Tuesday, May 7, 2013


I figure it's time to finally get back to writing posts about nerd stuff, and so I'll start with adventures in openstack.

I've been kind of like a dog with a grape when it comes to openstack:  I'm sure it does something cool, I just can't figure out where to start or what the cool thing might be exactly.

The big issue for me was that openstack solved a seemingly narrow problem: managing the infrastructure for a virtual datacenter.  While it's great to have an open source alternative to Amazon's AWS, how beneficial is that to people like me?  It always seemed to me like that kind of software that would mainly be interesting to hosting providers because you can already easily manage in-house virtual environments with existing tools from VMWare or Xen or whatever.  In short, it's a lot of configuration overhead just to get a "private cloud" running on your own hardware when other solutions exist and can do the job adequately, and the only thing it seems like it would buy you is the ability to deploy your setup to an openstack service provider more easily.

But a couple of weeks ago, I started playing with the openstack packages in debian unstable and finally figured it out.  The value of openstack isn't so much that it let's you run a private cloud, but rather that it provides a layer of abstraction for a lot of the different cloud technologies.

I've been to a few job interviews recently where I've been asked about my experience with vSphere, to which my honest reply is "Not much.  Most of my work recently has been Xen and qemu/kvm, but I have messed around with ESXi."  That's the point where the interviewer frowns and we start the "Thanks for coming in" exit dance.  The belief seems to be that understanding of the basic principles of virtual machines is somehow tied to the unique quirks of the platform being used.

It's has created an unneeded divide in the talent pool that is making it harder for organizations to hire people than it should be because they're basing decisions on essentially brand loyalty rather than technical difficulty.  One company has been looking for a vSphere guy for 18 months, which is more time than it would be to hand a XenCenter guy a couple of manuals and let him catch up.

openstack has the potential to address the name brand vapor lock by abstracting out the details of the virtualization implementation.  It has the opportunity to make more "cloud" developers and system engineers available for organizations to hire, and gives the nerds a way to add a useful technology to their toolkit without getting caught up in a Chevy/Ford or Coke/Pepsi debate.  Openness has the tendency to get the software into more hands, and the more people that are using it the larger the community is for you to draw upon later.  Doesn't matter if you're using KVM, ESXi, or Xen in your home lab: get OS running and develop to the public APIs and your skills should be portable to any place that's using it for their operations.

Another interesting aspect of openstack is that it's not really one mega-giant piece of software, but rather a collection of services with web APIs that work together.  As a developer, that gives you the potential for doing stuff like using keystone as a standalone authentication service for your app, or extending quantum to manage a real/physical network rather than just virtual ones.

Although the doco is a little rough (it's missing a decent overview of all the components and suggestion on how to setup your network for them), all the options appear to be fully documented.  Also, I absolutely love, love, love the fact that each of the components offers up a command line utility that let's you easily modify the services (ie, add users and permissions to keystone) from scripts rather than relying on GUI/web interfaces for everything.  This also makes integration into puppet/chef nice, too.

Deployment from source appears to be kind of rough as the preferred distribution seems to be either 1) use a hosting provider, or 2) use the packages for a supported distro, but it should be possible for someone with moderate experience using all the technologies less than a day to get them setup and running.  I haven't gotten around trying to import my hode-podge of VMs into openstack-nova yet, but given the fact that it seems to mostly wrap virsh/libvirt and collects data from the host rather than trying to do the "I'll keep my own configs, thank you very much" pleskishness I feel that shouldn't be much of a challenge.

Overall, the more I play with it the more it's starting to look like it'll emerge as an important technology in the next few years and has a lot more use than you'd assume at first glance.

No comments: