Book Image

Production Ready OpenStack - Recipes for Successful Environments

By : Arthur Berezin
Book Image

Production Ready OpenStack - Recipes for Successful Environments

By: Arthur Berezin

Overview of this book

OpenStack is the most popular open source cloud platform used by organizations building internal private clouds and by public cloud providers. OpenStack is designed in a fully distributed architecture to provide Infrastructure as a Service, allowing us to maintain a massively scalable cloud infrastructure. OpenStack is developed by a vibrant community of open source developers who come from the largest software companies in the world. The book provides a comprehensive and practical guide to the multiple uses cases and configurations that OpenStack supports. This book simplifies the learning process by guiding you through how to install OpenStack in a single controller configuration. The book goes deeper into deploying OpenStack in a highly available configuration. You'll then configure Keystone Identity Services using LDAP, Active Directory, or the MySQL identity provider and configure a caching layer and SSL. After that, you will configure storage back-end providers for Glance and Cinder, which will include Ceph, NFS, Swift, and local storage. Then you will configure the Neutron networking service with provider network VLANs, and tenant network VXLAN and GRE. Also, you will configure Nova's Hypervisor with KVM, and QEMU emulation, and you will configure Nova's scheduler filters and weights. Finally, you will configure Horizon to use Apache HTTPD and SSL, and you will customize the dashboard's appearance.
Table of Contents (16 chapters)
Production Ready OpenStack - Recipes for Successful Environments
About the Author
About the Reviewers


Keystone is an OpenStack project that provides Identity as a service to OpenStack services and components. Keystone is responsible for authenticating users and services, and authorizing access to OpenStack components.

Keystone also provides a service catalog that users and other services can query to discover the services OpenStack provides. For each service, Keystone Catalog returns an endpoint that is a network-accessible URL from where users and services can access a certain service.

Keystone, by default, runs under a built-in Eventlet Python service, but it can be configured to run under the Apache httpd service that provides better security and scalability.

Keystone services are as follows:

  • keystone-all service implements both the API and middleware that invokes Identity services from a backend Identity provider, which could be the native OpenStack database server, an LDAP server, or Microsoft Active Directory. Keystone service exposes endpoints of all services that are network...