Monitoring an OpenStack-Based Infrastructure


Dave Hegenbarth describes the SevOne integration with OpenStack, including Ubuntu and Canonical.


Hi, I'm Dave Hegenbarth, Director of Systems Engineering for Global Strategic Partnerships at SevOne. Thanks for joining. The days of service providers in large enterprises buying rack after rack of specialized network computing storage to launch a new service or application are coming to an end.

Our customers and the market as a whole are on a journey to software-defined everything where network, compute, and storage along with automation and orchestration will allow them to innovate and deliver applications and services much quicker through a virtualized infrastructure.

At SevOne, we're committed to making that journey with our customers and our technology partners and provide complete performance visibility through the technology transition that is about to happen. In this whiteboard session, I'm going to describe the integration of SevOne and OpenStack for performance monitoring. SevOne is designed to interoperate with a number of different distributions of OpenStack including those provided by Ubuntu/Canonical.

On the Whiteboard, I've drawn a pretty generic SDN topology. We have our physical network on the bottom. We have our OPenStack controllers here. We have our APIs going up to different applications that allow us to provision different virtual services via virtual machines riding on top of a hypervisor probably powered by Intel X86 chips.

Why would we do this? What is the value of OpenStack and automation and orchestration? Well, it's really about speed of business, bringing IT to the speed of business. I'm going to give you a simple example which is I have a guy in marketing that would like to setup a new website.

My guy in marketing has got to get this website up and he's got to get it up really quickly. He's thinking about what his website might look like. Probably not thinking quite as much about the infrastructure. In the old world, we rack servers, we rack load balancers, we rack network gear and then we are ready to kind of help this guy out.

In the new world, with OpenStack, we're going to be able to provision the resources necessary to build this website. These resources will probably look a little bit like this. We're going to have a virtual firewall. This could be the firewall that comes with the OpenStack. It could also be some other network function virtualization device such as Juniper's Firefly or an F5 Firewall, etc.

Behind that, because we might want to be really secure, we're going to have an IPS to do packet inspection of our traffic. Lastly, we'll put in a load balancer. Again, this could be part of the OpenStack solution where this could be dropped in as an F5 load balancer or some other one. This load balancer is there, because our website might get very popular and we need to handle these resources.

We're going to have a couple of virtual machines that are the front end. They're serving up our website. We'll probably have a couple machines that are back in databases. All of this is going to be spun up from virtual machines setting on our hypervisor. We'll draw one more line here. We'll bring up our load balancer.

Now, enter our SevOne and the performance monitoring. With ceilometer, there is some measurement of performance, but that's pretty much limited to the controller, the hypervisor and some of the VMs, but probably won't extend itself into other manufacturers, devices or their performance.

SevOne brings a holistic picture to performance monitoring. I'll draw SevOne in the middle here. We have our SevOne performance monitoring platform. We're first going to talk to the controller to understand a couple of things. One, inventory in real time. How many virtual machines have we spun up. How many firewalls, load balancers, etc, might be in the inventory that we need to provide performance stats for in real time.

The second thing that I'll pass down the API or the controller bus is the ability to understand topology. What does this look like? What firewall is connected to what IPS connected to which load balancer? What is the topology view of what we call this service chain?

The service chain is literally getting my marketing guy through the firewall, through the IPS, through the load balancer to the website. This is the service chain and SevOne is able to show that in a topology map. We're able to show it as it changes in real time.

Lastly, we'll take some traditional performance monitoring capabilities like SNMP. These virtual devices act just like their physical counterparts and so I'm able to use SNMP to pull network management protocol to pull stats out of that particular instance. I could do the same thing maybe with my load balancer.

Then we'll also use something like logging, performance logging in SevOne. A lot of logs generated by my IPS as the traffic goes by and we're going to want some of those performance stats via logs as well. Also, SevOne has the ability to monitor our infrastructure, so that L2, L3 network, probably again via SNMP.

We're also going to take flow data, that would be NetFlow data or sFlow data, from the physical underlying network and bring that in to SevOne to report on who's talking to who, on what protocols, how much volume that traffic is taking, how much bandwidth or volume of traffic is moving through the network.

Then lastly, we have the ability to also connect to other things like cloud services. A lot of our customers start with a private cloud moving at the speed of business. They spin up a number of resources in their private data center, but those might not be enough or may not be geographically placed in the right place, so they extended into a public cloud which could be AWS or Azure from Microsoft and they spin up more resources there.

What we're trying to do is bring together all of these performance resources in a single HTML dashboard in real time. We'll probably have a graph up here for our firewall and we'll have some performance metric like connections or connections per second. We'll probably have some IPS stats, so some measurement of the type of packets coming through and those are provided by logs, whereas the firewall is provided by SNMP.

We might also have load balancer stats and those will probably come in as connections per second on a particular virtual interface or a VIP. Lastly, we may have some flow data about who's talking to who across the network provided by NetFlow, so we bring a multitude of different technologies together in a single pane of glass to provide performance, statistics about our entire virtual infrastructure.

One of the other great capabilities of SevOne is we provide an understanding of normal or baselines for every metric. Connections per second, whether it's load balancers, etc, and we've used that understanding of normal to alert you when something in this entire environment, whether it's virtual or physical, is not working the way it was.

SevOne performance monitoring combined with OpenStack to bring you performance visibility of both your virtual infrastructure and your physical infrastructure through multiple technologies like API, RESTful APIs, SNMP, log and flow data to provide a complete HTML real time picture of that performance. Thank you for joining in this whiteboard session on the integration of SevOne and Canonical OpenStack solution. Thanks.