wiki:DevOps-2013-12-17
Last modified 6 years ago Last modified on 12/31/13 12:47:37

DevOps Weekly Meeting | December 17, 2013

Time & Location: 10:00am-11:30am in LHL164

Attending

jpr, mhanby, rpillai, larbob

2013-12-17 Agenda

  • Provisioning services on the research cloud

Summary

This meeting explored how to provision a service hosted in the OpenStack cloud. We focused on the use case of creating a file store destination in the cloud that can be used from an client environment to augment the storage available locally.

Discussion

The specifics of this use case involve adding a secondary, off-site storage location to the backup routine for the research data sets of Dr. Lee Moradi, Director of Engineering at CBSE. The lab relies on a backup solution built on Acronis. The current solution leverages USB storage drives to record a second backup that can then be moved off site. The proposed cloud solution is to replace the USB drives with a storage location in the cloud.

The Acronis backup stores its data encrypted on disk. This makes it easy to satisfy security requirements for this solution since the data is encrypted during backup and not stored in a format readable by third parties. The proposed use of the cloud also fits within existing backup solution's internal audit of the implemented by CBSE Engineering as part of their IS09001:2008 and AS9100 certified operations.

The solution requires that we identify viable storage options for getting data into our research cloud. There are two approaches:

  1. Host a storage server in the cloud that presents a standard disk image to the backup server that can be used as a direct replacement for an attached USB drive
  2. Prepare backup sets locally and then upload individual sets to a cloud object store (a more cloud native solution)

Our initial discussion focused on the first option because of it's ease of implementation in the lab, familiar "server management" scenario, and because it highlights how services can be instantiated on a virtual cloud infrastructure of VMs and block storage. It also helps highlight the dividing line between the full autonomy of the user of the cloud infrastructure from the cloud operator.

During the meeting we stepped through the process of instantiating a test bed server environment:

  • create a tenant(project) space -- this houses the cloud resources owned by the research group
  • instantiate a registered image in OpenStack -- this instantiates a virtual machine that will provide the protocol endpoint for the service of interest (CIFS in this case)
  • instantiate a block storage volume -- this provides persistent storage to the instantiated VM
  • connect the block storage to the VM
  • open ports in the OpenStack firewall to allow access to the service

We discussed several options for building and testing the SMB/CIFS end point, including using an existing open source NAS project as the foundation to benefit from an established developer community. FreeNAS is an appealing solution for it's maturity. The project is aimed at competing with existing enterprise scale NAS solution so it is not recommended to run FreeNAS in production on virtual hardware. Nonetheless, this could still fit in our model of exploring services virtually and then "compiling" them to hardware.