OpenStack: An Overview

OpenStack is a cloud operating system that uses pooled virtual resources to build and manage private and public clouds. This article explains how it works, and gives a detailed overview of a few of its components.

As per Wiki, OpenStack was developed in 2010 as a joint project between Rackspace Hosting and NASA. Since 2012 it is being managed by the OpenStack Foundation, a non-profit corporate entity established in September 2012 to promote OpenStack software and its community. By 2018, more than 500 companies had joined the project. The OpenStack Foundation was renamed the Open Infrastructure Foundation in 2021.

The first open source version of OpenStack was Austin, which had three services. Currently, we have a Yoga version with 38 different services. Figure 1 shows the entire architecture of OpenStack with its nine components. Let’s discuss these in detail.

Dashboard: Here, the Horizon service is responsible for managing OpenStack using the console.

Identity service: Keystone is the service that carries out authentication and authorisation with the help of the AMQP service. This service is also responsible for creating and managing users, roles, domains and projects.

Users: The identity service validates the requests that are made by OpenStack users. It uses tokens to provide user role information to access specific project resources.

Projects: A project is a group of resources (i.e., users, networks, images, volumes, etc). Projects help to isolate and group identity objects and project resources. Depending upon the requirement, a project can be mapped to a customer, account, organisation or development environment.

Domains: A domain defines the administrative boundaries of identity service entities. A domain can have one or more users, groups and projects. In a multi-tenant cloud, multiple identity providers providing authentication and authorisation service can be each associated with a separate domain. Resources associated with one domain cannot be shared or accessed in other domains.

OpenStack networking: This service is called Neutron, and is used for networking the entire OpenStack. It provides SDN features like IP, subnet, routing, etc. OpenStack networking ships with multiple plugins and agents, Cisco virtual and physical switches, Open vSwitch, OVN, and others. Common agents are L3 and DHCP.

Block storage: Known as Cinder, this component is responsible for providing volume based storage to an instance. We can take snapshots for backing up data, either for restoring data or to create new block storage volumes.

Compute service: Nova is the service responsible for sharing CPU and memory to the required instances. It is a distributed service and interacts with the identity service for authentication, image service for images, and dashboard as a web-based user interface.
Image service: Glance is an image service that provides an AMI, VMDK, QCOW2, Docker, and image format, which can be used to launch the instances. These images can be used as templates when setting up new instances.

Object storage: This service is known as Swift, and helps to store data as an object over the bucket, which can be privately or publicly accessed. The object store architecture is distributed to allow for horizontal scaling, and to provide redundancy as a design to avoid failure or object loss.

Telemetry service: Ceilometer is the service used to check the metrics values of instances or resources that are currently used. These can be used for internal billing purposes or can be used to trigger an event. For example, we can achieve autoscaling of instances using Ceilometer + Heat template (HOT).

Orchestration service: Heat is a template based service, which helps to launch instances in an automated manner using HOT template.

If you already have some knowledge of AWS, then its easy to understand the OpenStack components and their use cases. Table 1 will help you to compare and understand both the cloud technologies.

For more detailed information on OpenStack, do visit https://www.openstack.org/.