joehuang wrote:
Cells is a good enhancement for Nova scalability, but there are some issues in
deployment Cells for massively distributed edge clouds:
1) using RPC for inter-data center communication will bring the difficulty in
inter-dc troubleshooting and maintenance, and some critical issue in operation.
No CLI or restful API or other tools to manage a child cell directly. If the
link between the API cell and child cells is broken, then the child cell in the
remote edge cloud is unmanageable, no matter locally or remotely.
2). The challenge in security management for inter-site RPC communication.
Please refer to the slides[1] for the challenge 3: Securing OpenStack over the
Internet, Over 500 pin holes had to be opened in the firewall to allow this to
work – Includes ports for VNC and SSH for CLIs. Using RPC in cells for edge
cloud will face same security challenges.
3)only nova supports cells. But not only Nova needs to support edge clouds,
Neutron, Cinder should be taken into account too. How about Neutron to support
service function chaining in edge clouds? Using RPC? how to address challenges
mentioned above? And Cinder?
4). Using RPC to do the production integration for hundreds of edge cloud is
quite challenge idea, it's basic requirements that these edge clouds may be
bought from multi-vendor, hardware/software or both.
That means using cells in production for massively distributed edge clouds is
quite bad idea. If Cells provide RESTful interface between API cell and child
cell, it's much more acceptable, but it's still not enough, similar in Cinder,
Neutron. Or just deploy lightweight OpenStack instance in each edge cloud, for
example, one rack. The question is how to manage the large number of OpenStack
instance and provision service.
[1]https://www.openstack.org/assets/presentation-media/OpenStack-2016-Austin-D-NFV-vM.pdf
Best Regards
Chaoyi Huang(joehuang)
Very interesting questions,
I'm starting to think that the API you want isn't really nova, neutron,
or cinder at this point though. At some point it feels like the efforts
you are spending in things like service chaining (there is a south park
episode I almost linked here, but decided I probably shouldn't) would
almost be better served by a top-level API that knows how to communicate
with the more isolated silos (edge clouds I guess u are calling them).
It just starts to feel that the architecture you want and the one I see
being built are seemingly quite different and I haven't seen it shift to
something different so maybe it's time to switch the problem on the head
and accept that a solution may/will have to figure out how to unify a
bunch of disjoint clouds (as best you can)?
I know I can say that such a thing I'd like as well, because though
godaddy doesn't have hundreds of edge clouds, it is approaching more
than a handful of disjoint clouds (across the world) and a way to join
them behind something that can unify them (across just nova) as much as
it can would be welcome.
-Josh
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev