OpenStack – A Private Cloud for Free?

I’m a big OpenStack proponent. I think its s a very positive reflection on what can be achieved by bringing together skills across the globe towards a common goal. The end game of OpenStack is huge. Eventually we will all be running Facebook/Google style datacenters which are completely software defined and will be pushing code into production every half a second….. But I’m a realist and we’re not quite there yet. There are many companies running OpenStack in production, like Walmart who went on stage at the beginning of the year and said “To anyone who thinks OpenStack isn’t production ready, we are and we’re running it on black friday”. That doesn’t mean it was easy or free though.Free

As an industry we have struggled to get our heads around “open source” solutions. As customers we thought we were getting something for free. As vendors we thought there was no money in it. Neither has turned out to be true.

The thing is, open source doesn’t mean easy, it doesn’t mean it doesn’t need configuring, it doesn’t mean it doesn’t need supporting, patching, architecting, integrating etc. etc. With OpenStack being such a huge solution consisted of many different projects, this becomes even more amplified.

Back to the beginning….

OpenStack was often referred to as a cloud operating system. From the point of view that it provides you with a system to operate your cloud, this is valid, however, cloud operating system is now used for mini container OS’ like Photon-OS, Core-OS, etc. OpenStack is now defined as an open source cloud computing platform. Platform is the key piece here. OpenStack isn’t a hypervisor, it isn’t a file system, it isn’t a network controller, it isn’t a lot of things. It’s a platform to integrate, control and deliver many types of cloud services for the datacenter.

Being open source, OpenStack has the OpenStack Foundation. They take care of the distributions, projects, marketing, events, etc. There is a board of directors and many many contributors. Anyone can choose to become an individual contributor by, you guessed it, contributing. This could be code or documentation. The OpenStack Foundation runs as a non-profit corporation.

Interested in who is contributing to different OpenStack releases? Visit – It shows which companies, individuals are contributing to which releases, as shown by the example of the Liberty release statistics below:

atackanalytics.comScreen Shot 2015-12-15 at 15.16.47Why do we need OpenStack?

Remember the days before we were all decided on TCP/IP? We had a number of different networking standards, all developed by different vendors, competing with each other, overlapping, making things complex. As customers we worried about which would come out on top, and whether or not we would be locked into proprietary technologies by vendors. We created open standards in networking like we did for a number of technologies. This enabled us more flexibility and to innovate faster. The same can be said for OpenStack, every company is, or should be looking into running cloud. Because of cost and data sovereignty, this is often done in private datacenters. We need a standard to allow the same agility and flexibility that IP gave us for networking.

For cloud, we’re really talking about infrastructure; virtual, elastic and metered infrastructure which can be used on demand. We need this cloud infrastructure to develop and run applications on, and what to the developers of these applications want? The answer is APIs. So the standards for OpenStack are focused on APIs. Developers only have to care about this single standard and not worry about when the hardware, hypervisor, controller etc. changes.

What do I get?

The fully open source distribution of OpenStack is released every 6 months, this is available to download for free at You get the source code and you can then configure each of the projects within your environment. In reality, this requires a huge amount of effort. There are some package installers available, which make running it locally on your laptop easy, like DevStack, but for production you really need a team of skilled OpenStack developers to architect, install, customise and support the environment. We then go from “wahoo free cloud!” to, “it costs how much? and will take how long?!” Many businesses have failed OpenStack deployments for exactly this reason. This is where the vendor distributions come in, with hardened versions of OpenStack, supported, installed, configured, patched etc.

Each vendor adds its own value to naked OpenStack and the market is growing all the time. Some popular distributions of OpenStack from vendors right now are:

VMware Integrated OpenStack – Developer friendly APIs meets enterprise hardened infrastructure built on vSphere.
Red Hat OpenStack – Flexible and open platform based on KVM.
Mirantis – Pure OpenStack company, focused on custom OpenStack implementations.
RackSpace – Hosted and or managed OpenStack environments.
Ubuntu – Focused on choice, customization and support.

The Projects

As mentioned, the OpenStack is a stack of projects, or modules. Each is written in python (for the most part) and each carry out a function. The projects talk to each other through the APIs.

Not every project becomes part of every distribution. There is a committee called defcore, who decide on the baseline for an OpenStack distribution and only allow vendors to use the OpenStack brand if they adhere to these standards. Defcore also define which projects are core (deemed mature enough go into the open-source release) and which aren’t ready.

Some common projects, which most OpenStack installations utilize are:

Nova – This controls your hypervisor, whichever you choose (KVM, vSphere, Hyper-V etc). It provides you with a basic infrastructure as a service. You use Nova do deploy Instances, which are analogous to virtual machines.
Keystone – This is your identity management. It controls user access and also the function of validating the communication between the projects.
Glance – An image store service, this is where ISOs, OVAs etc. are held and can be requested by Nova.
Cinder – Controls your block storage.
Swift – Controls your object storage.
Heat – Heat orchestration templates are blueprints for how your application deployment should look, Heat orchestrates the deployment of instances, networks etc based on these templates.
Horizon – GUI – This is optional and often not used as everything can be done through an API/CLI.
Ceilometer – Provides telemetry and data analytics.
Neutron – Networking – This controls your chosen SDN solution.openstack

Some Further interesting projects, of varying maturities:

Barbican – Data Encryption
Congress – Policy Enforcement
Designate – DNS as a Service
Manila – File sharing
Mistral – Workflows – Many people have referred to this as cloud “cron jobs”
Magnum – Containers
Murano – Application catalogue – Utilises HOT (heat orchestration templates)
Sahara – Hadoop as a Service
Searchlight – Search within your cloud
Trove – Database as a Service
Ironic – Bare-metal as a Service (Physical machine deployments)

When is OpenStack the right tool?

Bear in mind the true cost of OpenStack depends on things like the skills available in the market at the time, how custom your environment needs to be, how much of your internal process needs to change and many other factors. There’s a great post on zdnet on this. Knowing that the cost could be more than a proprietary stack from a vendor, the reason for going down an OpenStack route needs to be a little more strategic.

This is a complex decision to make, but for me there are 2 major things to contemplate:

  1. Do you need any policy or governance around your private cloud? OpenStack is a great solution but RBAC and policy isn’t where it plays well right now. If you just want a “Cloud Admin” to have access to everything and aren’t interested in eventually giving access to the likes of end users or business group managers etc. then this could be a good fit. Really think about this though, how are you going to track and audit who is allowed access to resources, how are you going to scale this? How are you going to ensure any shift and drift away from your standard builds are managed effectively?
  2. Are your developers intending on being very API heavy? If they are looking for a black box with APIs they can develop against without worrying about the infrastructure underneath, then this is a great use case for OpenStack. However, if you are looking for a pretty GUI with rich features allowing you to visualize your cloud and provide access to your end users, then OpenStack might not be the right fit just yet.

Leave a Reply