OpenStack is a cloud computing system software (sometimes referred to as cloud computing OS), that delivers Infrastructure as a Service (IaaS). Released under the Apache license, OpenStack is free open source software. The OpenStack Foundation was established in September 2012 as a non-profit corporate entity that manages the OpenStack project. It promotes OpenStack and its developer community. OpenStack includes a set of building-block projects that control pools of computing nodes (that is, processing nodes), storage, and networking resources in a data center. OpenStack provides a dashboard that enables administrators to control and provision these resources through a web-based (GUI) interface. OpenStack's modular architecture and its building blocks (and their code names) are shown in the following diagram:

OpenStack Compute (nova), which is the main part of an IaaS system, is the cloud computing fabric controller. Nova is written in Python and it utilizes many external libraries such as SQLAlchemy (for database access), Kombu (for Advanced Message Queuing Protocol (AMQP) communication), and Eventlet (for concurrent programming). Nova is able to manage and automate pools of computer resources and can cooperate with widely available virtualization technologies and high-performance computing (HPC) deployments.

It is designed to scale horizontally on commodity computers with no proprietary hardware or software requirements and also to provide the ability to integrate with third-party technologies and legacy systems. Xen server and Kernel Virtual Machine (KVM) are the typical choices for hypervisor technology, along with Linux container technology such as Linux containers (LXC) and Hyper-V.

OpenStack utilizes two components for its storage management:

• Swift: It is used for object storage management. Swift is also known as OpenStack Object Storage. It is a redundant and scalable storage system. Files and objects are written to multiple disks across multiple servers in the data center. The OpenStack software is responsible for ensuring data integrity and replication across the cluster. By adding new servers, storage clusters simply scale horizontally. If a server or hard drive fails, OpenStack replicates its content to new locations in the cluster from other active nodes. Since OpenStack uses software algorithms to ensure data distribution and data replication across different devices, inexpensive commodity hard disks and servers can be used for storage management.

  Storage by Swift makes scaling much less buggy as more focus needs to be placed on the best approach to ensure data is backed up in the event of a crisis against capacity supported by a single system.

  Swift is currently being led by an object storage software company, SwiftStack, though contribution is also received from HP, Red Rat, IBM, and more. SwiftStack is currently working on a project called ProxyFS that will add distributed file services to OpenStack Swift. This will enable the support of the Server Message Block (SMB) and Network File System (NFS) protocols.
• Cinder: It provides persistent block-level storage devices for use with OpenStack Compute instances. It uses a SQL-based central database that is utilized by all Cinder services in the system. Cinder is also known as OpenStack Block Storage. The block storage system is responsible for managing the creation, attachment, and detachment of the block devices on the servers. Block storage is suitable for performance-sensitive scenarios such as expandable filesystems and database storage or for providing a server with access to raw block-level storage devices. Block storage volumes are fully integrated into nova (OpenStack Compute) and OpenStack's dashboard.

  This enables cloud users to easily manage their own storage requirements. Powerful functionality for backing up data stored on block storage volumes is provided by snapshot management. Snapshots can be used to create a new block storage volume or simply can be restored. It comprises various components:

  • DB: A SQL database for data storage that is used by all components
  • Web dashboard: This is an external component that communicates with the API
  • API: This is the component responsible for receiving HTTP requests, interpreting them to commands, and communicating with other components via the queue or HTTP
  • Auth manager: This is a Python class utilized for the users/projects and roles by most components
  • Scheduler: This allocates the volume that is assigned to each host
  • Volume: This manages the block devices attached dynamically
  • Backup: This is responsible for managing backup of block storage devices

Horizon is the OpenStack dashboard. It provides a GUI for users and administrators to provide, automate, and access cloud-based resources. It consists of three dashboards: user, system, and settings . Third-party products and services, such as monitoring, billing, and additional management tools, can be integrated into Horizon (OpenStack dashboard).

Using the native OpenStack API or the Amazon EC2 compatibility API, developers can automate, access, or build customized tools to manage their resources. OpenStack APIs are compatible with Amazon S3 and Amazon EC2. Therefore, client applications designed and developed for Amazon Web Services (AWS) can be used with OpenStack.

Keystone (the OpenStack Identity component) provides a central directory of users, which are mapped to their accessible OpenStack services. It functions as a common authentication system across the cloud operating system. It can also be integrated with existing backend directory services such as LDAP. Standard username and password credentials, token-based systems, and AWS logins are the many authentication mechanisms that are supported by Keystone.

Currently, it supports authN, which is token-based and user-service authorization. Support for proxying external services and authN/authZ mechanisms such as oAuth, SAML, and OpenID have been introduced in view of the future.

Keystone comprises major components listed as follows:

• User: These are basically digital representations of a person, system, or service that utilizes OpenStack cloud services.
• Tenant: This can be referred to as a group utilized for the isolation of resources and/or users. It is usually allocated to organizational units, projects, and customers.
• Role: This describes a group of certain user rights and privileges that have been assigned for undertaking certain operations. The user token issued by Keystone comprises all the user's roles.
• Credentials: This is a set of data, usually a username and password, username and API key, or authentication token that is known to a specific user to prove his or her identity.
• Authentication: This involves validating the credentials that were earlier supplied by the user.
• Token: This is an arbitrary bit of text to access resources across the platform. It is usually valid for a limited time span.
• Service: OpenStack services provided to one or more endpoints, allowing users to access resources and perform operations.
• Endpoint: A network-accessible address from which services are rendered, usually presented by a URL.

Glance (OpenStack Image service) provides discovery, registration, and delivery services for server images and disks. Stored server images can be used as a template. It can be also used to store and catalog an infinite number of backups. Glance can store disk and server images in a variety of backends, including Swift. A standard Representational State Transfer (REST) interface is provided by Glance for querying information about disk images and enables clients to stream the disk images to new servers.

Glance, when integrated with existing infrastructure, enhances their performance. Integration with VMware enables advanced performance such as VMotion, the live migration of virtual machines (VMs) from one physical server to another, high availability, and dynamic resource scheduling (DRS).

Neutron (formerly known as Quantum) is the networking component of OpenStack. It manages networks and IP addresses. Starting with the Folsom release, Neutron is a supported and core part of the OpenStack platform. Like other component of the cloud operating system, administrators and users can utilize Neutron to increase the utilization of existing resources in a data center. Neutron provides Networking as a Service (NaaS) between interface devices (for instance vNICs), which are managed by other OpenStack services.

OpenStack Neutron provides networking models for different user groups or applications. Standard models include VLANs or flat networks for separation of network traffic among different servers. Neutron also manages IP addresses, which can provide dedicated static IPs or DHCP-based IP addressing. Floating IP addressing allows packet traffic to be dynamically rerouted to any of the computing nodes, which facilitates traffic redirection during VM migration, maintenance, or failure handling.

The extensible architecture of Neutron paves the way for additional network services, such as firewalls, intrusion detection systems (IDS), VPN, and load balancing to be deployed and managed. The networking component of OpenStack provides OpenStack's users with an API to construct rich networking topologies and configure advanced network policies to construct a multi-tier web application topology.

The modular structure of Neutron facilitates the development of innovative plugins, which introduce advanced network capabilities (such as L2-in-L3 tunneling to bypass the VLAN 4k limitation, end-to-end Quality of Service (QoS) guarantees, and utilization of monitoring protocols such as NetFlow and OpenFlow plugins). Besides, developers can develop advanced network services that integrate into the OpenStack tenant network using plugins. For instance, data-center-interconnect-aaS, IDS-aaS, firewall-aaS, VPN-aaS, and load-balancing-aaS are a few typical advanced services to mention. Using Neutron, users can create their own networks, control traffic, and connect servers and devices to one or more networks, while administrators can take advantage of SDN technology (for instance OpenFlow) to provide high levels of multi-tenancy and scalability.

Nova is the brain of the IaaS; it manages and automates the pool of resources. Nova also integrates with bare metal (using ironic), virtualization technologies, and HPC. Nova is based in Python and also utilizes extra external libraries including Eventlet, Kombu, and SQLAlchemy. Nova is dependent on Keystone, Glance, and Neutron for optimum performance.

Ceilometer is a data collection service that facilitates the normalization and transformation of data across all the OpenStack core components. Its primary targets are monitoring and metering, but the framework is expandable to collect usage for other needs.