(UPDATED with new slide embeds)
Close to 3,000 developers, users, investors, media and analysts descended on the Oregon Convention Center for the OpenStack Summit this week. Cloudscaling was there in force, with five presentations, one panel and a raft of news.
Below, we’ve summarized each presentation and linked to the slides for many of them. Later, we’ll add video and update the post.
April 16, 1:50 pm
Operations Summit: This was a Design-summit-style technical working session to discuss and refine best practices for deploying and operating OpenStack installations.
April 17, 11:00 am
OpenStack is the fastest growing open source movement in history, but its marketing momentum has largely outrun its technology growth. Why are organizations so eager to embrace OpenStack? Some components – like Swift – are ready for prime time. But others – like Horizon and Quantum – are still evolving. What needs the most attention: networking, storage, compute, or something else? Where are the reference architectures and real world deployments? How are different product and service companies implementing OpenStack in production today? In this preso, we went beyond the hype and dug deep on OpenStack, exploring all that is great and all that needs serious work. Attendees left with a firsthand account of the State of the Stack, ready to help their organizations embrace OpenStack armed with practical knowledge.
April 18, 9:30 am
Existing approaches to delivering persistent block storage in OpenStack focus on integrating existing SAN/NAS hardware solutions, using Distributed File Systems (DFS), or using simple Direct Attached Storage (DAS) with Cinder. There is another alternative: scale-out block storage nodes with intelligent scheduling. This is the same approach that Amazon Web Services (AWS) uses for Elastic Block Storage (EBS) and it’s worth taking a close look at the pros and cons. This presentation explored the differences between SAN, NAS, DFS, DAS, and EBS. We looked at the implicit and explicit contracts that users and operators get from the different approaches and at a variety of failure conditions. EBS may not be right for some clouds, but for many it’s an important and viable alternative to the existing approaches.
April 18, 3:20 pm
This talk is a breakdown of security concerns relating to the OpenStack Folsom Release. We looked at past vulnerabilities in Folsom, existing security models, and emerging technologies that will impact those models. The presentation described several deployment models in terms of their security attributes. The next phase will be the discussion of specific protocols in use and their individual security characteristics. Matt presented statistics on where past vulnerabilities have been found and reported, allowing us to consider how we can better address security in our continuous integration processes. The goal of this talk is to present a map of where we are today, and expose some of the issues we have yet to face.
April 18, 4:10 pm
This presentation is an in-depth critique of the existing OpenStack networking approach, with a focus on how the Nova network controller is more of a hindrance than a help. We discussed the gap in Quantum’s functionality required to close the gap, and alternative solutions. How can we make networking in OpenStack robust, high performance, and fault tolerant? What do typical large scale networks look like and what lessons can we learn from them? Is there an approach to networking we can take that is the same with a handful of servers as it is with hundreds of racks?
April 18, 5:00 pm
There have been a number of premature attempts to provide a trusted computing platform for IaaS software. However, all have met with failure and a lack of mass market adoption. What would be required to solve this problem for real and deliver “true” computing? True computing requires the ability to have a trusted chain of events related to the provisioning and deployment of hardware and software. It requires integration to the supply chain with installation of initial keys at the hardware vendor’s site, secure PXE booting, system attestation, and robust key management. None of this is easy or free, but what would it look like if OpenStack could become the first truly trusted cloud system? How would it integrate with the current ‘trusted-messaging’ blueprint? Would it make CloudAudit’s API more relevant?