RUVDS introduces new Huawei FusionSphere OpenStack virtualization systems

RUVDS has recently become an official partner of Huawei, and now we are implementing a new virtualization system for us in order to provide our customers with access to the most up-to-date cloud technologies, to provide flexibility in choosing a cloud solution for the corresponding client, high reliability and security. This experience is new and interesting for us and we decided to share it with the readers of our blog. Here is the first of a series of articles about Huawei FusionSphere OpenStack.


FusionSphere virtualization platform
The architecture of the cloud platform Huawei FusionSphere OpenStack is presented in Fig. 1-1.
Fig. 1-1 Huawei Cloud Platform Architecture

Huawei FusionSphere OpenStack is an enterprise-class OpenStack platform based on the original OpenStack, revised and enhanced by Huawei. The FusionSphere cloud data center solution includes the FusionCompute component of OpenStack to support a variety of OpenStack services, such as Keystone, Nova, Cinder, Neutron, Glance, Ceilometer, Heat and Ironic, as well as providing comprehensive O & M functions.

• Basic service capabilities: FusionSphere OpenStack supports basic installation, deployment, and O & M capabilities, including log management, time management, backup and recovery, updating, and patching.
• OpenStack features: based on the original OpenStack, Huawei has expanded its capabilities with the use of computing plug-ins, network plug-ins and storage plug-ins, as well as implemented virtualization of computing, storage and network. FusionSphere OpenStack centrally plans and administers virtual resources through unified interfaces, thereby reducing operating costs (OPEX) and ensuring high security and reliability of the system. It also makes it much easier for telecom operators and other enterprises to build protected, environmentally friendly and energy-efficient cloud data centers.

Huawei cloud platform contains the following management nodes.

• OpenStack Management Host: supports compute plugins, network plugins and storage plugins, virtualizes computing, network and storage resources, and also provides unified interfaces.
• FusionManager node: provides access to resources and configuration, control and maintenance functions.
• FusionCompute control node: provides basic virtualization features.

It virtualizes servers, storage devices and network devices, and also provides interfaces for interacting with FusionSphere OpenStack. Each FusionCompute system is controlled by a pair of Virtual Resource Management (VRM) nodes operating in active / standby mode. One FusionCompute system manages a physical cluster (also called an object or site). Multiple physical servers of a physical cluster can be combined into a resource cluster (also called a resource pool with HA function). In a single pool of computing resources, uniform resource planning policies are in place. To ensure that the scheduling policies associated with dynamic migration work, it is necessary that the physical server CPUs in the resource pool belong to the same generation. The compute resource pool does not include network and storage resources. A single physical cluster can contain multiple resource clusters.
The services and nodes of the FusionSphere OpenStack solution are shown in Figure 2. 1-2.
Fig. 1-2 Services and FusionSphere OpenStack Solution Nodes

This image shows the following services and sites:

• Glance: stores and restores VM disk images. The Glance service is used in FusionSphere OpenStack to generate instances.
• Cinder: Provides reliable block storage for running instances. The creation and management of block storage is facilitated by the availability of removable drives.
• Nova: manages the lifecycle of compute instances in an OpenStack environment, for example, creating packages of instances, as well as scheduling or stopping instances on demand.
• Neutron: provides APIs for network connections and addressing.
• VRM node: manages virtual resource pools.
• Computing Node Agent (CNA; manages computing resources)

.
The Nova-compute driver provides FusionSphere OpenStack with features provided by FusionCompute, including dynamic migration, HA, distributed resource planning (DRS), and QoS for the CPU.
The Cinder-volume driver provides FusionSphere OpenStack interoperability with any storage certified for FusionCompute compatibility, as well as FusionStorage management through FusionCompute, providing a cost-effective storage solution applicable to large cloud-based data centers.
FusionCompute connects to the Ceilometer and sends the VM control information to the Ceilometer. Thanks to this, tenants can use the monitoring and alarm functions of the Ceilometer, as well as the flexible scaling function Heat.
The FusionCompute component, which includes the Open vSwitch Agent (OVS), connects to Neutron, so it can use the Neutron ecosystem for seamless integration with third-party network services.
Due to the presence of Nova and Cinder drivers, as well as the Glance bypass mechanism, FusionSphere OpenStack supports image storage in third-party NFS or S3 systems, thereby ensuring high parallelism and performance of image services, as well as eliminating the Glance service bottlenecks. In addition, FusionCompute supports interaction with its own Glance to serve images.
Cloud Formation Services (CPS; Cloud Provisioning Service) provides basic functions such as installing hardware without an operating system and deploying OpenStack software. There is also a graphical user interface (GUI) that simplifies the deployment and configuration of OpenStack.

Administration and control of FusionManager resources
Data center resources are managed by Huawei's FusionManager control system, part of the FusionSphere solution. FusionManager provides a variety of resource pool management functions using the “Northern” APIs provided by OpenStack, and also provides hardware management functions using built-in hardware management submodules.
The place of the FusionManager in the FusionSphere solution is shown in Fig. 1-3.
Fig. 1-3 Place FusionManager in the solution

FusionManager provides the following features.

• External network management

Allows users to create, view, and delete external networks connected to OpenStack.

• Host Management

Allows users to query and control information about hosts, to obtain information about the operation of a host for a specified period of time (specified in days or weeks).

• VM Performance Management

The user can configure, query and delete VM specifications, as well as specify the VM startup mode.

• Image Management

The user can create, download, delete, modify and export images.
FusionManager supports various image formats, including ISO, RAW, QCOW2, VMDK, VHD and AMI.

• Alarm management

1. Displays all system alarms. After eliminating the fault, the alarm is automatically reset.
2. The user can reset alarms manually and export information about them.
3. The user can set the severity of the alarms, including the levels “critical”, “major” and “minor”.
4. User can mask alarms. Masked alarms are not issued.
5. Allows the issuance of alarms to third-party systems by e-mail, in short messages or by the Simple Network Management Protocol (SNMP).
6. Provides users with the ability to collect a variety of alarm statistics, including facility information, time, and severity. Alarm statistics allow you to analyze alarms, trends and failures, as well as prevent failures.

• Performance monitoring

- Monitors the performance of hosts and VMs.
- Controls the level of CPU, memory and storage for hosts and VMs.

• Reporting

- Provides reports on monitoring of hosts and VMs, both archived and in real time.
- Allows users to request reports generated for specific periods of time, for example, per day, week or month.
Information about server control contains the following information:
- Alarm statistics
- CPU utilization factor
- memory usage
- The amount of incoming and outgoing network traffic
- Load on disk I / O and disk usage
The storage control information contains the following information:
- Alarm statistics
- Mount status
- Total volume
- Allocated volume and available volume
Network control information contains the following information:
- The amount of incoming and outgoing network traffic
- Port status
- Traffic through ports
Information about the VM control contains the following information:
- VM status
- CPU utilization factor
- memory usage
- The amount of incoming and outgoing network traffic
- Load on disk I / O and disk usage

• Open APIs

FusionSphere provides open APIs for transferring alarm data to external systems.
- Alarm Request Interfaces (HTTP REST):

• Query list and alarm status
• Request resources with alarms

- Alarm Subscription Interfaces (HTTP REST)
- Alarm Transmission Interfaces (SNMP)
')
The main functions of FusionSphere
Compute virtualization
The FusionSphere system uses a bare-metal (non-OS) architecture to virtualize server computing resources. One server can be virtualized as several separate virtual servers, which can improve the use of server resources and simplify system management.
The FusionSphere system supports VM affinity accounting (VM affinity), allowing you to host different VMs on different servers according to specified rules in order to implement VM mutual support or configure active and standby VMs, which increases the cost-effectiveness of the solution.

• Affinity Mutual Placement (Location Affinity)

• Capability Affinity: on non-uniform memory access (NUMA; non-uniform memory access) nodes are organized on physical servers to increase the efficiency of CPU access to memory. The CPU and the memory used by the VM (guest) memory are grouped into NUMA nodes, depending on the efficiency of the memory access of the CPU. Maximum CPU access to memory is achieved in the case of memory access within its own NUMA node. When creating a VM, FusionSphere preferably allocates the CPU and memory resources required for that VM on a single NUMA node, thereby reducing memory latency and improving memory performance.

VM Resource Management
Users can create VMs using a VM template or from scratch and manage clustered resources, including automatic resource scheduling, VM management (creating, deleting, starting, stopping, restarting VM, putting a VM into sleep mode and exiting it), manage storage resources (regular and shared disks), and manage VM security.
FusionSphere also supports VM and VM high availability (HA) live migration.
Using FusionSphere, users can set the number of virtual CPUs (vCPUs), memory size, network cards (NICs), as well as the connection status and volume disconnection.
Network virtualization
FusionSphere supports the following network virtualization features:

• Network bandwidth control with QoS
• Distributed Virtual Switches (DVS; Distributed Virtual Switch)
• SR-IOV (Single-Root I / O Virtualization) interface support for enhanced network processing performance
• Connecting to the OpenStack Neutron Network

Storage Virtualization
FusionSphere supports Huawei FusionStorage distributed storage software, as well as disk arrays such as fiber channel storage network (FC SAN) and IP SAN storage.
Virtual Data Center Management
To simplify the configuration of services in the FusionSphere system, various templates and specifications are provided.
Private cloud is completely isolated from all VMs not hosted in this private cloud. An enterprise can request VPCs on a public cloud platform and use independent IP addresses and subnets in this VPC. In addition, in order to separate subnets in VPCs and separate subnets from external networks, an enterprise can use the rules of the access control list (ACL) of physical firewalls.
Users can request the creation of a security group based on the VM security requirements and set access rules for the security group. After adding a VM to a security group, this VM is subject to established rules. Security groups allow you to securely isolate VMs and control access to them, which increases VM security.
The elastic IP address allows users to use a fixed public IP address to access the VM that this public IP address corresponds to.
Manage multiple data centers
If an enterprise or carrier has several data centers located in different regions, the cascading technology OpenStack helps organize the centralized management and maintenance of several data centers.

FusionSphere OpenStack Reliability
The data center virtualization solution ensures the reliability and continuity of service for various system components, including servers, storage, network and virtualization.
High Availability (ON) OpenStack
The reliability of OpenStack is determined by the reliability of the services provided by OpenStack, namely:

• The reliability of the REST service (Representational State Transfer; “transfer of the state of representation”) API, which provides users with continuous API service provision.
• Reliability of the database service to ensure the integrity of user configuration data and the continuity of service.
• Reliability of service connections, providing continuous communication between components.

Virtualization Reliability
Virtualization is the primary mechanism for running a data center. After virtualization with FusionSphere, the data center supports VM and VM HA dynamic migration functions to ensure the continuity of service operations, and also supports the creation of snapshots of VMs and volumes to quickly recover the system when a problem occurs.
Control reliability
All FusionSphere control modules are deployed to work in active / standby mode or load balancing mode, which ensures high system reliability.
FusionSphere supports control of physical servers, software, and resources, and provides a variety of troubleshooting options. FusionSphere collects information about the main performance indicators of servers, such as CPU utilization, main network traffic and memory data. Thus, it checks the state of the system and when it detects such malfunctions as processor exceptions, failure of control and storage channels, node failure, or overload of system resources, it issues alarms. These alarms can be reset by the system automatically or must be promptly processed by the administrator.
All physical servers in the FusionSphere system use black box technology, which enhances the ability to eliminate failures. If system exceptions occur, it automatically saves the kernel logs, system snapshots, kernel diagnostics information and recent messages in a non-volatile storage device such as a compute node, or uploads this information to a network server, such as a log server. With this technology, users can quickly analyze the black box logs, find the causes of faults and eliminate them.
All OpenStack services are deployed in active-active or active-standby mode to provide redundancy.
Server reliability
In FusionSphere, server reliability is ensured by the following measures:

• Real-time temperature control of major heat-generating and heat-removing components, such as CPU, memory, fans, power supplies and hard drives. When a failure occurs, an alarm is issued.

• Intelligent fan speed control and management.

• The ability to hot swap hard drives, the use of RAID arrays and the detection of failures of working hard drives with warnings.

• Redundant power supplies under the scheme 1 + 1 and the possibility of hot-swappable.

Storage reliability
Data center virtualization typically uses centralized shared SAN storage devices. Huawei FusionSphere supports autonomous migration of storage (cold migration) and dynamic resource scheduler (DRS; Dynamic Resource Scheduler) based on storage input / output operations.
FusionSphere also supports the multipathing function for storage. At least two fully redundant paths are formed between each computing node and the storage cluster. As a rule, eight paths are installed between the VM and the storage device, which significantly improves the reliability of the storage network.
In addition, at least two controllers are used to ensure the reliability of physical connections in SAN storage devices, and hot-spare disks are used for backup and recovery.
The FusionStorage system stores data in the form of several identical copies on different servers or disks. Therefore, the failure of a single hardware device does not interrupt service. In addition, the FusionStorage system uses a highly reliable copy technology, ensuring the identical copies of data.
Network reliability
The cloud data center network is configured with a physical backup of all network links. Access switches can be stacked to create redundant connections between physical servers, aggregation switches, and the virtual network layer. At the virtual network level, at least two NICs of one server are combined into a logical NIC, thereby preventing service interruptions due to the failure of one NIC.
On each of the interaction planes (services, storage and management) there are two NICs combined into one logical NIC and operating in connected mode. This structure allows the separation of access traffic between servers and ensures reliable operation of the NIC.

In the next article we will look at the planning of computing resources, the required number of servers and storage resources.