Book Image

Mastering OpenStack - Second Edition

By : Omar Khedher, Chandan Dutta
Book Image

Mastering OpenStack - Second Edition

By: Omar Khedher, Chandan Dutta

Overview of this book

In this second edition, you will get to grips with the latest features of OpenStack. Starting with an overview of the OpenStack architecture, you'll see how to adopt the DevOps style of automation while deploying and operating in an OpenStack environment. We'll show you how to create your own OpenStack private cloud. Then you'll learn about various hypervisors and container technology supported by OpenStack. You'll get an understanding about the segregation of compute nodes based on reliability and availability needs. We'll cover various storage types in OpenStack and advanced networking aspects such as SDN and NFV. Next, you'll understand the OpenStack infrastructure from a cloud user point of view. Moving on, you'll develop troubleshooting skills, and get a comprehensive understanding of services such as high availability and failover in OpenStack. Finally, you will gain experience of running a centralized logging server and monitoring OpenStack services. The book will show you how to carry out performance tuning based on OpenStack service logs. You will be able to master OpenStack benchmarking and performance tuning. By the end of the book, you'll be ready to take steps to deploy and manage an OpenStack cloud with the latest open source technologies.
Table of Contents (13 chapters)

Inter-site connectivity with VPN service

As business grows, it might be necessary to expand the cloud environment to multiple data centers. Of course, the implementation of a VPN setup whether it is a simple SSL one or an IPSEC solution will provide a secure communication path for the tenant traffic across the Internet. OpenStack provides isolated networks and network access control to avoid traffic congestion and improve the security of the internal network of the OpenStack environment. The VPN as a Service (VPNaaS) function protects the integrity of data by using the tunneling and encryption to provide a secure connection between machines that are geographically located in different data centers.

The next figure depicts two different OpenStack data centers, and we intend to link their associated tenants. You may remember that a project in horizon presents a tenant description that includes its private networks...