The Cisco OpenStack Platform and Underlying Infrastructure
The OpenStack platform and underlying infrastructure consist of physical, virtual, and automation components. The beginning point for any service is the physical data center, controls, and hardware. Whatever services or virtualization you build on top of this infrastructure will only be as good as the underlying physical design and the security controls you integrate. The Cisco Data Center design1 is a great reference architecture for what is required to achieve the correct level of resiliency and redundancy, including power and cooling for the underlying data center design. In addition, the data sovereignty and compliance regulations vary by geographic region and industry security concerns or last impact of loss (real or perceived). One of the core requirements of the Intercloud architecture is to address customer concerns about cloud adoption.2
The Intercloud adds another dimension to this physical design as the location of the data center matters for data sovereignty and security governance. In order to connect data centers from different locations securely, the network and physical connectivity between sites and locations is critical. This requires interdomain standards and cross-provider federation of control and network orchestration protocols.
The underlying platform is critical to consider as it is the foundation of the services that are built and delivered with high quality and reliability. The platform consists of physical servers to provide the underlying compute, memory, and local disk needed to support the infrastructure needs of cloud. The Intercloud node consists of high-performance CPU and memory with large quantities to support all compute needs, from small containers to large nodes to support big data analytics.
The network is another critical aspect that consists of virtual, data center, and WAN components. The virtual network exists within the compute domain. The domain can consist of a single node or group of nodes called a compute cluster. This network creates virtual interfaces that are specific to an organization and scoped to a project level. The data center network connects all the local compute nodes, keeps all transit traffic within a single data center, and serves as the gateway to all external destinations (Internet, other data center networks).
The WAN connects the data centers together and accesses the Internet. This is the security boundary to the data center and also the intranetwork to connect all sites and other Internet locations. The Intercloud creates a control and management plane that integrates all networking from the local virtual interface of a compute node to the WAN connection across the Internet to another data center or service provider. The Intercloud provides the logical network constructs along with security groups and routing abstraction to enable the end user to create a global mesh of end-to-end connections.
Another important aspect is storage. Storage consists of a variety of different speeds and sizes of Serial Advanced Technology Attachment (SATA), Serial Attached SCSI (SAS), and solid-state (SSD) disks. These disks can be local to the compute node or pooled together in a SAN as a group of storage capacity. This capacity can be tied to different key performance indicators (KPIs) that govern the input/output operations per second (IOPS) or throughput that the SAN can handle.
In developing applications for the platform, the primary considerations are the open interfaces and how to enable these interfaces to remain up-to-date and consistent over time. By leveraging open APIs and interface abstractions, the platform presents an abstraction layer to the underlying infrastructure. This will allow the infrastructure to mature and innovate over time without requiring a rewrite of the application.
Another important strategy to consider is your open-source strategy. Open-source technologies play an important role in innovation and the development of solutions to meet the needs of the ever-changing and expanding marketplace. Open-source technologies can also be a risk to the business if your strategy is not well defined and thought out. The areas of specific concern are security, intellectual property, and support. It is important to have a strategy for open source and to review that strategy often.