Book Image

Extending OpenStack

By : Omar Khedher
Book Image

Extending OpenStack

By: Omar Khedher

Overview of this book

OpenStack is a very popular cloud computing platform that has enabled several organizations during the last few years to successfully implement their Infrastructure as a Service (IaaS) platforms. This book will guide you through new features of the latest OpenStack releases and how to bring them into production straightaway in an agile way. It starts by showing you how to expand your current OpenStack setup and how to approach your next OpenStack Data Center generation deployment. You will discover how to extend your storage and network capacity and also take advantage of containerization technology such as Docker and Kubernetes in OpenStack. Additionally, you'll explore the power of big data as a Service terminology implemented in OpenStack by integrating the Sahara project. This book will teach you how to build Hadoop clusters and launch jobs in a very simple way. Then you'll automate and deploy applications on top of OpenStack. You will discover how to write your own plugin in the Murano project. The final part of the book will go through best practices for security such as identity, access management, and authentication exposed by Keystone in OpenStack. By the end of this book, you will be ready to extend and customize your private cloud based on your requirements.
Table of Contents (12 chapters)

Recapping the Keystone blocks

Before diving into relooking the identity service in OpenStack, let's get to grips with the basic concepts of Keystone in a nutshell:

  • Project: In the OpenStack's early releases, the project concept was referred to as a tenant. A project in OpenStack is a container of a number of resources for specific users or groups that abstracts their isolation.
  • Domain: Another abstraction layer added to the identity service, a domain assembles projects, users, and groups in an OpenStack environment. The new domain structure enables the definition of organizational cloud setup by isolating projects and groups for each organization.
  • Role: A user in OpenStack can be a member of one or many projects. This can be achieved by defining a new role that can be assigned to the project(s) and the OpenStack user. In this way, roles in OpenStack determine the user...