Now that we’ve looked at a proposed conceptual architecture, let’s see how OpenStack Compute is logically architected. At the time of this writing, Cactus was the newest release (which means if you are viewing this after around July 2011, this may be out of date). There are several logical components of OpenStack Compute architecture but the majority of these components are custom written python daemons of two varieties:
WSGI applications to receive and mediate API calls (
nova-api,glance-api, etc.)Worker daemons to carry out orchestration tasks (
nova-compute,nova-network,nova-schedule, etc.)
However, there are two essential pieces of the logical architecture are neither custom written nor Python based: the messaging queue and the database. These two components facilitate the asynchronous orchestration of complex tasks through message passing and information sharing. Putting this all together we get a picture like this:
This complicated, but not overly informative, diagram as it can be summed up in three sentences:
End users (DevOps, Developers and even other OpenStack components) talk to
nova-apito interface with OpenStack ComputeOpenStack Compute daemons exchange info through the queue (actions) and database (information) to carry out API requests
OpenStack Glance is basically a completely separate infrastructure which OpenStack Compute interfaces through the Glance API
Now that we see the overview of the processes and their interactions, let’s take a closer look at each component.
The
nova-apidaemon is the heart of the OpenStack Compute. You may see it illustrated on many pictures of OpenStack Compute as API and “Cloud Controller”. While this is partly true, cloud controller is really just a class (specifically the CloudController in trunk/nova/api/ec2/cloud.py) within thenova-apidaemon. It provides an endpoint for all API queries (either OpenStack API or EC2 API), initiates most of the orchestration activities (such as running an instance) and also enforces some policy (mostly quota checks).The
nova-scheduleprocess is conceptually the simplest piece of code in OpenStack Compute: take a virtual machine instance request from the queue and determines where it should run (specifically, which compute server host it should run on). In practice however, I am sure this will grow to be the most complex as it needs to factor in current state of the entire cloud infrastructure and apply complicated algorithm to ensure efficient usage. To that end,nova-scheduleimplements a pluggable architecture that let’s you choose (or write) your own algorithm for scheduling. Currently, there are several to choose from (simple, chance, etc) and it is a area of hot development for the future releases of OpenStack Compute.The
nova-computeprocess is primarily a worker daemon that creates and terminates virtual machine instances. The process by which it does so is fairly complex (see this blog post by Laurence Luce for the gritty details) but the basics are simple: accept actions from the queue and then perform a series of system commands (like launching a KVM instance) to carry them out while updating state in the database.As you can gather by the name,
nova-volumemanages the creation, attaching and detaching of persistent volumes to compute instances (similar functionality to Amazon’s Elastic Block Storage). It can use volumes from a variety of providers such as iSCSI or AoE.The
nova-networkworker daemon is very similar tonova-computeandnova-volume. It accepts networking tasks from the queue and then performs tasks to manipulate the network (such as setting up bridging interfaces or changingiptablesrules).The queue provides a central hub for passing messages between daemons. This is currently implemented with RabbitMQ today, but theoretically could be any AMPQ message queue supported by the python ampqlib.
The SQL database stores most of the build-time and run-time state for a cloud infrastructure. This includes the instance types that are available for use, instances in use, networks available and projects. Theoretically, OpenStack Compute can support any database supported by SQL-Alchemy but the only databases currently being widely used are sqlite3 (only appropriate for test and development work), MySQL and PostgreSQL.
OpenStack Glance is a separate project from OpenStack Compute, but as shown above, complimentary. While it is an optional part of the overall compute architecture, I can’t imagine that most OpenStack Compute installations will not be using it (or a complimentary product). There are three pieces to Glance:
glance-api,glance-registryand the image store. As you can probably guess,glance-apiaccepts API calls, much likenova-api, and the actual image blobs are placed in the image store. Theglance-registrystores and retrieves metadata about images. The image store can be a number of different object stores, include OpenStack Object Storage (Swift).Finally, another optional project that we will need for our fictional service provider is an user dashboard. I have picked the OpenStack Dashboard here, but there are also several other web front ends available for OpenStack Compute. The OpenStack Dashboard provides a web interface into OpenStack Compute to give application developers and devops staff similar functionality to the API. It is currently implemented as a Django web application.
This logical architecture represents just one way to architect OpenStack Compute. With its pluggable architecture, we could easily swap out OpenStack Glance with another image service or use another dashboard. In the coming releases of OpenStack, expect to see more modularization of the code especially in the network and volume areas.
