20 KiB
Executable File
Bare Metal Service Gap and Overlap Analysis
Primary contact
- Kei Tokunaga (Fujitsu)
- Yih Leong Sun (Intel, IRC: leong)
Gap analysis
- Problem Overview
- Baremetal machine configuration: Bare metal machine
can be configured with CPU specification, memory capacity, local storage
drive type such as SATA or SSD and its capacity, and network iplink
bandwidth. Infiniband or RoCEE may be needed to achieve network
performance.
- CPU specification, memory capacity, storage drivetype / capacity, network iplink bandwith, and Infiniband / RoCEE can be specified for bare metal deployment with using "Capability" property.
- Network isolation: Networks for one tenant is
isolated from other tenants. Network isolation consists of "Network
flipping" and "Network switch port configuration". The former is
implemented in Ironic, and the latter as Neutron ML2 driver.
- Network flipping:
- Ironic uses a "deployment network" while deploying a bare metal and switches it to a "tenant network" after the deployment is done. LAG support is also handled in the same RFE/SPEC.
- This consists of an Ironic and Nova part. Both parts have been
completed at Newton except for the LAG support. Ironic team is trying to
merge LAG support at Newton, but it (especially its the Nova part) might
be slipped to Ocata.
[RFE][Ironic] Ironic Neutron ML2 Integration
[SPEC][Ironic] Update of the Ironic Neutron Integration spec
[BP][Nova] Tenant networking support for Ironic driver
https://blueprints.launchpad.net/nova/+spec/ironic-networks-support
[SPEC] [Nova] Tenant networking support for Ironic driver
- Network Switch Port Configuration:
- A Neutron ML2 driver configures VLAN setting on the network switch ports to realize multi-tenancy on bare metal deployment.
- When will a network switch be able to be configured by a ML2 driver really depends on switch vendors, and there's no BP/SPEC for it.
- Multiple Network For Bare Metal:
- A bare metal can connect to multiple networks (VLANs) via one physical NIC. This is needed to assign a network to each container running on a deployed bare metal.
- This consists of an Ironic and Nova part. Likely be completed at
Ocata or later.
[RFE][Ironic] VLAN AwareBaremetal Instances
[SPEC] [Ironic] VLAN AwareBaremetal Instances
- Network flipping:
- Storage Service Integration: Bare metal machine can
be connected with block device service such as Cinder. Bare metal
machine connects cinder backends dedicated to single tenant. Tenant can
also back up internal storage of bare metal machine and recover from it.
- SAN:
- A bare metal can attach a Cinder volume. Likely be able to attach Cinder volumes atOcata or later.
- SAN Boot:
- A bare metal can boot from a Cinder volume. Likely be able to
connect to Cinder volumes at Newton (iSCSI, FCoE, and NFS) and at Ocata
(FC). Multi-tenancy will likely be completed at Ocata or later.
[RFE][Ironic] Add volume connection information into ironic db
[SPEC][Ironic] Volume connection information for Ironic nodes
[RFE][Ironic] Boot from Volume - Reference Drivers
[SPEC][Ironic] Boot from Volume - Reference Drivers
[BP][Nova] Add support for Ironic nodes to boot from Cinder volume
https://blueprints.launchpad.net/nova/+spec/ironic-boot-from-volume
[SPEC][Nova] Add support booting bare metals from Cinder volume
- A bare metal can boot from a Cinder volume. Likely be able to
connect to Cinder volumes at Newton (iSCSI, FCoE, and NFS) and at Ocata
(FC). Multi-tenancy will likely be completed at Ocata or later.
- SAN:
- Console: Tenant can operate bare metal machine from
console, see console log integrated with existing Horizon UI.
- Serial Console:
- The Ironic part will likely be completed at Newton. The Nova part
will likely be completed at Ocata.
[RFE][Ironic] Nova serial console support for Ironic
[SPEC][Ironic] Nova compatible serial console support
[BP][Nova] Ironic serialconsole support
https://blueprints.launchpad.net/nova/+spec/ironic-serial-console-support
- The Ironic part will likely be completed at Newton. The Nova part
will likely be completed at Ocata.
- Graphical Console:
- Likely to be completed at P-cycle or later.
- Console Log:
- Likely to be completed at P-cycle or later.
- Serial Console:
- NMI Injection: When the OS on a bare metal has a
problem (hungup, slow down, etc), tenant can issue a NMI to the OS to
take a kernel memory dump so that they can investigate the root cause of
the problem.
[BP][Nova] Support softreboot and poweroff in nova ironic driver
https://blueprints.launchpad.net/nova/+spec/soft-reboot-poweroff
[SPEC][Nova] Support soft reboot and poweroff in nova ironic driver
[BP][Nova] Introduce inject NMI interface in nova ironic driver
https://blueprints.launchpad.net/nova/+spec/inject-nmi-ironic
[RFE][Ironic] Enhance Power Interface for Soft Power Off and Inject NMI
[SPEC][Ironic] Enhance Power Interface for Soft Power Off and Inject NMI
- Graceful Shutdown: Tenant can gracefully shutdown
the OS on a bare metal so that they can avoid data corruption that can
occur by powering off.
- See "NMI Injection" for links to BP/SPEC/RFE.
- Unified VM/BM Management: Unified management of
both VMs and BMs (bare metal machines) by software with the similar set
of services or functionalities can be provided to users such as FWaaS,
LBaaS, VPNaaS, Security Group, Block Storage, Backup, High Availability,
Connection to VMs in virtual network (VXLAN), and Console.
- FWaaS, LBaaS, VPNaaS:
- Can be used by Bare Metal today.
- Security Group:
- Depends on Neutron ML2 plugins fornetwork switches.
- Work related to Network Isolation on Ironic will likely be completed
at Ocata.
[RFE][Ironic] Security Groups support for baremetal servers
- Block storage and backup:
- See "Storage Service Integration" above.
- High Availability:
[RFE][Ironic] Bare metal node N+1 redundancy
[SPEC][Ironic] Bare metal node N+1 redundancy
- VXLAN:
- Depends on Neutron ML2 plugins fornetwork switches.
- Console:
- See "Console" section above
- FWaaS, LBaaS, VPNaaS:
- Baremetal machine configuration: Bare metal machine
can be configured with CPU specification, memory capacity, local storage
drive type such as SATA or SSD and its capacity, and network iplink
bandwidth. Infiniband or RoCEE may be needed to achieve network
performance.
- User Stories
- BMT001 - As Wei the project owner, I want to use bare metal machine so that I get consistent performance not affected by another machine, nor impacted by hypervisor.
- Bare Metal can be deployed with multi tenancy.
- BMT002 - As Wei, I want to have a secure and clean bare metal machine deployed no matter who used it before.
- HDD erasing is there already. BIOS reset should depend on Ironic drivers for servers.
- BMT003 - As Wei, I want to create networks elastically so that I can use network like I have these networks not affected by other companies.
- See above for development.
- BMT004 - As Wei, I want to back up internal disk of bare metal and create a snapshot. This can be backed up to an external storage managed by Cinder.
- See above for development.
- BMT005 - As Wei, I want to use bare metal machine integrated with block storage service so that I can use external storage service.
- See above for development.
- BMT006 - As Wei, I want to see bare metal machine from console log and operate from console so that I can analyze problems at booting time and so on.
- See above for development.
- BMT007 - As Wei, I want to continue my operation immediately when a bare metal machine fails without any manual operations such as switchover. Similar to HA VM user story, The owner should not have to design the fail-over mechanism themselves. The system should monitor and detect bare metal machine failure and automatically fail-over to a spare bare metal machine.
- See above for development.
- BMT008 - As Wei, I want to use a bare metal machine with the network services such as FWaaS, LBaaS, Security Group, VPNaaS, and connection to VMs in virtual network(VXLAN) in the same manner of VMs.
- See above for development.
Appendix
Network Isolation
[Ironic] Operator documentation for multitenancy [UNDER DEVELOPMENT]
[Ironic] Add portgroups to support LAG interfaces - API [UNDER DEVELOPMENT]
[Ironic] Add classes for Portgroups API enablement [UNDER DEVELOPMENT]
[Ironic] Add api-ref for new port fields [MERGED]
[Ironic] Follow-up to 317392 [MERGED]
[Ironic] Expose node's network_interface field in API [MERGED]
[Ironic] Add multitenancy-related fields to port API object [MERGED]
[Ironic] Update the deploy drivers with network flipping logic [MERGED]
[Ironic] Add 'neutron' network interface [MERGED]
[Ironic] Add network interface to base driver class [MERGED]
[Ironic] Add internal_info field to ports and portgroups [MERGED]
[Ironic] Add network_interface node field to DB and object [MERGED]
[Ironic] Refactor ironic enroll-node code [MERGED]
[Ironic] Create common neutron module [MERGED]
[Ironic] Add API reference for portgroups [MERGED]
[Ironic] Fix API node name updates [MERGED]
[Ironic] Correct api version check conditional for node.name [MERGED]
[Ironic] Add portgroups to support LAG interfaces - RPC [MERGED]
[Ironic] Add portgroups to support LAG interfaces - net [MERGED]
[Ironic] Add portgroups to support LAG interfaces - objs [MERGED]
[Ironic] Add portgroups to support LAG interfaces - DB [MERGED]
[Ironic] devstack 'cleanup-node' script should delete OVS bridges [MERGED]
[Ironic] Add possibility to work with portgroups [UNDER DEVELOPMENT]
[Ironic] Updates supporting ironic-neutron integration [MERGED]
[Nova] Ironic: use portgroups [UNDERDEVELOPMENT]
[Nova] Ironic: enable multitenant networking [MERGED]
[Nova] Allow virt driver to define binding:host_id [MERGED]
[Nova] Adding a new vnic_type for Ironic/Neutron/Nova integration [MERGED]
Storage ServiceIntegration
[Ironic] [WIP] Add storage_interface DB field and object [UNDER DEVELOPMENT]
[Ironic] Introduce new RPCs to support volume target operations [UNDER DEVELOPMENT]
[Ironic] Introduce VolumeTarget object [UNDER DEVELOPMENT]
[Ironic] Add volume_targets table to save target information [UNDER DEVELOPMENT]
[Ironic] Introduce new RPCs to support volume connector operation [UNDER DEVELOPMENT]
[Ironic] Introduce VolumeConnector object [UNDER DEVELOPMENT]
[Ironic] Add volume_connector table to save connector information [UNDER DEVELOPMENT]
[Ironic] Add REST API for volume connector and volume targetoperation [UNDER DEVELOPMENT]
[Ironic] Add volume_target support [UNDER DEVELOPMENT]
[Ironic] Add volume_connector support [UNDER DEVELOPMENT]
[Ironic] Add REST API for volume target operation [UNDER DEVELOPMENT]
Console
[Ironic] Add node serial console installation howto [UNDER DEVELOPMENT]
[Ironic] IPMITool: add IPMISocatConsole and IPMIConsole class [MERGED]
[Ironic] Nova-compatible serial console: socat console_utils [MERGED]
[Nova] Ironic Driver: override get_serial_console() [UNDER DEVELOPMENT]
NMI Injection / GracefulShutdown
[Ironic] Ipmitool power driver for soft reboot and soft power off [UNDER DEVELOPMENT]
[Ironic] Generic power I/F for soft reboot and soft power off [UNDER DEVELOPMENT]
[Ironic] iRMC power driver for soft reboot and soft power off [UNDER DEVELOPMENT]
[Ironic] iRMC management driver for Inject NMI [UNDER DEVELOPMENT]
[Ironic] Ipmitool management driver for Inject NMI [UNDER DEVELOPMENT]
[Ironic] Generic management I/F for Inject NMI [UNDER DEVELOPMENT]
[Ironic] Overrides get_supported_power_states() for WOL Power [UNDER DEVELOPMENT]
[Ironic] Add soft reboot/poweroff power states [UNDER DEVELOPMENT]
[Ironic] Add a new command "ironic node-inject-nmi" [UNDER DEVELOPMENT]
[Nova] Add soft power off support to ironic driver. [UNDER DEVELOPMENT]
[Nova] Translate power state strings with dict fornodes.set_power_state().[UNDERDEVELOPMENT]
[Nova] Add soft reboot support to ironic driver. [UNDER DEVELOPMENT]
[Nova] Add inject NMI support to ironic driver. [UNDER DEVELOPMENT]
Link to previous etherpad
https://etherpad.openstack.org/p/bare_metal_service_gap_and_overlap_analysis