CloudOpen presentation: – Deploying an IaaS with Apache CloudStack

Posted by gminks in CloudOpen | Tagged , | Leave a comment

Presentation was by David Nalley.

CloudStack is multi-tenant:

  • Built around user abstraction (can’t see hypervisor/storage/etc)
  • Networking seperation – every acct has at least one dedicated & isolated VLAN
  • Hardware can be dedicated to users (for compliance, etc)


  • Broken down by how they are isolated, and if hardware is physical or virtual
  • Offered Services: DHCP, VLAN allocation, Firewall, NAT/Port forwarding, Routing, VPN, Load Balancing
  • Can also manage Big IPs, NetScaler, Juniper SRX, Cisco Nexus, Nixera, Brocade load balancers

Security groups:

  • Traditional isolation has been by VLANs., but issues
    • Hard limit of 4096 VLANs
    • Supporting HW is expensive
  • Security groups – layer 3 isolates. Up to 50K bridged devices managed
  • Assumes flat layer 2 network, no multicast. Only will have hypervisors on the layer 2 network

High Availability

  • Means services stay up – not just bringing them back up
  • CloudStack is not high availablity, but its a tool to increase availability

Allocation algorithms

  • How VMs, storage, etc are allocated
    • First fit: First place that it comes across that it fits
    • Fill first: fill up the resource before moving on
    • Disperse: (per zone)
    • Create your own
  • Resources can be tagged, things will only get deployed to a tagged resource if they request the tag
  • OS preference – for socket licensing, etc


  • Not billing, but stats to bill against


  • Secondary storage: snapshots, templates for VMs,
  • Historically NFS – option of object storage (swift, caringo, glusterfs)
  • Managed by secondary storage vm, always at least 1 per zone, can scale out.
  • Primary storage – NSF, iSCSI, and CLVM. (NSF/iSCSI don’t scale well.)
  • Shared mountpoint – anything all hypervisors can mount and write to
  • if apps can be architected to be stateless, its fast its local, etc

Resource dvision

  • Zones
    • Specific geographic location, shares secondary storage resource, single network model
  • Pods
    • Rack or row of racks, shares guest network
  • Clusters
    • max of 8-15 machins, homogenity (same hupervisor, same COUs, same networking)


  • Mgt nw
  • Private nw
  • Public nw
  • guest nw

Mgt server – stateless (state is in DB), all UI functionality is an API call.

last part was a diagram of the environment. Pretty cool




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.