numjobs=4
group_reporting=1

; Each file for each job thread is this size
filesize=32g
size=32g
filename_format=$jobnum.dat

[fio-job]
; FIO_RW is read, write, randread or randwrite
rw=${FIO_RW}

Results

Disk I/O Bandwidth

In these results we plot the aggregate bandwidth across all clients, demonstrating the scale-up bandwidth achievable by a single client and the scale-out throughput achieved across many clients.

Comparison of disk I/O bandwidth between between bare metal, runC and Kata. In all cases, the bandwidth achieved with runC containers is slightly below bare metal. However, Kata containers generally fare much worse, achieving around 15% of the bare metal read bandwidth and a much smaller proportion of random write bandwidth when there are 64 clients. The only exception is the sequential write case using 64 clients, where Kata containers appear to outperform baremetal scenario by approximately 25%.

Commit Latency Cumulative Distribution Function (CDF)

In latency-sensitive workloads, I/O latency can dominate. I/O operation commit latency is plotted on a logarithmic scale, to fit a very broad range of data points.

Comparison of commit latency CDF between bare metal, runC and Kata container environments for 1, 8 and 64 clients respectively. There is a small discrepancy between running fio jobs in bare metal compared to running them as runC containers. However, comparing bare metal to Kata containers, the overhead is significant in all cases.

Number of clients >		1		8		64
Mode	Scenario	50%	99%	50%	99%	50%	99%
sequential read	bare	1581	2670	2416	3378	14532	47095
	runC	2007	2506	2391	3907	15062	46022
	Kata	4112	4620	12648	46464	86409	563806
random read	bare	970	2342	2580	3305	14935	43884
	runC	1155	2277	2506	3856	15378	42229
	Kata	5472	6586	13517	31080	109805	314277
sequential write	bare	1011	1728	2592	15023	3730	258834
	runC	1011	1990	2547	14892	4308	233832
	Kata	3948	4882	4102	6160	14821	190742
random write	bare	1269	2023	3698	11616	19722	159285
	runC	1286	1957	3928	11796	19374	151756
	Kata	4358	5275	4566	14254	1780559	15343845

Table summarising the 50% and the 99% commit latencies (in μs) corresponding to the figure shown earlier.

This analysis was performed using Kata containers version 1.6.2, the latest at the time of writing.

After attending a Kata Containers workshop at OpenInfra Days 2019 in London, we were impressed by their start-up time, only marginally slower compared to ordinary runC containers in a Kubernetes cluster. We were naturally curious about their disk I/O bound performance and whether they also live up to the speed claims. In this article we explore this subject with a view to understanding the trade offs of using this technology in environments where I/O bound performance and security are both critical requirements.

Results

Disk I/O Bandwidth

In these results we plot the aggregate bandwidth across all clients, demonstrating the scale-up bandwidth achievable by a single client and the scale-out throughput achieved across many clients.

Comparison of disk I/O bandwidth between between bare metal, runC and Kata. In all cases, the bandwidth achieved with runC containers is slightly below bare metal. However, Kata containers generally fare much worse, achieving around 15% of the bare metal read bandwidth and a much smaller proportion of random write bandwidth when there are 64 clients. The only exception is the sequential write case using 64 clients, where Kata containers appear to outperform baremetal scenario by approximately 25%.

Commit Latency Cumulative Distribution Function (CDF)

In latency-sensitive workloads, I/O latency can dominate. I/O operation commit latency is plotted on a logarithmic scale, to fit a very broad range of data points.

Comparison of commit latency CDF between bare metal, runC and Kata container environments for 1, 8 and 64 clients respectively. There is a small discrepancy between running fio jobs in bare metal compared to running them as runC containers. However, comparing bare metal to Kata containers, the overhead is significant in all cases.

Number of clients >		1		8		64
Mode	Scenario	50%	99%	50%	99%	50%	99%
sequential read	bare	1581	2670	2416	3378	14532	47095
	runC	2007	2506	2391	3907	15062	46022
	Kata	4112	4620	12648	46464	86409	563806
random read	bare	970	2342	2580	3305	14935	43884
	runC	1155	2277	2506	3856	15378	42229
	Kata	5472	6586	13517	31080	109805	314277
sequential write	bare	1011	1728	2592	15023	3730	258834
	runC	1011	1990	2547	14892	4308	233832
	Kata	3948	4882	4102	6160	14821	190742
random write	bare	1269	2023	3698	11616	19722	159285
	runC	1286	1957	3928	11796	19374	151756
	Kata	4358	5275	4566	14254	1780559	15343845

Table summarising the 50% and the 99% commit latencies (in μs) corresponding to the figure shown earlier.

I’ve been working on this for more than a year, and finally, I am acheiving my goal. I wrote a OpenStack cluster installer that is fully in Debian, and running in production for Infomaniak.

Note: I originally wrote this blog post a few weeks ago, though it was pending validation from my company (to make sure I wouldn’t disclose company business information).

What is it?

As per the package description and the package name, OCI (OpenStack Cluster Installer) is a software to provision an OpenStack cluster automatically, with a “push button” interface. The OCI package depends on a DHCP server, a PXE (tftp-hpa) boot server, a web server, and a puppet-master.

Once computers in the cluster boot for the first time over network (PXE boot), a Debian live system squashfs image is served by OCI (served by Apache), to act as a discovery image. This live system then reports the hardware features of the booted machine back to OCI (CPU, memory, HDDs, network interfaces, etc.). The computers can then be installed with Debian from that live system. During this process, a puppet-agent is configured so that it will connect to the puppet-master of OCI. Uppong first boot, OpenStack services are then installed and configured, depending on the server role in the cluster.

OCI is fully packaged in Debian, including all of the Puppet modules and so on. So just doing “apt-get install openstack-cluster-installer” is enough to bring absolutely all dependencies, and no other artifact are needed. This is very important so one only needs a local Debian mirror to install an OpenStack cluster. No external components must be downloaded from internet.

OCI setting-up a Swift cluster

At the begining of OCI’s life, we first used it at Infomaniak (my employer) to setup a Swift cluster. Swift is the object server of OpenStack. It is perfect solution for a (very) large backup system.

Think of a massive highly available cluster, with a capacity reaching peta bytes, storing millions of objects/files 3 times (for redundancy). Swift can virtually scale to infinity as long as you size your ring correctly.

The Infomaniak setup is also redundant at the data center level, as our cluster spans over 2 data centers, with at least one copy everything stored on each data center (the location of the 3rd copy depends on many things, and explaining it is not in the scope of this post).

If one wishes to use swift, it’s ok to start with 7 machines to begin with: 3 machines for the controller (holding the Keystone authentication, and a bit more), at least 1 swift-proxy machine, and 3 storage nodes. Though for redundancy purpose, it is IMO not good enough to start with only 3 storage node: if one fails, the proxy server will fall into timeouts waiting for the 3rd storage node. So 6 storage nodes feels like a better minimum. Though it doesn’t have to be top-noch servers, a cluster made of refurbished old hardware with only a few disks can do it, if you don’t need to store too much data.

Setting-up an OpenStack compute cluster

Though swift was the first thing OCI did for us, it now can do a way more than just Swift. Indeed, it can also setup a full OpenStack cluster with Nova (compute), Neutron (networking) and Cinder (network block devices). We also started using all of that, setup by OCI, at Infomaniak. Here’s the list services currently supported:

• Keystone (identity)
• Heat (orchestration)
• Aodh (alarming)
• Barbican (key/secret manager)
• Nova (compute)
• Glance (VM images)
• Swift (object store)
• Panko (event)
• Ceilometer (resource monitoring)
• Neutron (networking)
• Cinder (network block device)

On the backend, OCI can use LVM or Ceph for Cinder, local storage or Ceph for Nova instances.

Full HA redundancy

The nice thing is, absolutely every component setup by OCI is done in a high availability way. Each machine of the control plane of OpenStack is setup with an instance of the components: all OpenStack controller components, a MariaDB server part of the Galera cluster, etc.

HAProxy is also setup on all controllers, in front of all of the REST API servers of OpenStack. And finally, the web address where final clients will connect is in fact a virtual IP, that can move from one server to another, thanks to corosync. Routing to that VIP can be done either over L2 (ie: a static address on a local network), or over BGP (useful if you need multi-datacenter redundancy). So if one of the controllers is down, it’s not such a big deal, HAproxy will detect this within seconds, and if it was the server that had the virtual IP (matching the API endpoint), then this IP will move to one of the other servers.

Full SSL transport

One of the things that OCI does when installing Debian, is setup a PKI (ie: SSL certificates signed by a local root CA) so that everything in the cluster is transported over SSL. Haproxy, of course does the SSL, but it also connects to the different API servers over SSL too. All connections to the RabbitMQ servers are also performed SSL. If one wishes, it’s possible to replace the self-signed SSL certificates before the cluster is deployed, so that the OpenStack API endpoint can be exposed on a public address.

OCI as a quite modular system

If one decides to use Ceph for storage, then for every compute node of the cluster, it is possible to choose to use either Ceph for the storage of /var/lib/nova/instance, or use local storage. On the later case, then of course, using RAID is strongly advised, to avoid any possible loss of data. It is possible to mix both types of compute node storage in a single cluster, and create server aggregates so it is later possible to decide which type of compute server to run the workload on.

If a cluster Ceph is part of the cluster, then on every compute node, the cinder-volume and cider-backup services will be provisioned. They will be in use to control the Cinder volumes of the Ceph cluster. Even though the network block storage itself will not run on the compute machines, it makes sense to do that. The idea is that the amount of these process needs to scale at the same time as the amount of compute nodes, so it makes sense to do that. Also, on compute servers, the Ceph secret is already setup using libvirt, so it was also convenient to re-use this.

As for Glance, if you have Ceph, it will use it as backend. If not, it will use Swift. And if you don’t have a Swift cluster, it will fall-back to the normal file backend, with a simple rsync from the first controller to the others. On such a setup, then only the first controller is used for glance-api. The other controllers also run glance-api, but haproxy doesn’t use them, as we really want the images to be stored on the first controller, so they can be rsync to the others. In practice, it’s not such a big deal, because the images are anyway in the cache of the compute servers when in use.

If one setup cinder volume nodes, then cinder-volume and cinder-backup will be installed there, and the system will automatically know that there’s cinder with LVM backend. Both Cinder over LVM and over Ceph can be setup on the same cluster (I never really tried this, though I don’t see why it wouldn’t work, normally, simply both backend will be available).

OCI in Buster vs current development

Lots of new features are being added to OCI. These, unfortunately, wont make it to Buster. Though the Buster release has just enough to be able to provision a working OpenStack cluster.

Future features

What I envision for OCI, is to make it able to provision a cluster ready for serving as a public cloud. This means having all of the resource accounting setup, as well as cloudkitty (which is OpenStack resource rating engine). I’ve already played a bit with this, and it should be out fast. Then the only missing bit to go public will be billing of the rated resources, which obviously, has to be done in-house, and doesn’t need to live within the OpenStack cluster itself.

The other things I am planning to do, is add more and more services. Currently, even though OCI can setup a fully working OpenStack, it is still a basic one. I do want to add advanced features like Octavia (load balancer as a service), Magnum (kubernets cluster as a service), Designate (DNS), Manila (shared filesystems) and much more if possible. The number of available projects is really big, so it probably will keep me busy for a very long time.

At this point, what OCI misses as well, is a custom ISO debian installer image that would include absolutely all. It shouldn’t be hard to write, though I lack the basic knowledge on how to do this. Maybe I will work on this at this summer’s DebConf. At the end, it could be a debian pure blend (ie: a fully integrated distro-in-the-distro system, just like debian-edu or debian-meds). It’d be nice if this ISO image could include all of the packages for the cluster, so that no external resources would be needed. The setting-up an OpenStack cluster with no internet connectivity at all would become possible. Because in fact, only the API endpoint on the port 443, and the virtual machines need internet access, your management network shouldn’t be connected (it’s much safer this way).

No, there wasn’t 80 engineers that burned-out in the process of implementing OCI

One thing that makes me proud, is that I wrote all of my OpenStack installer nearly alone (truth: leveraging all the work of puppet-openstack, it woudn’t have been possible without it…). That’s unique in the (small) OpenStack world. Companies like my previous employer, or a famous companies working on RPM based distros, this kind of product is the work of dozens of engineers. I heard that Red Hat has nearly 100 employees working on TripleO. This was possible because I tried to keep OCI in the spirit of “keep it simple stupid”. It is doing only what’s needed, and implemented the mot simple way possible, so that it is easy to maintain.

For example, the hardware discovery agent is made of 63 lines of ISO shell script (that is: not even bash… but dash), while I’ve seen others using really over engineered stuff, like heavy ruby or Python modules. Ironic-inspector, for example, in the Rocky release, is made of 98 files, for a total of 17974 lines. I really wonder what they are doing with all of this (I didn’t dare to look). There is one thing I’m sure: what I did is really enough for OCI’s needs, and I don’t want to run a 250+ MB initrd as the discovery system: OCI’s live build based discovery image loaded over the web rather than PXE is a way smarter.

On the same spirit, the part that does the bare-metal provisioning, is the same shell script that I wrote to create the official Debian OpenStack images. It was about 700 lines of shell script to install Debian on a .qcow2 image, it’s not about 1500 lines, and made of a single file. That’s the smallest footprint you’ll ever find. However, it does all what’s needed, still, and probably even more.

In comparison, in Fuel, there was a super-complicated scheduler, written in Ruby, used to be able to provision a full cluster by only a single click of a button. There’s no such thing in OCI, because I do believe that’s a useless gadget. With OCI, a user simply needs to remember the order for setting-up a cluster: Cephmon nodes needs to be setup first, then CephOSD nodes, then controllers, then finally, in no particular order, the computes, swiftproxy, swiftstore and volume nodes last. That’s really not a big deal to let this done by the final user, as it is not expected that one will setup multiple OpenStack every day. And even so, if you use the “ocicli” tool, it shouldn’t be hard to do these final bits of the automation. But I would consider this a useless gadget.

While every company jumped into the micro-service in container thing, even at this time, I continue to believe this is useless, and mostly driven by the needs marketing people that needs to sell features. Running OpenStack directly on bare metal is already hard, and the amount of complexity added by running OpenStack services in Docker is useless: it doesn’t bring any feature. I’ve been told that it makes upgrades easier, I very much doubt it: upgrades are complex for other reasons than just upgrading the running services themselves. Rather, they are complex because one needs to upgrade the cluster components with a given order, and scheduling this isn’t easy.

So this is how I managed to write an OpenStack installer alone, in less than a year, without compromising on features: because I wrote things simply, and avoided the over-engineering I saw at all levels on other products.

OpenStack Stein is comming

I’ve just pushed to Debian Experimental, and to https://buster-stein.debian.net/debian the last release of OpenStack (code name: Stein), which was released upstream on the 10th or April (yesterday, as I write these lines). I’ve been able to install Stein on top of Debian Buster, and I could start VMs on it: it’s all working as expected after a bit of changes in the puppet manifests of OCI. What’s needed now, is testing upgrades from Stretch + Rocky to Buster + Stein. Normally, puppet-openstack can do that. Let’s see…

Want to know more?

Read on… the README.md is on https://salsa.debian.org/openstack-team/debian/openstack-cluster-installer

Last words, last thanks

This concludes a bit more than a year of development. All of this wouldn’t have been possible without my employer, Infomaniak, giving me a total freedom on the way I implement things for going into production. So a big thanks to them, and also for being a platinium sponsor for this year’s Debconf in Brazil.

Also a big thanks to the whole of the OpenStack project, including (but not limited to) the Infra team and the puppet-openstack team.

The post LDAP & Puppet appeared first on Aptira.

This was not my first rodeo. I’ve attended most of the OpenStack Summits since my first one in Atlanta, Georgia back in May of 2014. They have always been a highpoint in my working calendar and I look forward to each of them with tremendous enthusiasm. The first-ever Open Infrastructure Summit in Denver was no […]

The post 3 Reasons why the Open Infrastructure Summit in Denver was Simply Outstanding. appeared first on SUSE Communities.

After a short hiatus, we hope to meet and see you at Percona Live Austin 2019 (28-30 May 2019), as we have sponsored the event and have a booth in the expo hall, in addition to having some talks.

Our CEO and co-founder Seppo Jaakola will have a talk titled Galera Cluster New Features, happening in room Texas 5, on Wednesday at 11.55AM – 12.45PM. It will be a very interesting talk as Galera Cluster 4 features have made there way into MariaDB Server 10.4, and you can expect to hear a little more about when Codership, the engineers and makers of Galera Cluster will provide a MySQL version.

If you happen to sign up for tutorials, do not miss Expert MariaDB: Harness the Strengths of MariaDB Server by Colin Charles as part of the tutorial involves setting up a bootstrapped three node MariaDB Galera Cluster 10.4 with the Galera 4 replication library and learning about the other unique features it has.

For those interested in Galera Cluster, don’t forget there are a few other talks about Galera Cluster in the program, including one by Yahoo! Japan titled Immutable Database Infrastructure with Percona XtraDB Cluster which should be a great story about how they deploy a lot (think hundreds!) of Galera Cluster nodes in production.

Our booth will always have the wonderful Larisa Urse manning it, and we want to talk to you all about what you need from Galera Cluster, roadmaps, plans, how you use Percona XtraDB Cluster (PXC) (based on Galera Cluster), and more. We will have great conversations, and a whole bunch more planned for the conference including participating in the Passport Program — so dropping by our booth, talking to us, and get that coveted stamp, and you will be in the running to win a pair of Bose noise cancelling headphones. Don’t forget that we have great support and consulting services too, so come talk to us to find out more!

The post Upskilling your Staff with OpenStack appeared first on Aptira.

• Review of Searchlight current status: 3 active contributors
• Features introduced in Stein: support ES 5.x, bug fixes, multi-cloud vision
• Features for Train: multi-cloud support, new resource indexed (e.g., Tacker, Octavia, etc.)
• Introduce different ways you can contribute to Searchlight. Hopefully, after the summit, there will be more contributors interested in Searchlight.

The post Case Study – Complex Cloud Application Lifecycle Automation using Cloudify appeared first on Aptira.

DENVER — A generous dusting of snow only added more excitement to the first Open Infrastructure Summit. The sessions, workshops and lightning talks were enriched by the participation of people from over 50 countries using and contributing to over 30 open -source projects.

If you didn’t attend—or if you did and want a replay—Superuser collected the announcements, user stories and Forum discussions you may have missed.

You can also catch videos for the keynotes at the OSF website. Recordings for Summit sessions will be available soon.

Jump to roadmap & technical decisions
Jump to case studies
Jump to news from the OpenStack ecosystem
Jump to what’s next

Let’s start with the OpenStack Foundation announcements:

Kata Containers and Zuul were the first pilot projects confirmed as top-level open infrastructure projects by the OSF Board of Directors. The first pilot project was announced in December 2017 and the confirmation requirements were approved by the board earlier this year.

The OSF launched the OpenStack Ironic Bare Metal Program highlighting the commercial ecosystem for Ironic, at-scale deployments of Ironic, and evolution of OpenStack beyond virtual machines. Coinciding with the program launch, Superuser published two case studies—CERN and Platform9— highlighting the broad use of Ironic. Stay tuned to Superuser as we roll out more.

The Airship community released version 1.0. It’s already in production at AT&T and SKT. The first release delivers a wide range of enhancements to security, resiliency, continuous integration and documentation, as well as upgrades to the platform, deployment and tooling features.

Collaboration without boundaries

The next OpenStack release, Train, is scheduled to arrive in October 2019. At the Forum, the entire OpenStack community (users and developers) gathered to brainstorm the requirements for the next release, feedback on the past version and strategic discussions.

In Denver, the community discussed everything from cross-project best practices for integration with Linux distributions to edge computing use cases and TripleO architecture; check out the full list of Etherpads here.

The Project Teams Gathering (PTG) is an event organized by the OpenStack Foundation for engaged community members involved in teams working on one of the projects supported by the OSF (workgroups, development teams, special interest groups…). OpenStack projects from Barbican to Vitrage, SIGs from edge to security and pilot projects like Airship and StarlingX participated. Check out all the Etherpads here.

At the PTG, James Page proposed to end the Upgrades Special Interest group (SIG). Page asserts that upgrades in OpenStack are no longer a “special interest” but now an integral part of the philosophy of projects within the OpenStack ecosystem. “Although there are probably still some rough edges, we don’t think we need a SIG to drive this area forward any longer.”

During Monday keynotes, 11 outstanding contributors were recognized with the Open Infrastructure Community Contributor Awards with quirky categories like the Bonsai Caretaker Award. There was also special surprise award for Lauren Sell, former VP of OSF Marketing, for all her years of community building.

The NIST Public Working Group on Federated Cloud (PWGFC) has been working for close to two years to develop an approach to advancing the Federated Community Cloud, with a framework to support seamless implementations of disparate community cloud environments. The Open Research Cloud Alliance (ORCA) has been actively developing consensus across the scientific community stakeholders aimed at identifying and working collectively to mitigate and resolve those impediments, whether driven by technology choice, regulatory obligations or historical practices that interfere with the ability of globally dispersed researchers to effectively gain access to research data and resources.

In Denver, the groups discussed possible federation deployment and governance models that embody the key concepts and design principles being developed in the NIST/IEEE Joint working group and ORCA. They want to encourage developers, users and cloud operators to provide use cases and feedback as they move forward in these efforts.

The Kata Containers and Firecracker teams provided an update in Monday’s keynote to highlight progress around community collaboration and project integration. They also discussed rust-vmm, a cross-project collaborative initiative to develop container-specific hypervisors.

This just in from the Open Infrastructure ecosystem:

Mirantis announced a web-based SaaS application that enables users to quickly deploy a compact cloud and experience the flexibility and agility of Infrastructure-as-Code. Available next month, Model Designer for Mirantis Cloud Platform (MCP) helps infrastructure operators build customized, curated, exclusively open source configurations for on-premise cloud environments.

Red Hat added three new Red Hat OpenStack Platform customers—Algar Telecom (a leader for internet services in Brazil), the University of Adelaide (an Australian public university), and Vodafone Ziggo (a leading Dutch communications provider).

Red Hat Virtualization 4.3, the latest version of Red Hat’s Kernel-based Virtual Machine (KVM)-powered virtualization platform, will be generally available in  May 2019. Built on the enterprise foundation of Red Hat Enterprise Linux, Red Hat Virtualization 4.3 is designed to deliver greater security, easier interoperability and improved integration across enterprise IT environments.

Public Health England, an executive agency of the Department of Health and Social Care in the United Kingdom, adopted Red Hat’s open hybrid cloud technologies to support modern digital public health services in the UK.

SoftIron announced the release of their newest Ceph-optimized storage appliance, HyperDrive Density+. SoftIron’s HyperDrive platform is a portfolio of dedicated Ceph appliances and management software, purpose-built for software-defined storage (SDS). SoftIron also published a HyperDrive case study highlighting how the Minnesota Supercomputing Institute unlocks cost savings and scalability.

Trillio landed the latest release of TrilioVault 3.2. The release extends TrilioVault’s cloud-native backup and recovery capabilities to companies using advanced, modern architectures for clouds and virtualized infrastructure.

VEXXHOST, who also took home this edition of the Superuser Awards, announced the latest update to their cloud computing offering, introducing Kubernetes Enablement. This offering enables businesses with existing OpenStack private clouds to integrate and consume Kubernetes as a fully managed solution.

Now, a word from open infrastructure users in production

Adobe Advertising Cloud shared the fast-track journey they took to reach seven data centers in as many months. The session also covered the seven challenging scenarios with StatefulSets, GitOps, autoscaling for machine learning and auto-remediation. From developing with spot instances in dev to multi-cloud in production, they explained how their cloud platform team dealt with an interesting set of challenges, including preventing the derailing of their Kubernetes journey.

Arm showed the progress made in running Kata Containers on aarch64 with two demos: One running Kata Containers with Docker on aarch64 and one running Kata Containers with Kubernetes and CRI-O on aarch64.

In addition to a keynote discussing how AT&T’s deployment of 5G is powered by an Airship-based containerized OpenStack cloud, AT&T also discussed their experience using bare metal Kubernetes clusters to run containerized workloads including OpenStack itself. Alan Meadows and Pete Birley covered topics from challenges when upgrading Kubernetes to unexpected fallouts that can occur when running complex workloads while maintaining these mission critical environments powering their 5G infrastructure.

Amy Wheelus, vice president of network cloud at AT&T, also provided an update on their 5G rollout plan in a blog post. “While we may not be implementing DevOps in the purest sense of the word, Airship, collaboration and the new organizational structure between development and operations were EFFORTS to delivering into production a new network cloud platform and a new 5G Packet Core in record-setting time. These teams met the challenge, and AT&T launched the world’s first standards-based mobile 5G network in December of 2018. Today, our 5G network is live in parts of 19 cities, and our goal is to have nationwide coverage using sub-6 spectrum by early 2020.”

Edge computing is a typical use case for multi-tenant deployments, where edge nodes can scale to large numbers of sites, distributed in distinct locations. In this session, Intel and Baidu used Kata Containers to implement FaaS and deploy the service on the edge side, explaining why enhanced isolation is necessary, what gaps need to be filled in this use case and how the Baidu edge team met the requirements for the real deployment.

Blizzard Entertainment, a leading developer and publisher of entertainment software, has been using OpenStack as a private cloud to host its game services since 2012. They shared how their OpenStack autoscaling implementation to support their best-selling team-based shooter Overwatch, focusing on the unique challenges of running video games in the cloud and presents the advantages of utilizing autoscaling.

Major upgrades can be daunting, even within a release cycle or two behind the latest. Box discussed how they keep their OpenStack cloud up to date, covering the steps its team took to plan, test and perform upgrades spanning four releases (Mitaka to Queens) during single maintenance windows.

CERN presented two sessions at the Summit, one covering the latest developments in its cloud, focusing on the latest container use cases in high energy physics and recent scale tests to prepare for the upgrades of the Large Hadron Collider and the experiments. The second session discussed steps they are taking to meet the computational needs that will increase dramatically with the next run of the LHC and how they are prioritizing ways to make more resources available to their private cloud clients.

China Mobile featured in two sessions, sharing how their 5G system platform is based on OpenStack’s NFV system architecture and CI/CD as an enabler to building next generation networks.

Among the difficulties arising from a large public cloud deployment, sizing the compute host and designing message queuing and databases can be most challenging. OVH shared how its team designed their databases clusters, how they optimized configuration to handle the increase of requests, how they monitor databases performances, and how they handle intervention on databases without impacting clients.

Reliance Industries Ltd. gave an overview and offered a demo of its Monasca architecture that counts over 700 compute nodes hosted and over 25,000 VMs in production. They are also working with the community to develop a road map for upcoming releases based on user experience.

Verizon Media relies on open source to run one of the largest open infrastructure environments in the world—over 4 million cores. More importantly, they are also deeply involved in the open source community that’s there to support it. In his keynote, James Penick, architecture director, discussed their open infrastructure strategy and the layers of open source technologies they use to power their business, which includes both OpenStack and Kubernetes.

What’s next

That’s a strong finish for the Denver Summit, but we’re already thinking about our next run.

We’re taking the next Open Infrastructure Summit across the pond to Shanghai, China the week of November 4.

The post The Open Infrastructure Denver Summit: What you need to know appeared first on Superuser.

The post Case Study – Full-Stack Evaluation of a Private Cloud Solution appeared first on Aptira.

The post Case Study – Building a DevOps Toolkit for a Customised Kubernetes Deployment appeared first on Aptira.

The post Case Study – OpenStack Swift Deployment appeared first on Aptira.

Read full post.

DENVER — While many people who work in tech can point to a long and winding road, Jonathan Bryce may be one of the few who can say that cleaning toilets got him where he is today.

Bryce, now the executive director of the OpenStack Foundation, shared his story at the first Open Infrastructure Summit as a way to talk about the past and future of the organization. As a kid, he was very focused on music and his early interest in  computers was more or less just another hobby.

That changed a few years later in the mid 1990s.

“During a summer, I worked in San Antonio Texas at a commercial cleaning company cleaning toilets and office buildings and taking out trash for a company that one of my brothers was involved in,” he says. His brother asked if he would help get the company on this new-fangled thing called the world wide web. Could Jonathan create a website and get the company online?

“I got the idea that this commercial cleaning company needed a portal and a dynamic backend, so I built that for them,” he says. Some of their customers really liked this website and said, ‘hey how did you get that how can we do something similar?'”

It turns out that technology was actually a pretty good way to make money as a teenager, definitely easier than mowing lawns and cleaning toilets, “so this is when my life took a little bit of a turn towards towards technology.”

He later realized that technology alone was never going to be a long-term sustainable advantage. Introduced to open source while working at Rackspace, he realized that open source is not a marketing initiative or a business model, but “an innovation philosophy.”

Companies shouldn’t take on the burden of building all their technology alone, however. “Open collaboration is a powerful force for driving technology to change our lives and our world,” he says. With an open ethos, companies can add value by selling a product or using the software to improve internal operations and enhancing services to your internal and external customers.

He pointed to the hundreds of organizations present in the packed auditorium who are already doing so, including CERN, VEXXHOST and LeBoncoin.

If sharing responsibilities and code between outfits as different as a research center, a public cloud provider and an online classifieds startup sounds like a recipe for chaos, Bryce says consider OpenStack today. The global community is in the top three of most active open-source projects, has landed 19 on-time releases, counts thousands of users, millions of cores and a $6.1 billion commercial market.

OpenStack is one of the most successful projects in history, he says, because of the community and the problems it has set out to solve. The community that sprung up around OpenStack grew to over 100,000 people in almost every country on the planet (180) while expanding the kinds of activities people collaborate on.

#OpenInfraSummit is starting!! An amazing week with our communities, all about technology, collaboration and open source. @OpenStack @starlingx @katacontainers @ZuulCI @airshipproject pic.twitter.com/cY1lSKlnG1

— Ildiko Vancsa (@IldikoVancsa) April 29, 2019

Bryce adds, “I think all of these have created an incredible opportunity where individuals can influence the direction of our shared future in technology and our shared future as humans. Here we are focusing on one small but key aspect of those shared futures: how do we build the best infrastructure systems by collaborating across communities, companies, countries.”

A few examples of this collaboration without boundaries?  Bryce cites some project examples: Kubernetes paired with OpenStack, Zun as a virtual-kubelet, massive open cloud, Open Heterogeneous Computing Framework and Rust-vmm.

Welcome to the first #OpenInfraSummit pic.twitter.com/Sotkyw5KFM

— Stefano Maffulli (@smaffulli) April 29, 2019

“As we kick off this first Open Infrastructure Summit, that’s what I want to encourage all of us to do this week and over the coming months and years,” Bryce says, noting that 30 open source communities are participating at the Summit. “Let’s all bring our different perspectives, experiences, skills and contributions together to create something powerful, new, and useful and keep pushing our corner of the world to be more open and collaborative.”

Check out the full keynote here.

The post The Open Infrastructure Summit: What we’ve built and where we’re headed appeared first on Superuser.

The post Case Study – Introducing a New SDN Controller appeared first on Aptira.

DENVER — The Community Contributor Awards offer recognition to those who might not be aware that they are valued.

These awards are a little informal and quirky but still honor the extremely valuable work that everyone does to make the open infra community excel. These behind-the-scenes heroes are nominated at every Summit by other community members.

There were three main categories: those who might not be aware that they are valued, those who are the active glue that binds the community together and those who share their knowledge with others.

OSF’s upstream developer advocate Kendall Nelson runs the program and handed out the honors during the keynotes. More on the Denver honors below in the words of the community members who nominated them.

There was also special surprise award for Lauren Sell, former VP of OSF Marketing, for all her years of community building.

A fitting tribute for all the contributions @laurensell has made to the @OpenStack community! pic.twitter.com/nO9HtqDI8c

— Robert Cathey :: Open Infrastructure Summit (@robertcathey) April 29, 2019

The “Does anyone actually use this?” Award

Stig Telfer

He works tirelessly to shepherd and corral the Scientific OpenStack SIG. He’s always willing to pitch in with any OpenStack or open infrastructure-related meetup or event, going above and beyond every time. He’s continually putting in extra effort to further understanding of both OpenStack and Ceph at extreme scale, sharing learnings and results with the rest of the community, often engaging with upstream in order to help progress the quality of software that the rest of us get to use. He’s also one of the nicest, most honest people you’re ever likely to meet.

Bug Czar

For the individual who does the most to deal with the bugs no matter how big and ugly.

Sławek Kapłoński
He’s been on point for debugging and fixing a variety of Neutron gate failures during this cycle. Without him, we would have a bunch of bugs sitting around impacting our ability to merge code that all need triaging, debugging and fixing. Thankfully we have had him on deck to deal with that for us.
In particular bugs that end up affecting many tempest runs and represent a real bug in neutron failing to plug vifs properly on instances. Slaweq was able to debug this and get a fix sorted out
Like https://bugs.launchpad.net/neutron/+bug/1808171

Open Infrastructure Shield

For those who push to keep infrastructure projects compatible, open and available to everyone worldwide.

Allison Randal

She was instrumental in getting the project confirmation guidelines drafted and confirmed so the OSF pilot projects could become top-level projects. She lead countless discussions, readily answered questions in public forums and really guided the community through this process.
She has contributed to the future success of all OSF projects. This was not an easy or quick task – the entire community – from Kata and Zuul down to Airship and StarlingX and other open-source projects looking to be successful benefited from her hard work and leadership.

Friends of Mike Rowe, Doers of the Dirty Jobs

Like the TV series, these are hard-working people who earn an honest living doing the kinds of jobs that make civilized life possible for the rest of us.

Carlos Venegas Munoz and Marco Vedovati

Their work on releases and packaging is not super sexy, but super important and often thankless jobs.
Vedovati helped fix and improve the Open Build System (OBS) for Kata Containers.This was critical to make it easier to package Kata for multiple Linux distributions. He also volunteered as a Kat Herder to help the project work through and resolve issues. He made major contributions to the Kata Containers distribution build and packaging process – driving Kata integration into SUSE, as well as making significant improvements to Kata Containers release infrastructure and packaging for other distributions. He also volunteered as a weekly Kat Herder on several occasions to progress and resolve project issues.

Mentor of Mentors

For serious efforts in sharing knowledge with others. It’s easy enough to solve problem yourself, but teaching others how to solve problems is no easy feat.

Samuel de Medeiros Queiroz
It wouldn’t be fair to just recognize him for one thing since he has been contributing to the community for several years and in different ways. He’s been a really strong advocate on OpenStack in Brazil, being one of the referents in the whole of Latin America. He helped organizing OpenStack Days in Brazil, an event that has brought OpenStack to hundreds of individuals in Brazil and in the area. Every year this event has gained a lot of traction and helped lots of people to learn about OpenStack. He is also a great mentor, for Outreachy in the past and now acts as a coordinator for this internship continuing with the effort that started back in 2013. He’s also participated in other mentoring efforts, including the Women of OpenStack lunch and learn events and the Upstream Training. Last but not least, as an engineer he has made really important contributions to the Keystone project and made of that project what it is nowadays. He’s a great example of someone who loves the OpenStack community and deserves recognition.

Hero of the People

Some people stand up for the masses and work to make leadership better. Some people we are happy to call our hero. They make sure community members are heard and understood.

Ian Jolliffe
He’s attended 10 OpenStack Summits and is a member of the StarlingX TSC and he recently served as a member of the Edge Track Programming Committee for the Denver Summit. His contribution to the track included a focus on case studies and technical solutions, which also resulted in more 5G content, which is an emerging topic at the Summit.
Ian is on the StarlingX Technical Steering Committee, he is doing a great job on organizing the group and making sure they spend time on all relevant topics when they meet. He is actively representing the community on various industry events, has a great attention to detail and is nice to work with.

Bonsai Caretaker

These people keep pressing the button to feed the Tamagotchi, keeping it alive.

Gabriela Cervantes Tellez and Salvador Fuentes
They’ve both been fighting the fight and keeping our continuous integration up and running. It’s a thankless job and it’s also one of the most important factors in the success of the Kata Containers project.

The Giving Tree

Always around to give you what you need and help you keep moving forward.

James O. D. Hunt
He’s invested a lot of time in explaining new to contributors the steps needed to get their patches merged.
James is also likely the person that more than anybody else spend the time to make PRs advance (reviews, suggestions, pinging…) When new potential issues come out, he’s also been very proactive in tracking them in GitHub and pinging the relevant people for a opinion/solution.

The Key to Stack City

In some countries an ornamental key is presented to esteemed visitors, residents, or others whom the city wishes to honor. The Key to Stack City is reserved for those who have done much for OpenStack and are truly a friend to all those in the community.

John Dickinson
He not only binds the community together, for many he is the embodiment of the community. The longest running project team lead, a record that is very unlikely to ever be bested, he’s often a contributor’s first contact with Swift and always helpful and welcoming, whether on IRC or in person. He has undoubtedly had the most influence over Swift’s culture, working tirelessly to ensure that contributors’ perspectives and motivations are understood and represented. This both empowers contributors and allows him to recommend collaborators when he sees interests align. As a result, Swift’s community tends to have high levels of trust and camaraderie. John regularly challenges norms. Whether examining human processes, technical challenges, or even just the layout of a room, John is driven to find what works best for the community. While he will give consideration to what has worked for other teams (both within OpenStack and beyond it), he is willing to change tack if an idea doesn’t seem to be working out. He will not accept something “because that’s how it’s always been done.”

Stay tuned for news on when the next nominations open!

The post Open Infrastructure Community Contributor Awards: Denver Summit edition appeared first on Superuser.

DENVER — The OpenStack community and Superuser editorial advisors have weighed in on the finalists and chosen City Network  at the OpenStack Berlin Summit Superuser Awards, sponsored by Zenko.

VEXXHOST took the prize home for this edition. The company is a leading Canadian public, private and hybrid cloud provider with an infrastructure powered by OpenStack. VEXXHOST has been contributing to the OpenStack community since its second release in 2011.

.@vexxhost wins Superuser award at #OpenInfraSummit pic.twitter.com/Z0M7wTjSMa

— Robert Cathey :: Open Infrastructure Summit (@robertcathey) April 29, 2019

Previous winners City Networks presented the awards during the Monday keynotes.

Nominees for this round of awards included EnterCloudSuite, The National Supercomputer Center in Guangzhou (NSCC-GZ),  and Whitestack.

The Superuser Awards launched in 2014 to recognize organizations that have used OpenStack to meaningfully improve their business while contributing back to the community. Previous winners include AT&T, CERN, China Mobile, Comcast, NTT Group, Paddy Power Betfair and UKCloud.

Stay tuned for the next cycle of nominations as the Superuser Awards head to the Shanghai Open Infrastructure Summit!

The post And the Superuser Award goes to… appeared first on Superuser.

Conferences are valuable because they offer face time with customers, partners and industry colleagues, allowing us to share and learn a great deal in a short amount of time. We’re looking forward to Red Hat Summit 2019 for that very reason. This year, we’re featuring the story of Aeroméxico, which in three short years has […]

The post Aeroméxico Thrives with Rackspace and Red Hat appeared first on The Official Rackspace Blog.

The OpenStack Foundation announced that its Ironic software is powering millions of cores of compute all over the world, turning bare metal into automated infrastructure ready for today’s mix of virtualized and containerized workloads. Some 30 organizations joined for the initial launch of the OpenStack Ironic Bare Metal Program, and Superuser is running a series of case studies to explore how people are using it.

Platform9 customers have been using Ironic for more than two years; here, members of the team talk about the why they adopted it and what benefits they’ve seen.

First a little background on the San Francisco-based startup: Platform 9 provides a software-as-a-service-based service to deploy and operate OpenStack hybrid clouds for KVM, VMware and public cloud environments. Platform9’s SaaS platform helps customers get an OpenStack hybrid cloud in minutes. In addition, Platform9’s Managed Kubernetes service allows customers to deploy and run Kubernetes on any infrastructure of their choice: OpenStack, bare metal, VMware, Public clouds, or on the edge. Many of their customers’ workloads are suitable for running in virtualized environment, however some customer requirements/workloads require them to run on bare metal, bypassing the hypervisor.

Why did you select OpenStack Ironic for your bare metal provisioning in your product?

Internally within Platform9, our test teams need to provision and deploy our software for validation on a variety of hardware targets such as different hardware manufacturers (HPE, Dell etc), processor types (AMD, Intel), GPU resources (Nvidia), storage types (Optane), or special resources (SR-IOV, DPDK, etc.) This was a very manual and time-consuming process slowing down our software release velocity and impacting release schedules.

We selected OpenStack Ironic to address the above customer needs as well as our internal need to speed up our hardware testing process and deliver our services faster to our customers.

What was your solution before implementing Ironic?

Without Ironic, the whole process from racking and stacking a server to the time users get access to it would take weeks. Because of this, different teams would acquire those resources would assume “ownership” of them. If another team needed those resources with a different configuration, it would again take a lot of manual networking configuration, provisioning and deployment. So teams would often be reluctant to share those resources even if they were not being utilized fully.  This led to a lot of under-utilization and increased costs as different teams would either procure their own resources or wait around until the resource is released by another team.

With Ironic, on the other hand, the variety of hardware resources can be pooled together and when users need a specific type of bare metal resource such as a HP box with AMD processor, they can simply request that flavor that was discovered and provisioned by Ironic already and be able to instantly deploy their workloads on that server in a sef-service manner. Internally, Platform9 tried to solve this problem with Cobbler and a lot of homegrown automation.  This approach required a lot of time, effort and maintenance of the automation code which could have been better utilized on improving and adding value to our product.  Using Ironic simplified and streamlined the bare metal provisioning and automation of our testing environment.

What benefits does Ironic provide your users?

The biggest benefit is time savings, without a doubt.  With Ironic, the time to provision bare metal servers is orders of magnitude faster, going from weeks or months it used to take previously with manual methods to just under 20 minutes.  The effect this has on our testing times and consequently on improving our software release time lines is revolutionary. In our customer environments, a whole manual ticketing process that starts from racking and stacking, switch configuration, network configuration, server provisioning to Operation System deployment is all completely automated and replaced by a simple single-click self-service experience.

From an administration standpoint, Ironic also reduces management overhead significantly by providing a centralized operational console with complete visibility of all the resources in terms of their location (racks etc.) and their specific configurations (CPU, RAM, storage and special hardware such as GPU).  As a result, maintenance and updates also become fast and easy.  Another big benefit is repeatability, i.e. the ability to provision a bare metal server with exactly the same images and configuration, thus making it possible to treat them as “cattle” and the ability to swap them out without impacting availability or reliability in production.

And finally, as with other OpenStack projects, Ironic supports the notion of plugins so you can use any switch from Juniper, Cisco, Arista allowing the network automation (like virtual LAN configuration, for example) to be agnostic to whatever switches are being used.  This is extremely important from our product perspective as it allows us to easily integrate in various customer networking environments.

What feedback do you have for the upstream OpenStack Ironic team?

More documentation!  There are a lot of areas in the product that feel lightly documented.  Specifically which versions certain features are in.  The Ironic Inspector rules and modules were fun to kind of reverse engineer to figure out.

Learn more

You’ll find an overview of Ironic on the project Wiki.

Discussion of the project  takes place in #openstack-ironic on irc.freenode.net. This is a great place to jump in and start your ironic adventure. The channel is very welcoming to new users – no question is a wrong question!

The team also holds one-hour weekly meetings at 1500 UTC on Mondays in the #openstack-ironic room on irc.freenode.netchaired by Julia Kreger (TheJulia) or Dmitry Tantsur (dtantsur).

Stay tuned for more case studies from organizations participating in the initial launch of the program.

The post OpenStack Ironic Bare Metal Program case study: Platform9 appeared first on Superuser.

The OpenStack Foundation announced that its Ironic software is powering millions of cores of compute all over the world, turning bare metal into automated infrastructure ready for today’s mix of virtualized and containerized workloads. Some 30 organizations joined for the initial launch of the OpenStack Ironic Bare Metal Program, Superuser is running a series of case studies to explore how people are using it.

The European Organization for Nuclear Research, known as CERN, provides several facilities and resources to scientists all around the world, including compute and storage resources, for their fundamental research.

CERN has been using Ironic in production for about 18 months and it’s now the standard tool to provision all new hardware deliveries to their end users.  Team members tell us that they currently have around 2,000 nodes managed by Ironic, but aim to enroll the majority of their remaining 10,000 servers over the course of the next 12 months. Work to integrate the pre-production burn-in, the up-front performance validation, or the integration of retirement workflows is currently ongoing in collaboration with the upstream team.

Why did you select OpenStack Ironic for your bare metal provisioning?

For several years, the CERN IT department has been providing compute resources to the laboratory’s experiments and administrative services via an OpenStack-based private cloud. Ironic was the natural choice to complement the service’s offering of virtual machines and container clusters by physical machines: the users access physical resources via the same interfaces and workflows as they already do for virtual machines and containers.

What was your solution before implementing Ironic?

Before Ironic, the whole provisioning workflows were based on tools built in-house, with the corresponding man-power intensive maintenance workload. Part of these workflows have been now moved to Ironic, in particular the more user-facing parts. We’re actively working on moving additional workflows, such as the initial burn-in or performance verification and are doing so together with the upstream community.

What other technologies does your OpenStack Ironic deployment interact with?

One of the reasons we chose Ironic was that the APIs are identical to the ones used for virtual machines in Nova. As we have a substantial number of container clusters created via OpenStack Magnum, this interface similarity now allows for provisioning of (mostly Kubernetes) clusters on bare metal machines. Removing the additional virtualization tax is relevant for performance sensitive applications, such as the experiments’ analysis code, which run on our batch system.

What benefits does Ironic provide?

The CERN IT department provides resources to all Large Hadron Collider (LHC) experiments and needs to make sure that the provisioned resources are correctly accounted. The integration of physical resources into OpenStack via Ironic does not only allow for a simplification of the resource allocation, e.g. with respect to quotas, but also for streamlining the accounting process (since all accounting information will eventually come from a single source).

It’s one of the biggest machines in the world. But CERN scientists want an even bigger particle accelerator https://t.co/dUdBzULyEO pic.twitter.com/vTEcPjcFgx

— BBC World Service (@bbcworldservice) April 20, 2019

What feedback do you have for the upstream OpenStack Ironic team?

The Ironic team has been helpful to work with, both to first-time deployers who may have encountered issues or questions during the setup and new contributors who have needed clarifications or make suggestions to improve the code base. As an operator, we have particularly appreciated the balance between the constructive feedback when proposing a new feature and the need to maintain a code base which needs to consider also other use cases and backwards compatibility.

Learn more

You’ll find an overview of Ironic on the project Wiki.

Discussion of the project  takes place in #openstack-ironic on irc.freenode.net. This is a great place to jump in and start your ironic adventure. The channel is very welcoming to new users – no question is a wrong question!

The team also holds one-hour weekly meetings at 1500 UTC on Mondays in the #openstack-ironic room on irc.freenode.netchaired by Julia Kreger (TheJulia) or Dmitry Tantsur (dtantsur).

Stay tuned for more case studies from organizations participating in the initial launch of the program.

Cover image: © CERN

The post OpenStack Ironic Bare Metal Program case study: CERN appeared first on Superuser.

DENVER — OpenStack Ironic—the bare metal provisioning project—now manages millions of cores of compute all over the world, the tech equivalent of playing to a stadium crowd.

Thirty organizations banded together for the initial launch of the OpenStack Ironic Bare Metal Program, including vendors running some of the world’s largest OpenStack clouds.  They range from giants like Verizon Media and CERN to operators such as France’s leading online classified ads company, LeBonCoin.  Here’s a look at how two of them are using it and why they adopted it.

The @OpenStack Ironic mascot is a bear. Because BARE metal. I just got that. pic.twitter.com/din1sCn89h

— Pete Lumbis (@PeteCCDE) September 13, 2018

Ironic offers many benefits to cloud architects and administrators who need to harmonize bare metal instances. The software supports automating the entire server infrastructure life cycle of deployments, including updates and decommissioning. It delivers cloud-like bare metal infrastructure with multi-tenant networks to end users when used as a driver to OpenStack Nova. With a standard API, broad driver support and lightweight footprint, Ironic excels as a management engine for a variety of bare metal infrastructure use cases – as demonstrated by the newly developed Bare Metal Operator for Kubernetes. These features make it work for a wide range of use cases, from small edge deployments to large data centers.

Take, for example, VEXXHOST a leading Canadian public, private and hybrid cloud provider with infrastructure powered by OpenStack.

“Ironic enables customers to dynamically increase or decrease their hypervisors and they don’t have to run two ‘compute’ pools but one converged pool of compute which can be used both for virtual machines and/or bare metal,” says CEO Mohammed Naser adding that Ironic simplifies the management of their servers. His company now ships it as part of their private cloud product, making the entire infrastructure powered by OpenStack from the ground up.”We only build out three controllers which then manage all the bare metal infrastructure which you can use both as metal machines or leverage those servers as hypervisors,” he says.

#PixieBoots pic.twitter.com/zph5sSpT9T

— Julia Kreger (@ashinclouds) February 26, 2019

StackHPC, a startup focused on high-performance computing (HPC), software-defined networking (SDN), software engineering and OpenStack, has been users and developers of Ironic from the beginning. Ironic’s potential was apparent from its outset, says CTO Stig Telfer, and the team has been active in shaping some aspects of its evolution.

Clients in technical computing often have very different priorities in terms of trade-offs between performance and flexibility, he notes. The Bristol, UK-based company aims to develop solutions where Ironic is used in flexible ways, allowing clients to exploit the advantages offered by open infrastructure without sacrificing the performance they require.

StackHPC also uses Ironic as a standalone service (Bifrost) in Kayobe, their open-source deployment tool. Used in this way, Ironic provides the minimal subset of OpenStack needed to support deployment of private cloud control planes using Kolla and Kolla-Ansible.

Stay tuned to Superuser for more case studies —  like these from CERN and Platform9 — from the OpenStack Ironic Bare Metal Program.

Get involved

Read more about the latest Ironic updates and features in the recent Stein release and learn how to use and contribute to the project.

The community also formed a Bare Metal Special Interest Group (SIG) in February. Its mission is to make Ironic easy to operate and to evangelize the use cases and utility of the bare metal service. To get involved in the SIG, subscribe to the OpenStack Discuss mailing list or contact chris@openstack.org.

The post It’s showtime for the OpenStack Ironic Bare Metal Program appeared first on Superuser.

At StackHPC, our client requirements often take the form that we must deliver cloud-native infrastructure without making any sacrifice to existing levels of performance. This can be challenging at times, but would not be possible at all without OpenStack Ironic, the engine that makes software-defined bare metal work.

Ironic enables our clients to deploy on-premise high-performance computing infrastructure using the same methods they would use to deploy infrastructure in the cloud. This is driving a revolution in research computing infrastructure management.

The StackHPC team's commitment to Ironic is long and deep, and pre-dates the formation of StackHPC itself. Within StackHPC we have made it a core component of our expertise. At the Open Infrastructure Summit this week in Denver, check out StackHPC team member Mark Goddard's presentation of his recent work on deep reconfigurability of bare metal. And come along to our hands-on workshop, A Universe from Nothing to get familiar with Kayobe, our Ironic-centric deployment tool for Kolla-Ansible OpenStack. Both are on Tuesday afternoon.

We'll also be talking about our commitment to high performance computing (and no doubt touching on the role Ironic can play in delivering it) in John Garbutt's presentation Lessons learnt federating OpenStack powered supercomputers on Monday afternoon, and Stig Telfer's panel session HPC using OpenStack on Wednesday morning.

Finally, the Scientific SIG on Monday afternoon always includes a boat load of bare metal.

The RDO community is pleased to announce the general availability of the RDO build for OpenStack Stein for RPM-based distributions, CentOS Linux and Red Hat Enterprise Linux. RDO is suitable for building private, public, and hybrid clouds. Stein is the 19th release from the OpenStack project, which is the work of more than 1200 contributors from around the world.

The release is already available on the CentOS mirror network at http://mirror.centos.org/centos/7/cloud/x86_64/openstack-stein/.

The RDO community project curates, packages, builds, tests and maintains a complete OpenStack component set for RHEL and CentOS Linux and is a member of the CentOS Cloud Infrastructure SIG. The Cloud Infrastructure SIG focuses on delivering a great user experience for CentOS Linux users looking to build and maintain their own on-premise, public or hybrid clouds.

All work on RDO and on the downstream release, Red Hat OpenStack Platform, is 100% open source, with all code changes going upstream first.

Photo by Yucel Moran on Unsplash

New and Improved

Interesting things in the Stein release include:

• Ceph Nautilus is the default version of Ceph, a free-software storage platform, implements object storage on a single distributed computer cluster, and provides interfaces for object-, block- and file-level storage, within RDO (or is it the default without OpenStack?). Within Nautilus, the Ceph Dashboard has gained a lot of new functionality like support for multiple users / roles, SSO (SAMLv2) for user authentication, auditing support, a new landing page showing more metrics and health info, I18N support, and REST API documentation with Swagger API.

• The extracted Placement service, used to track cloud resource inventories and usages to help other services effectively manage and allocate their resources, is now packaged as part of RDO. Placement has added the ability to target a candidate resource provider, easing specifying a host for workload migration, increased API performance by 50% for common scheduling operations, and simplified the code by removing unneeded complexity, easing future maintenance.

Other improvements include:

• The TripleO deployment service, used to develop and maintain tooling and infrastructure able to deploy OpenStack in production, using OpenStack itself wherever possible, added support for podman and buildah for containers and container images. Open Virtual Network (OVN) is now the default network configuration and TripleO now has improved composable network support for creating L3 routed networks and IPV6 network support.

Contributors

During the Stein cycle, we saw the following new RDO contributors:

• Sławek Kapłoński
• Tobias Urdin
• Lee Yarwood
• Quique Llorente
• Arx Cruz
• Natal Ngétal
• Sorin Sbarnea
• Aditya Vaja
• Panda
• Spyros Trigazis
• Cyril Roelandt
• Pranali Deore
• Grzegorz Grasza
• Adam Kimball
• Brian Rosmaita
• Miguel Duarte Barroso
• Gauvain Pocentek
• Akhila Kishore
• Martin Mágr
• Michele Baldessari
• Chuck Short
• Gorka Eguileor

Welcome to all of you and Thank You So Much for participating!

But we wouldn’t want to overlook anyone. A super massive Thank You to all 74 contributors who participated in producing this release. This list includes commits to rdo-packages and rdo-infra repositories:

• yatin
• Sagi Shnaidman
• Wes Hayutin
• Rlandy
• Javier Peña
• Alfredo Moralejo
• Bogdan Dobrelya
• Sławek Kapłoński
• Alex Schultz
• Emilien Macchi
• Lon
• Jon Schlueter
• Luigi Toscano
• Eric Harney
• Tobias Urdin
• Chandan Kumar
• Nate Johnston
• Lee Yarwood
• rabi
• Quique Llorente
• Chandan Kumar
• Luka Peschke
• Carlos Goncalves
• Arx Cruz
• Kashyap Chamarthy
• Cédric Jeanneret
• Victoria Martinez de la Cruz
• Bernard Cafarelli
• Natal Ngétal
• hjensas
• Tristan de Cacqueray
• Marc Dequènes (Duck)
• Juan Antonio Osorio Robles
• Sorin Sbarnea
• Rafael Folco
• Nicolas Hicher
• Michael Turek
• Matthias Runge
• Giulio Fidente
• Juan Badia Payno
• Zoltan Caplovic
• agopi
• marios
• Ilya Etingof
• Steve Baker
• Aditya Vaja
• Panda
• Florian Fuchs
• Martin André
• Dmitry Tantsur
• Sylvain Baubeau
• Jakub Ružička
• Dan Radez
• Honza Pokorny
• Spyros Trigazis
• Cyril Roelandt
• Pranali Deore
• Grzegorz Grasza
• Bnemec
• Adam Kimball
• Haikel Guemar
• Daniel Mellado
• Bob Fournier
• Nmagnezi
• Brian Rosmaita
• Ade Lee
• Miguel Duarte Barroso
• Alan Bishop
• Gauvain Pocentek
• Akhila Kishore
• Martin Mágr
• Michele Baldessari
• Chuck Short
• Gorka Eguileor

The Next Release Cycle

At the end of one release, focus shifts immediately to the next, Train, which has an estimated GA the week of 14-18 October 2019. The full schedule is available at https://releases.openstack.org/train/schedule.html.

Twice during each release cycle, RDO hosts official Test Days shortly after the first and third milestones; therefore, the upcoming test days are 13-14 June 2019 for Milestone One and 16-20 September 2019 for Milestone Three.

Get Started

There are three ways to get started with RDO.

To spin up a proof of concept cloud, quickly, and on limited hardware, try an All-In-One Packstack installation. You can run RDO on a single node to get a feel for how it works.

For a production deployment of RDO, use the TripleO Quickstart and you’ll be running a production cloud in short order.

Finally, for those that don’t have any hardware or physical resources, there’s the OpenStack Global Passport Program. This is a collaborative effort between OpenStack public cloud providers to let you experience the freedom, performance and interoperability of open source infrastructure. You can quickly and easily gain access to OpenStack infrastructure via trial programs from participating OpenStack public cloud providers around the world.

Get Help

The RDO Project participates in a Q&A service at https://ask.openstack.org. We also have our users@lists.rdoproject.org for RDO-specific users and operrators. For more developer-oriented content we recommend joining the dev@lists.rdoproject.org mailing list. Remember to post a brief introduction about yourself and your RDO story. The mailing lists archives are all available at https://mail.rdoproject.org. You can also find extensive documentation on RDOproject.org.

The #rdo channel on Freenode IRC is also an excellent place to find and give help.

We also welcome comments and requests on the CentOS mailing lists and the CentOS and TripleO IRC channels (#centos, #centos-devel, and #tripleo on irc.freenode.net), however we have a more focused audience within the RDO venues.

Get Involved

To get involved in the OpenStack RPM packaging effort, check out the RDO contribute pages, peruse the CentOS Cloud SIG page, and inhale the RDO packaging documentation.

Join us in #rdo on the Freenode IRC network and follow us on Twitter @RDOCommunity. You can also find us on Facebook and YouTube.

Airship is getting ready to reach a milestone on its 1.0 voyage at the Open Infrastructure Summit Denver next week. A year after launching, the team is putting the final touches on its first release with a wide range of enhancements to security, resiliency, continuous integration and documentation, as well as upgrades to its platform, deployment and tooling features.

Airship is a collection of loosely coupled but interoperable open source tools that declaratively automate cloud provisioning. (Although the name brings to mind a dirigible, Airship tools are nautically themed.) It serves as a robust delivery mechanism for organizations that want to embrace containers as the new unit of infrastructure delivery at scale.

Starting from bare metal, Airship manages the full life cycle of infrastructure to deliver a production-grade Kubernetes cluster with Helm-deployed artifacts, including OpenStack-Helm. One workflow handles both initial deployments as well as future site updates. In managing your infrastructure, Airship has several goals:

• Simplicity: Infrastructure is managed through declarative YAML files and there’s one workflow for both deployments and updates. Airship doesn’t require operators to develop their own set of complex orchestration tooling to automate Airship.
• Flexibility: Containers and Helm charts are the basic unit of deployment for all software including Airship itself, pushing software orchestration logic to the edge. Expanding the software stack is as simple as adding new charts to Airship declarations.
• Repeatability: Platform state including all versions are specified declaratively, and Airship, Helm, and Kubernetes align containers, dependencies, and configuration in the same way every time.
• Resiliency: All jobs and services are run as containers, provide health status, and are healed by Kubernetes supervision – taking full advantage of native Kubernetes resiliency.
• Self-hosting: The Airship components themselves are deployed as Helm charts and run as services within Kubernetes. This allows them to be upgraded like any other software component in the system.

If you want to get started with Airship, there are several great ways to get moving:

• If you’re at the Open Infrastructure Summit next week, check out these sessions including users like AT&T running Airship in production as well as opportunities to join contributor onboarding.
• The Airship in a Bottle project gives you a complete all-in-one testing and development environment to give you basic, hands-on experience.
• When you’re ready to deploy to your data center, the Treasuremap outlines the configuration of a reference architecture. With nightly integration testing against the configuration guidelines, you can be certain that Treasuremap gives you an accurate view of how to configure and deploy Airship.

Airship has an active and welcoming community, with weekly development, design, and program meetings open to all. For immediate conversation with Airship developers and deployers, stop by the #airshipit IRC channel on Freenode, and keep up to date on the latest news with the Airship mailing list. The team will also be at the Open Infrastructure Summit in Denver during the week of April 29. There are over 10 sessions planned including:

• Lessons Learned running open infrastructure on bare metal Kubernetes clusters in production
• Bare metal provisioning in Airship, or “Ironic: it’s not just for OpenStack anymore”
• Securing your cluster network using Calico and OpenStack Helm Infra
• An Airship project update
• Airship project onboarding

We’re looking forward to sharing this exciting new release with you. Keep your eyes on the horizon in the coming week for more news, live demos and presentations from the Airship community. Find out more at the airshipit.org and join us at the Open Infrastructure Summit!

The post Airship: 1.0 ready to dock appeared first on Superuser.

Welcome to the latest edition of the OpenStack Foundation Open Infrastructure newsletter, a digest of the latest developments and activities across open infrastructure projects, events and users. Sign up to receive the newsletter and email community@openstack.org to contribute.

OpenStack Foundation project news

OpenStack

OpenStack Stein was recently released but the community is already onboard for the next release, Train, scheduled to arrive in October. At next week’s Summit in Denver, you can join open design discussions at the Forum during the Open Infrastructure Summit. Etherpads will be used for collaborative note-taking during those sessions. Then various contributor teams will take advantage of the Projects Team Gathering event to meet and discuss how to organize the upcoming work.

The process to select community goals for the Train release is almost complete: check out the two proposed cross-team goals (PDF docs generation support and IPv6 testing in the gate) and learn about the proponents driving them.

StarlingX

StarlingX was one of the projects with the second largest presence at the ninth Open Source Hackathon that took place in Shenzhen, China, April 18 – 20. During the hackathon, the community worked on bug fixes and discussed new features for the projects. You can check out their progress on the event Etherpad.

Zuul

Zuul 3.8.0 has been released and includes an important security update. Users should upgrade to this version. More information can be found on the release announcement.

Meet the Zuul community at the Open Infrastructure Summit, April 29 – May 1 in Denver, Colorado. Topics include a project update and opportunities to hear from users of Zuul across a variety of communities, technologies and industries (Airship, Finance, Kubernetes, OpenLab, SR-IOV).

Kata Containers

Kata Containers testing and packaging is powered by a diverse ecosystem of infrastructure donors including AWS, Google Compute Engine, IBM, Microsoft Azure, openSUSE Open Build Service, PackageCloud, Packet and Vexxhost, an OpenStack-powered public cloud. The Kata project runs continuous integration (CI) in the cloud for a few reasons. First, maintaining its own infrastructure was not a viable option for an open and distributed development team. Secondly the community wanted to make sure that Kata Containers runs properly on different clouds, so the CI is run using the services of multiple cloud service providers. Learn more about how Kata manages testing in this post.

Next week the Kata community is excited to gather at the Open Infrastructure Summit and PTG in Denver to discuss container security and collaborate with other projects. See the full lineup of Kata talks here.

Open infrastructure community events

Hope to see you in at the Open Infra Summit in Denver. Afterwards, here’s where you can catch up with the global community:

• Network Virtualization & SDN Europe on May 21-23. You’ll find Ildiko Vancsa, the OSF’s ecosystem technical lead, at at these sessions.
• CERN is hosting an OpenStack Day event on May 27, 2019 where you’ll take a deep dive into OpenStack for science and research.
• At the Edge Cloud Summit 2019 in Paris, you’ll find Vancsa heading up a session called “If It’s Edge, It’s Open Infrastructure.”
• On June 11-12 check out the OpenInfra Days Poland, featuring speakers from OVH, Suse, the OSF and more.

Questions / feedback / contribute

This newsletter is edited by the OpenStack Foundation staff to highlight open infrastructure communities. We want to hear from you!
If you have feedback, news or stories that you want to share, reach us through community@openstack.org . To receive the newsletter, sign up here.

The post Inside open infrastructure: The latest from the OpenStack Foundation appeared first on Superuser.

In our last post, we discussed why software development (and managing software development projects) is so hard. In this Part 6 of the Open Networking Software Interlude, we look at the generic paradigms for building things and use that to compare those of the different areas we encounter in Open Networking. 

Open Networking integrates together many practices, technologies, occupations and even organisational units which have previously been quite distinct and separate. Bringing these together highlights some intrinsic differences in approach, and understanding these differences enables us to manage them.  

Preliminary – the three elements of building things 

Humans have a long history of “building things”, be they civil engineering projects (e.g. Suez and Panama Canals), religious edifices (e.g. the Pyramids of Giza or Christian Cathedrals) or new industrial products (e.g. the Model T Ford), or even relatively commonplace modern projects such as multi-story skyscrapers or the development of new software products. 

Throughout this history, there have been many different approaches to how these new things got built. One differentiator is the “stuff” from which these new things were built: stone or steel or concrete or software. 

Another differentiator is the arrangement and relationship between three key elements of each project: “design”, “production” and “management”. 

• Design: the analysis of needs and the specification of both a thing to be built and (where appropriate) the processes and mechanisms for building it; 
• Production: the processes and mechanisms for building the new thing (think: a manufacturing line in a factory); and 
• Management: the control of the end to end process, procurement and assignment of resources etc (Henry Fayol and successors) 

It is beyond the scope of this post to go into this in great detail, but in summary the historical evolution of development has resulted in the progressive separation of “design”, “production” and “management”. 

This ranged from prehistorical times, when all three were essentially merged into one entity, typically including a king or head of state (often equated with a “god in human form”), to modern industrial processes, in which all three are progressively disaggregated and separated along multiple dimensions (professional, organisational and legal/administrative). 

This progression continued steadily until the invention of software development. 

Early approaches to software were based on non-software industrial and engineering processes in which these three elements were quite distinct and separated. This led to the rules-based and serialised implementation strategies (e.g. the Waterfall) which were efficient from a management perspective and well-understood based on established practice. 

But we all know how troublesome that has been (and remains) in software development projects. 

This has changed in the last 20 years or so. Whilst agile has introduced many things, one of the fundamental paradigm shifts in agile software development has been to re-integrate “design” and “production” into the same process, organisational and management structures. 

“Theory Building” and Design 

From the idea that software development is largely about building a theory about a problem and the solution, it isn’t too far a step to generalise this very technical and specific activity into a very common one: design. 

The term “design” has many meanings but at its core it is a problem-solving exercise intended to create a solution that meets many requirements. 

By aligning the idea of “theory building” in programming to the idea of design generally, we can take a perspective on software and software development that compares and aligns it with other productive activities and the fundamental breakdown into “design” and “production”. 

In software development, “design” and “production” are integrated into the one process: the more tightly integrated are, in practice, the better the software development process works. And the more separated they become, on balance, the less successful the process is. 

Contrast this with an industrial process, for example the mass market products domain. Here, a product is designed and then a factory manufactures many copies of this design: there is very little overlap between the two phases and each phase is performed by different people or groups: even different organisations.  

The post Software Interlude. Part 6 – Development Paradigms appeared first on Aptira.

You’ll get the big picture with keynotes, then dive in with the working group or up to speed over lunch with diversity and inclusion efforts in the community at the Open Infrastructure Summit. But wait, there’s more: This is the second Summit after the pivot from the Women of OpenStack (WOO) to a focus on diversity. Here’s a look at all the events on the agenda for Denver:

Speed Mentoring lunch

If you’re new to open infrastructure or would like some mentoring, this session is a great icebreaker and a way to get know new and experienced people in the open-source community. The Intel-sponsored session will be divided between career, technical and community mentoring. Mentees will be organized into small groups and each group will have several 15 minute mentoring sessions. In your small group, you’ll get to know a bit about a mentor and have an opportunity to ask them a question or two about how you can grow your career, get involved in the community, and make the most of the summit. Then, after 15 minutes, a new mentor will cycle to your group and the process will repeat. If you want to mentor, just indicate that when you RSVP.
Details here.

Diversity Networking lunch

Join the Diversity Working Group for lunch to meet and network with the open source community to discuss best strategies for supporting each other. Sponsored by IBM, the group will celebrate accomplishments over the past year, break into small groups to discuss updating our initiatives and discuss other topics related to diversity and growing our community.
Details here.

“Chasing Grace” screening

Join Jennifer Cloer, the executive producer and director of the “Chasing Grace” project for a private screening of episode two, “Progress and the Power of Community.”This episode will explore where progress happens – in the individual stories of women who have started companies, nonprofit organizations and women-in-tech groups. The challenges they face when they do stand up, speak out or challenge the status quo will also be explored to understand where we’re failing so that we may accelerate progress. Details here.

Diversity and Inclusion Survey: Results

The OpenStack Diversity and Inclusion WG conducted a six-month long survey to learn more about the members of our community. The results have been anonymously compiled by members of the CHAOSS project, a Linux Foundation project focused on creating analytics and metrics to help define community health. This session will share those results.
Details here.

The Diversity and Inclusion Working Group is meeting up during the event; you can check out the events and biweekly meeting schedule for the Diversity and Inclusion WG here.

The post Get involved with diversity and inclusion events at the Denver Summit appeared first on Superuser.