CloudForms Architectural Overview-1

Published on May 2017 | Categories: Documents | Downloads: 46 | Comments: 0 | Views: 180
of 74
Download PDF   Embed   Report

Comments

Content


Red Hat CloudForms
Architectural Overview
Steve Reichard, RHCE
Principal Software Engineer
Vinn Valde!, RHCA
Principal Software Engineer
Version "#$
%a &$""
1801 Varsity Drive™
Raleigh NC 27606-2072 USA
Phone !1 "1" 7#$ %700
Phone 888 7%% $281
&a' !1 "1" 7#$ %701
P( )o' 1%#88
Resear*h +riangle Par, NC 2770" USA
UN-. is a registere/ tra/e0ar, o1 +he (2en 3ro425
-ntel an/ .eon are registere/ tra/e0ar,s o1 -ntel Cor2oration or its s46si/iaries in the Unite/ States
an/ other *o4ntries5
All other tra/e0ar,s re1eren*e/ herein are the 2ro2erty o1 their res2e*tive o7ners5
8 2011 6y Re/ 9at: -n*5 +his 0aterial 0ay 6e /istri64te/ only s46;e*t to the ter0s an/ *on/itions set
1orth in the (2en P46li*ation <i*ense: V150 or later =the latest version is 2resently availa6le at
htt2>>7775o2en*ontent5org>o2en246>?5
+he in1or0ation *ontaine/ herein is s46;e*t to *hange 7itho4t noti*e5 Re/ 9at: -n*5 shall not 6e lia6le
1or te*hni*al or e/itorial errors or o0issions *ontaine/ herein5
Distri64tion o1 0o/i1ie/ versions o1 this /o*40ent is 2rohi6ite/ 7itho4t the e'2li*it 2er0ission o1 Re/
9at -n*5
Distri64tion o1 this 7or, or /erivative o1 this 7or, in any stan/ar/ =2a2er? 6oo, 1or0 1or *o00er*ial
24r2oses is 2rohi6ite/ 4nless 2rior 2er0ission is o6taine/ 1ro0 Re/ 9at -n*5
+he 3P3 1inger2rint o1 the se*4rity@re/hat5*o0 ,ey is
CA 20 86 86 2) D6 "D &C 6# &6 AC C$ 21 "1 80 CD D) $2 A6 0A
Sen/ 1ee/6a*, to 4s at re1ar*h-1ee/6a*,@re/hat5*o0
refarch'feed(ac)*redhat#com " www#redhat#com
Table of Contents
1 A'e*4tive S400ary5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555%
2 Re/ 9at Clo4/ Strategy5555555555555555555555555555555555555555555555555555555555555555555555555555555555555$
251 Clo4/&or0s Clo4/ Angine5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555556
252 Clo4/&or0s A22li*ation Angine55555555555555555555555555555555555555555555555555555555555555555555555555555555555555556
25% Clo4/&or0s Syste0 Angine5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555557
25$ Clo4/&or0s Clo4/ Servi*es55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555557
% Re/ 9at Clo4/ Sol4tion Ar*hite*t4re555555555555555555555555555555555555555555555555555555555555555558
%51 +he Clo4/ as vie7e/ 6y N-S+55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555558
%52 Re/ 9at Clo4/&or0s an/ the N-S+ 0o/el5555555555555555555555555555555555555555555555555555555555555555555551$
%5% 9igh <evel &4n*tional Areas55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555551"
$ Re/ 9at Clo4/&or0s Co02onents55555555555555555555555555555555555555555555555555555555555555555527
$51 Clo4/ -nter1a*e555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555528
$52 Content Provision Banage0ent55555555555555555555555555555555555555555555555555555555555555555555555555555555555555%1
$5% A22li*ation Des*ri2tion 3eneration555555555555555555555555555555555555555555555555555555555555555555555555555555555%2
$5$ -0age <i1e*y*le Banage0ent55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555%$
$5# A22li*ation <i1e*y*le Banage0ent5555555555555555555555555555555555555555555555555555555555555555555555555555555555%"
$56 Clo4/ Servi*es5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555$1
# 9igh <evel Ar*hite*t4ral A'a02le55555555555555555555555555555555555555555555555555555555555555555555$8
#51 (vervie755555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555$"
#52 De1ining A22li*ation De2loy0ent555555555555555555555555555555555555555555555555555555555555555555555555555555555555#1
6 Detaile/ Ar*hite*t4ral Cor,1lo7s555555555555555555555555555555555555555555555555555555555555555555555#$
651 &4n*tionality Ba22ing55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555##
652 Ass402tions55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555#6
65% De1ine555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555#7
65$ De2loy5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555561
65# Banage555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555566
7 Ar*hite*t4ral (2erational &le'i6ility5555555555555555555555555555555555555555555555555555555555555555556"
751 Se*4rity: B4lti-tenan*y: Servi*e Pro'y55555555555555555555555555555555555555555555555555555555555555555555555555556"
752 Alternative De2loy0ents55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555556"
8 Con*l4sion555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555570
A22en/i' A Contri64tors555555555555555555555555555555555555555555555555555555555555555555555555555555555555572
A22en/i' ) Re1eren*es555555555555555555555555555555555555555555555555555555555555555555555555555555555555557%
www#redhat#com & refarch'feed(ac)*redhat#com
" E+ecutive Summar
Clo4/ *o024ting is D4i*,ly 6e*o0ing the 2lat1or0 o1 *hoi*e 1or 4sers an/ 64sinesses that
7ant to re/4*e o2erating e'2enses an/ 6e a6le to s*ale reso4r*es ra2i/ly5 Aase/ a4to0ation:
1le'i6ility: 0o6ility: resilien*y: an/ re/4n/an*y are several other a/vantages o1 0oving
reso4r*es to the *lo4/5
Aven tho4gh *lo4/ *o024ting is in the early stages: there are /i11erent ty2es o1 *lo4/ sol4tions
availa6le to 64sinesses to/ay5 (n-2re0ise 2rivate *lo4/s allo7 64sinesses to ta,e a/vantage
o1 *lo4/ te*hnologies 7hile re0aining on a 2rivate net7or,5 P46li* *lo4/s allo7 64sinesses to
0a,e reso4r*es availa6le to e'ternal *ons40ers5 9y6ri/ *lo4/s allo7 the 6est o1 6oth 246li*
an/ 2rivate *lo4/ *o024ting 0o/els5
-n this 2a2er the *on*e2ts that *o02rise an -n1rastr4*t4re as a Servi*e =-aaS? Clo4/ are
/is*4sse/ 1irst at a high-level *on*e2t4al vie7: then 6ro,en /o7n into a*t4al 2ro/4*ts: an
e'a02le a22li*ation /e2loye/ an/ ea*h ste2 o1 this 4se *ase 6ro,en /o7n5 +he rea/er
*on*l4/es 7ith *o02lete ,no7le/ge o1 a Re/ 9at Clo4/&or0s: ho7 to /e2loy a22li*ations:
an/ ho7 Re/ 9at is 4niD4ely 2ositione/ to 6e the a4thoritative inter1a*e o1 all Private: 9y6ri/:
Co004nity: an/ P46li* Clo4/s5
refarch'feed(ac)*redhat#com , www#redhat#com
& Red Hat Cloud Strateg
Re/ 9atEs *lo4/ vision is 4nli,e that o1 any other -+ ven/or5 Ce re*ogniFe that yo4r -+
in1rastr4*t4re is - an/ 7ill *ontin4e to 6e - *o02ose/ o1 2ie*es 1ro0 0any /i11erent har/7are
an/ so1t7are ven/ors5 Ce let yo4 4se an/ 0anage these /iverse assets as one *lo4/:
ena6ling *lo4/ to 6e an evol4tion: not a revol4tion or a 0onolithi* sta*, lo*,e/ to the
te*hnology roa/0a2 an/ 64siness 2ra*ti*es o1 a single ven/or5
Chen yo4 *hoose Re/ 9at 1or yo4r *lo4/: yo4 get
• +he 0ost *o02rehensive sol4tions 1or *lo4/s - 6oth 2rivate an/ 246li*5
• Consistent enter2rise-*lass environ0ents that 6ri/ge the 2hysi*al an/ virt4al 7orl/:
insi/e the /ata *enter an/ 246li* *lo4/s5
• Strategi* 1le'i6ility 7itho4t lo*,-in5
• )etter in1rastr4*t4re: /esigne/ s2e*i1i*ally 1or 04lti-tenant *lo4/s5
• -n/4stry-lea/ing e*osyste0 that 0a,es *lo4/ 4sa6le: a**essi6le: an/ sa1e5
-n a 0ar,et 14ll o1 hy2e: Re/ 9at 0a,es the *lo4/ real an/ *o02elling5 +o/ay5
-n1rastr4*t4re-as-a-Servi*e =-aaS? is a6o4t /elivering in1rastr4*t4reG7hi*h is to say reso4r*es
li,e *o024te: storage: an/ net7or,ing - to 4sers5 Bany organiFations are getting into *lo4/
*o024ting 6y 64il/ing an on-2re0ise -aaS *lo4/5 +hey 0ay 7ant to ,ee2 the o2tion to 6ri/ge
1ro0 2rivate to 246li* *lo4/s: a5,5a5 hy6ri/ *lo4/s: o2en5 )4t they are o1ten *on*erne/ a6o4t
4sing 246li* *lo4/s 1or i02ortant 64siness a22li*ations: 7hether 6e*a4se o1 s2e*i1i* reg4latory
or a4/it iss4es or ;4st 6e*a4se they are 7ary o1 a//ing a ne7 ele0ent o1 2otential ris, to their
-+ governan*e5
+he -aaS ter0 is 7i/ely 4se/5 Dig /ee2er tho4gh: an/ yo4 1in/ that not all -aaS sol4tions are
*reate/ eD4al5 &or e'a02le: the ty2i*al -aaS 0anages the *lo4/ 64t /oes not 0anage the li1e-
*y*le o1 a22li*ations r4nning in the *lo4/ - even tho4gh the *lo4/ sho4l/ 6e in s422ort o1 the
a22li*ation an/ not the other 7ay aro4n/5
&4rther0ore: this ty2i*al -aaS 0a,es the naive ass402tion that organiFations are loo,ing to
start over 7ith a 6ran/ ne7 in1rastr4*t4re as they 0ove into *lo4/ *o024ting5 Nothing *o4l/ 6e
14rther 1ro0 the tr4th5 (rganiFations 7ant to ;oin the *lo4/ *o024ting revol4tion: 64t they 7ant
to /o it in an evol4tionary 7ay that leverages an/ e'ten/s their e'isting in1rastr4*t4re an/
0aintains 2orta6ility a*ross /i11erent te*hnology sta*,s an/ 2rovi/ers5
Re/ 9at Clo4/&or0s is /i11erent5 <i,e others: it allo7s organiFations to 64il/ an/ 0anage their
o7n -aaS *lo4/ 1or internal *ons402tion5 )4t it /oes 1ar 0ore5 -t integrates 7ith e'isting
2ro/4*ts an/ te*hnologies: in*l4/ing 2hysi*al servers an/ virt4aliFation 2lat1or0s 1ro0 other
ven/ors: to 2rovi/e the easiest on-ra02 to an on-2re0ise *lo4/5 -t 0anages a22li*ations
thro4gho4t their li1e-*y*le rather than ;4st the virt4al 0a*hine *ontainers in 7hi*h they sit5
-n short: Re/ 9at Clo4/&or0s is -n1rastr4*t4re-as-a-Servi*e /one right5
www#redhat#com - refarch'feed(ac)*redhat#com
Previo4sly: Re/ 9at has sho7n that Re/ 9at Clo4/ &o4n/ations 2rovi/e/ the ne*essary
te*hnologies nee/e/ 1or the *lo4/ in1rastr4*t4re5 Clo4/&or0s is the ne't generation o1
te*hnologies 7hi*h 64il/s 42on Re/ 9at Clo4/ &o4n/ations to 2rovi/e a *o02lete -aaS *lo4/
sol4tion5
Clo4/&or0s 2rovi/es the -aaS in1rastr4*t4re thro4gh
• A22li*ation <i1e*y*le Banage0ent
• Co024te Reso4r*e Banage0ent
• -n1rastr4*t4re Servi*es
refarch'feed(ac)*redhat#com . www#redhat#com
Illustration 2-1: Red Hat CloudForms
Clo4/&or0s is /elivering te*hnologies in the 1ollo7ing areas
• Clo4/&or0s Clo4/ Angine
• Clo4/&or0s A22li*ation Angine
• Clo4/&or0s Syste0 Angine
• Clo4/&or0s Clo4/ Servi*es
2.1 CloudForms Cloud Engine
Clo4/&or0s Clo4/ Angine is res2onsi6le 1or all *lo4/ reso4r*e 0anage0ent5 -t ena6les
*reating *lo4/ reso4r*es: 0anaging 2oli*ies an/ 7or,-1lo7s aro4n/ those reso4r*es: an/
governing a**ess an/ 2er0issions 1or the reso4r*es5 H4otas: D4ality-o1-servi*e: an/ se*4rity
2oli*ies are also 4n/er a/0inistrator *ontrol5 An/-4sers *an then 2rovision reso4r*es thro4gh
a sel1-servi*e 7e6 inter1a*e s46;e*t to 2oli*y *onstraints5
+he Clo4/&or0s Clo4/ Angine 2rovi/es 14n*tionality in the 1ollo7ing areas
• Clo4/ -nter1a*e
• A22li*ation <i1e*y*le Banage0ent
2.2 CloudForms Application Engine
+he Clo4/&or0s A22li*ation Angine 2rovi/es te02late-6ase/ 0anage0ent o1 a22li*ations5
(ne or 0ore te02lates *an then 6e aggregate/ or asso*iate/ an/ given the o2erational
2ara0eters an/ *on1ig4rations nee/e/ to 6oot: initialiFe: an/ 2rovi/e the /e1ine/ servi*es5
A22li*ation Angine there1ore e'2li*itly han/les a22li*ations that s2an 04lti2le virt4al 0a*hines:
a *o00on o**4rren*e5
+he Clo4/&or0s A22li*ation Angine 2rovi/es 14n*tionality in the 1ollo7ing areas
• A22li*ation Des*ri2tion 3eneration
• -0age <i1e*y*le Banage0ent
www#redhat#com / refarch'feed(ac)*redhat#com
2.3 CloudForms System Engine
Clo4/&or0s Syste0 Angine o2erationally 0anages r4nning syste0s a*ross 2hysi*al: virt4al:
an/ *lo4/ environ0ents5 -t 2rovi/es *ontin4o4s *o02lian*e o1 *ontent an/ *on1ig4rations =as
7ell as Re/ 9at entitle0ents? *onsistent 7ith the /e1initions 4se/ 6y A22li*ation Angine5 -t
64il/s on to2 o1 A22li*ation AngineIs 14n*tionality 6y 0onitoring an/ 42/ating 7hile syste0s
are r4nning on an ongoing 6asis5 Syste0 Angine also 7or,s in *on*ert 7ith A22li*ation Angine
6y s422lying *ontent that it *an 4se to 64il/ i0ages an/ /e2loy5
+he Clo4/&or0s Syste0 Angine 2rovi/es 14n*tionality in the area o1 Content Provision
Banage0ent5
2.4 CloudForms Cloud Services
Clo4/&or0s Clo4/ Servi*es 2rovi/e the *onsistent 14n*tionality a*ross varie/ *lo4/
environ0ents 1or a 7i/e variety o1 servi*e s4*h as storage: availa6ility: et*55
refarch'feed(ac)*redhat#com 0 www#redhat#com
, Red Hat Cloud Solution Architecture
-n this se*tion the *lo4/ /e1initions as *4rrently /e1ine/ 6y N-S+ are 2rovi/e/: the 0a22ing o1
Re/ 9at Clo4/&or0s to the /e1initions are 2ro2ose/: an/ a high level loo, that the Re/ 9at
Clo4/&or0s Sol4tion Ar*hite*t4re is /es*ri6e/5
3.1 The Cloud as viewed y !"ST
N-S+
1
=National -nstit4te o1 Stan/ar/s an/ +e*hnology? has 2ro/4*e/ several /o*40ents that
s422ly /e1initions an/ 2rovi/e *o00on ter0inology 1or the *lo4/ 2ara/ig0 that are reiterate/
in the re0ain/er o1 this se*tion5
• N-S+ De1inition o1 Clo4/ Co024ting
2
• N-S+ Clo4/ Co024ting Re1eren*e Ar*hite*t4re: v150
%
,#"#" 1efinition of Cloud Computing
Clo4/ *o024ting is a 0o/el 1or ena6ling *onvenient: on-/e0an/ net7or, a**ess to a share/
2ool o1 *on1ig4ra6le *o024ting reso4r*es =e5g5: net7or,s: servers: storage: a22li*ations: an/
servi*es? that *an 6e ra2i/ly 2rovisione/ an/ release/ 7ith 0ini0al 0anage0ent e11ort or
servi*e 2rovi/er intera*tion5 +his *lo4/ 0o/el 2ro0otes availa6ility an/ is *o02ose/ o1 1ive
essential *hara*teristi*s: three servi*e 0o/els: an/ 1o4r /e2loy0ent 0o/els5
,#"#& Essential Characteristics
On'demand self'service2
A *ons40er *an 4nilaterally 2rovision *o024ting *a2a6ilities: s4*h as server ti0e an/
net7or, storage: as nee/e/ a4to0ati*ally 7itho4t reD4iring h40an intera*tion 7ith ea*h
servi*eIs 2rovi/er5 )roa/ net7or, a**ess *a2a6ilities are availa6le over the net7or, an/
a**esse/ thro4gh stan/ar/ 0e*hanis0s that 2ro0ote 4se 6y heterogeneo4s thin or thi*,
*lient 2lat1or0s =e5g5: 0o6ile 2hones: la2to2s: an/ PDAs?5
Resource pooling2
+he 2rovi/erIs *o024ting reso4r*es are 2oole/ to serve 04lti2le *ons40ers 4sing a 04lti-
tenant 0o/el: 7ith /i11erent 2hysi*al an/ virt4al reso4r*es /yna0i*ally assigne/ an/
reassigne/ a**or/ing to *ons40er /e0an/5 +here is a sense o1 lo*ation in/e2en/en*e in
that the *4sto0er generally has no *ontrol or ,no7le/ge over the e'a*t lo*ation o1 the
2rovi/e/ reso4r*es 64t 0ay 6e a6le to s2e*i1y lo*ation at a higher level o1 a6stra*tion =e5g5:
*o4ntry: state: or /ata *enter?5 A'a02les o1 reso4r*es in*l4/e storage: 2ro*essing: 0e0ory:
net7or, 6an/7i/th: an/ virt4al 0a*hines5
www#redhat#com 3 refarch'feed(ac)*redhat#com
Rapid elasticit2
Ca2a6ilities *an 6e ra2i/ly an/ elasti*ally 2rovisione/: in so0e *ases a4to0ati*ally: to
D4i*,ly s*ale o4t an/ ra2i/ly release/ to D4i*,ly s*ale in5 +o the *ons40er: the *a2a6ilities
availa6le 1or 2rovisioning o1ten a22ear to 6e 4nli0ite/ an/ *an 6e 24r*hase/ in any D4antity
at any ti0e5
%easured Service2
Clo4/ syste0s a4to0ati*ally *ontrol an/ o2ti0iFe reso4r*e 4se 6y leveraging a 0etering
*a2a6ility at so0e level o1 a6stra*tion a22ro2riate to the ty2e o1 servi*e =e5g5: storage:
2ro*essing: 6an/7i/th: an/ a*tive 4ser a**o4nts?5 Reso4r*e 4sage *an 6e 0onitore/:
*ontrolle/: an/ re2orte/ 2rovi/ing trans2aren*y 1or 6oth the 2rovi/er an/ *ons40er o1 the
4tiliFe/ servi*e5
,#"#, Service %odels
Cloud 4nfrastructure as a Service 54aaS6
+he *a2a6ility 2rovi/e/ to the *ons40er is to 2rovision 2ro*essing: storage: net7or,s: an/
other 14n/a0ental *o024ting reso4r*es 7here the *ons40er is a6le to /e2loy an/ r4n
ar6itrary so1t7are: 7hi*h *an in*l4/e o2erating syste0s an/ a22li*ations5 +he *ons40er
/oes not 0anage or *ontrol the 4n/erlying *lo4/ in1rastr4*t4re 64t has *ontrol over
o2erating syste0s: storage: /e2loye/ a22li*ations: an/ 2ossi6ly li0ite/ *ontrol o1 sele*t
net7or,ing *o02onents =e5g5: host 1ire7alls?5
Cloud Platform as a Service 5PaaS6
+he *a2a6ility 2rovi/e/ to the *ons40er is to /e2loy onto the *lo4/ in1rastr4*t4re *ons40er-
*reate/ or a*D4ire/ a22li*ations *reate/ 4sing 2rogra00ing lang4ages an/ tools s422orte/
6y the 2rovi/er5 +he *ons40er /oes not 0anage or *ontrol the 4n/erlying *lo4/
in1rastr4*t4re in*l4/ing net7or,: servers: o2erating syste0s: or storage: 64t has *ontrol over
the /e2loye/ a22li*ations an/ 2ossi6ly a22li*ation hosting environ0ent *on1ig4rations5
Cloud Software as a Service 5SaaS6
+he *a2a6ility 2rovi/e/ to the *ons40er is to 4se the 2rovi/erIs a22li*ations r4nning on a
*lo4/ in1rastr4*t4re5 +he a22li*ations are a**essi6le 1ro0 vario4s *lient /evi*es thro4gh a
thin *lient inter1a*e s4*h as a 7e6 6ro7ser =e5g5: 7e6-6ase/ e0ail?5 +he *ons40er /oes not
0anage or *ontrol the 4n/erlying *lo4/ in1rastr4*t4re in*l4/ing net7or,: servers: o2erating
syste0s: storage: or even in/ivi/4al a22li*ation *a2a6ilities: 7ith the 2ossi6le e'*e2tion o1
li0ite/ 4ser-s2e*i1i* a22li*ation *on1ig4ration settings5
refarch'feed(ac)*redhat#com 7 www#redhat#com
,#"#- 1eploment %odels
Private cloud2
+he *lo4/ in1rastr4*t4re is o2erate/ solely 1or an organiFation5 -t 0ay 6e 0anage/ 6y the
organiFation or a thir/ 2arty an/ 0ay e'ist on 2re0ise or o11 2re0ise5
Communit cloud2
+he *lo4/ in1rastr4*t4re is share/ 6y several organiFations an/ s422orts a s2e*i1i*
*o004nity that has share/ *on*erns =e5g5: 0ission: se*4rity reD4ire0ents: 2oli*y: an/
*o02lian*e *onsi/erations?5 -t 0ay 6e 0anage/ 6y the organiFations or a thir/ 2arty an/
0ay e'ist on 2re0ise or o11 2re0ise5
Pu(lic cloud2
+he *lo4/ in1rastr4*t4re is 0a/e availa6le to the general 246li* or a large in/4stry gro42
an/ is o7ne/ 6y an organiFation selling *lo4/ servi*es5
H(rid cloud2
+he *lo4/ in1rastr4*t4re is a *o02osition o1 t7o or 0ore *lo4/s =2rivate: *o004nity: or
246li*? that re0ain 4niD4e entities 64t are 6o4n/ together 6y stan/ar/iFe/ or 2ro2rietary
te*hnology that ena6les /ata an/ a22li*ation 2orta6ility =e5g5: *lo4/ 64rsting 1or loa/-
6alan*ing 6et7een *lo4/s?5
,#"#. Cloud Actors
+he 1ollo7ing are so0e o1 the Clo4/ A*tors 1ro0 the N-S+ Clo4/ Bo/el5
Cloud Consumer
Person or organiFation that 0aintains a 64siness relationshi2 7ith: an/ 4ses servi*e 1ro0:
Clo4/ Provi/ers5
Clo4/ *ons40ers are *ategoriFe/ into three gro42s: 6ase/ on their /i11erent
a22li*ation>4sage s*enarios as liste/ in 8a(le ,'"2 Cloud Consumer Activities5
Consumer 8pe %a9or Activities
-aaS
Creates>installs: 0anages an/ 0onitors servi*es 1or -+
in1rastr4*t4re o2erations5
PaaS
Develo2s: tests: /e2loys an/ 0anages a22li*ations in a
*lo4/ environ0ent5
SaaS Uses a22li*ation>servi*e 1or 64siness 2ro*ess o2erations
Table 3-1: Cloud Consumer Activities
www#redhat#com "$ refarch'feed(ac)*redhat#com
Cloud Provider
Person: organiFation or entity res2onsi6le 1or 0a,ing a servi*e availa6le to Clo4/
Cons40ers5
+he 2rovi/ers 2er1or0 /i11erent tas,s 1or /i11erent servi*e ty2es: 7hi*h are liste/ in
8a(le ,'&2 Cloud Provider Activities5
Provider 8pe %a9or Activities
-aaS
Provisions an/ 0anages the 2hysi*al 2ro*essing: storage:
net7or,ing an/ the hosting environ0ent an/ *lo4/
in1rastr4*t4re 1or -aaS *ons40ers5
PaaS
Provisions an/ 0anages *lo4/ in1rastr4*t4re an/
0i//le7are 1or the 2lat1or0 *ons40ersJ 2rovi/es
/evelo20ent: /e2loy0ent an/ a/0inistration tools to
2lat1or0 *ons40ers5
SaaS
-nstalls: 0anages: 0aintains an/ s422orts the so1t7are
a22li*ation on a *lo4/ in1rastr4*t4re5
Table 3-2: Cloud Provider Activities
+he a*tivities o1 *lo4/ 2rovi/ers *an 6e gro42e/ into the 1ollo7ing 2ers2e*tives Servi*e
De2loy0ent: Servi*e (r*hestration: Clo4/ Servi*e Banage0ent: Se*4rity: an/ Priva*y5
Servi*e De2loy0ent re1ers to the *lo4/ in1rastr4*t4re o2eration as relate/ to the
/e2loy0ent 0o/els Private *lo4/: Co004nity *lo4/: P46li* *lo4/: 9y6ri/ *lo4/5
Servi*e (r*hestration re1ers to the arrange0ent: *oor/ination an/ 0anage0ent
o1 *lo4/ in1rastr4*t4re to 2rovi/e /i11erent *lo4/ servi*es to 0eet -+ an/ 64siness
reD4ire0ents5 +he three *on*e2t4al layers o1 a generaliFe/ *lo4/ environ0ent
Servi*e <ayer: Reso4r*e A6stra*tion an/ Control <ayer: an/ Physi*al Reso4r*e
<ayer5
refarch'feed(ac)*redhat#com "" www#redhat#com
As /e2i*te/ in the 1ollo7ing ill4stration: Clo4/ Servi*e Banage0ent in*l4/es all
the servi*e-relate/ 14n*tions that are ne*essary 1or the 0anage0ent an/
o2erations o1 those servi*es reD4ire/ 6y or 2ro2ose/ to Clo4/ Cons40ers5 A
*lo4/ 2rovi/er 2er1or0s the 1ollo7ing 14n*tions to s422ort *lo4/ servi*e
0anage0ent )4siness S422ort: Provisioning>Con1ig4ration: an/
Porta6ility>-ntero2era6ility5
+he 1ollo7ing as2e*ts o1 Se*4rity 04st 6e 0anage/ in the *lo4/ A4thenti*ation
an/ A4thoriFation: Availa6ility: Con1i/entiality: -/entity Banage0ent: -ntegrity:
Se*4rity Bonitoring K -n*i/ent Res2onse: an/ Se*4rity Poli*y Banage0ent5
+he goal o1 Priva*y in the *lo4/ is to 2rote*t the ass4re/: 2ro2er: an/ *onsistent
*olle*tion: 2ro*essing: *o004ni*ation: 4se an/ /is2osition o1 2ersonal
in1or0ation =P-? an/ 2ersonally i/enti1ia6le in1or0ation =P--? in the *lo4/5
www#redhat#com "& refarch'feed(ac)*redhat#com
Illustration 3-1: Cloud Providers – Cloud Service ana!ement
Cloud :ro)er
An entity that 0anages the 4se: 2er1or0an*e an/ /elivery o1 *lo4/ servi*es: an/ negotiates
relationshi2s 6et7een Clo4/ Provi/ers an/ Clo4/ Cons40ers5
+hree 0a;or servi*es 2rovi/e/ 6y Clo4/ )ro,ers
Service 4ntermediation2
A *lo4/ 6ro,er enhan*es a given servi*e 6y i02roving so0e s2e*i1i* *a2a6ility
an/ 2rovi/es the val4e-a//e/ servi*e to Clo4/ Cons40ers5
Service Aggregation2
A *lo4/ 6ro,er *o06ines an/ integrates 04lti2le servi*es into one or 0ore ne7
servi*es5 +he 6ro,er 7ill 2rovi/e /ata integration an/ ens4re the se*4re /ata
0ove0ent 6et7een Clo4/ Cons40er an/ 04lti2le *lo4/ 2rovi/ers5
Service Ar(itrage2
Servi*e Ar6itrage is si0ilar to servi*e aggregation: 7ith the /i11eren*e in that the
servi*es 6eing aggregate/ are not 1i'e/5 Servi*e ar6itrage allo7s 1le'i6le an/
o22ort4nisti* *hoi*es 1or the 6ro,er5 &or e'a02le: the *lo4/ 6ro,er *an 4se a
*re/it-s*oring servi*e an/ sele*t the 6est s*ore 1ro0 04lti2le s*oring agen*ies5
refarch'feed(ac)*redhat#com ", www#redhat#com
3.2 #ed $at CloudForms and the !"ST model
Re/ 9at Clo4/&or0s /oes not 1it as a single a*tor in the N-S+ 0o/el5 )y itsel1: Re/ 9at
Clo4/&or0s is not a N-S+ /e1ine/ Clo4/ Provi/er5 Chere a N-S+ /e1ine/ Clo4/ Provi/er
2rovi/es the 4n/erlying hosting environ0ent s4*h as virt4al 0a*hines: Re/ 9at Clo4/&or0s
/oes not5 Rather: it e'ten/s the Clo4/ Provi/erEs Clo4/ Servi*e Banage0ent s422ort an/
1a*ilitates Servi*e De2loy0ent an/ Servi*e (r*hestration5 +he ill4stration 6elo7 sho7s the
stan/ar/ N-S+ Clo4/ Provi/er 7itho4t Re/ 9at Clo4/&or0s5
www#redhat#com "- refarch'feed(ac)*redhat#com
Illustration 3-2: "IST Cloud Provider
Re/ 9at Clo4/&or0s also 2rovi/es 04*h 0ore 14n*tionality than a N-S+ /e1ine/ Clo4/ )ro,er5
A Clo4/ )ro,er 0erely re/ire*ts the Clo4/ Cons40er to e'isting *lo4/ 2rovi/ers as 2i*t4re/
here5
refarch'feed(ac)*redhat#com ". www#redhat#com
Illustration 3-3: "IST Cloud #ro$er
Re/ 9at Clo4/&or0s: ho7ever: e'ten/s a Re/ 9at Certi1ie/ Clo4/ Provi/erEs 1eat4res:
es2e*ially those relate/ to Clo4/ Servi*e Banage0ent5 -n 2arti*4lar:the
2orta6ility>intero2era6ility 14n*tionality is in*rease/ 7ith the 1eat4res that are inherent in Re/
9at Clo4/&or0s: an/ 14rther 1a*ilitate all reD4ests 1ro0 the Clo4/ Cons40ers5 (ther areas
0ay also see in*rease/ 14n*tionality an/ 6ene1it 1ro0 Re/ 9at Clo4/&or0sEs a6stra*tion 6eing
a6le to 2rovi/e a single 04lti24r2ose inter1a*e5 +he 1ollo7ing ill4stration re2resents Re/ 9at
Clo4/&or0s e'ten/ing a Clo4/ Provi/erEs 14n*tionality5
www#redhat#com "/ refarch'feed(ac)*redhat#com
Illustration 3-%: Red Hat CloudForms &'tends Certi(ied Clouds
Chen *o06ine/ 7ith a virt4aliFation environ0ent: gri/ /e2loy0ent: or 6are-0etal 1ar0:
0issing essential *lo4/ *hara*teristi*s are 2rovi/e/ 6y Re/ 9at Clo4/&or0s5 +he hoste/
environ0ent is trans1or0e/ into a 14n*tional *lo4/ 2rovi/er 6y the sharing o1 the Clo4/ Servi*e
Banage0ent 14n*tionality 6et7een the hosting environ0ent an/ Re/ 9at Clo4/&or0s: as
2ortraye/ 6elo7#
refarch'feed(ac)*redhat#com "0 www#redhat#com
Illustration 3-): Red Hat CloudForms * Hosted &nvironment Cloud
Re/ 9at Clo4/&or0s a6stra*tion *a2a6ilities allo7 it to 2er1or0 0ore than the 14n*tionality o1 a
Servi*e Aggregation )ro,er: 6y 2rovi/ing *onsistent 1eat4res: *ontent: an/ servi*es a*ross
s422orte/ environ0ents5 +he a6ility to *ontrol /e2loy0ents into any *erti1ie/ *lo4/ 2rovi/er
res4lts in *onsistent *ross-*lo4/ vie7s o1 *ontent5 +he ne't ill4stration /is2lays ho7 Re/ 9at
Clo4/&or0s 0a,es this 2ossi6le5
www#redhat#com "3 refarch'feed(ac)*redhat#com
Illustration 3-+: Red Hat CloudForms Provides ulti-Cloud
Intero,erabilit-
3.3 $igh %evel Functional Areas
+he high level 14n*tional areas o1 Re/ 9at Clo4/&or0s are
• Clo4/ -nter1a*e
• Content Provision Banage0ent
• A22li*ation Des*ri2tion 3eneration
• -0age <i1e*y*le Banage0ent
• A22li*ation <i1e*y*le Banage0ent
• Clo4/ Servi*es =o2tional?
+he Cloud Interface 2rovi/es the Clo4/ Cons40er a *entral 2oint o1 intera*tion 1or /e1ining:
/e2loying: re2orting: an/ 0anaging n40ero4s *lo4/ a22li*ations on 2otentially 0any 246li*
an/ 2rivate *lo4/ 2rovi/ers5 +he *lo4/ inter1a*e is 04lti-tenant an/ 2rovi/es 04lti2le level
a/0inistration *a2a6ilities5
Content Provision Management s422lies *ontent =as 7ell as Re/ 9at entitle0ents? to other
14n*tional areas an/ 2rovi/es *on1ig4ration *o02lian*e an/ so1t7are 0o/i1i*ations 1or r4nning
instan*es5
refarch'feed(ac)*redhat#com "7 www#redhat#com
Illustration 3-.: Functional /vervie0
Application Description Generation allo7s the Clo4/ Cons40er to /e1ine their entire
a22li*ation /e2loy0ent: 7hi*h is store/ in .B< 1or0at5 +his .B< is 4se/ to 64il/ an/ *on1ig4re
the a22li*ation in vario4s *lo4/ 2rovi/er environ0ents5
Image Lifecycle Management *ontrols the *reation an/ 0anage0ent o1 the i0ages 4se/ in
/e2loying the Clo4/ Cons40erEs a22li*ation5 Image Lifecycle Management 4ses the .B<
/e1initions to *reate the i0ages reD4ire/ an/ 2ro2agate *reate i0ages to the vario4s targete/
Clo4/ Provi/ers5
Application Lifecycle Management is 4se/ to *ontrol an/ 0onitor the state o1 Clo4/ Cons40er
a22li*ations5 +his 14n*tionality in*l4/es reso4r*e 0anage0ent: D4ota en1or*e0ent: 2oli*y
en1or*e0ent: a22li*ation instantiation: *on1ig4ration *ontroller: et*5
Cloud Services are a//-ons to a *lo4/ /e2loy0ent that ens4res *onsistent 14n*tionality at
vario4s *lo4/ 2rovi/ers5 +he 1ollo7ing is a list o1 14n*tional areas so0e 2lanne/ servi*es
2rovi/e
• Ar*hival Storage
• Re2li*ate/ Relia6le &ile Syste0s
• Bessaging
• Clo4/ -D Banage0ent
• Availa6ility Bonitoring>9igh Availa6ility
www#redhat#com &$ refarch'feed(ac)*redhat#com
,#,#" Cloud 4nterface
Chen a Clo4/ Cons40er engages Re/ 9at Clo4/&or0s: the Cloud Interface is the 2ri0ary
2oint o1 intera*tion that the Clo4/ Cons40er 4ses to initiate a*tivities: 1ro0 a/0inistration
/4ties: gathering re2orts on vario4s reso4r*es: to /e1ining an/ *ontrolling an a22li*ation
/e2loy0ent into a *lo4/5 +he 1ollo7ing ill4stration s400ariFes these 14n*tions5
refarch'feed(ac)*redhat#com &" www#redhat#com
Illustration 3-1: Cloud Inter(ace
,#,#& Content Provision %anagement
Content Provision Management 2rovi/es so1t7are to the other 14n*tional areas: 0anages
so1t7are re2ositories =1ro0 stan/ar/ *ontent so4r*es s4*h as Re/ 9at Net7or,: 42loa/e/ sel1-
s422lie/ *olle*tions: -S(s: et*?: an/ a22lies *on1ig4ration *o02lian*e an/ so1t7are
0o/i1i*ations 1or r4nning instan*es5 +he ill4stration 6elo7 /e2i*ts its intera*tion 7ith the other
14n*tional areas5
www#redhat#com && refarch'feed(ac)*redhat#com
Illustration 3-2: Content Provision ana!ement
,#,#, Application 1escription ;eneration
+he Clo4/ Cons40er /e1ines their a22li*ation /e2loy0ent as a set o1 syste0s *on1ig4re/ 7ith
*olle*tions o1 so1t7are an/ *on1ig4ration /ata reD4ire/ to a**o02lish the assigne/ tas,5 +he
Application Description Generation o4t24ts this /e1inition as .B<: as /e2i*te/ 6elo75
refarch'feed(ac)*redhat#com &, www#redhat#com
Illustration 3-13: A,,lication 4escri,tion 5eneration
,#,#- 4mage <ifeccle %anagement
+he Clo4/ Cons40er *an /e*i/e to stage the so1t7are =in the 1or0 o1 /is, i0ages? or Image
Lifecycle Management has the a6ility 1or 1or*e a late staging 7hen reD4ire/5 Aither 7ay: -0age
<i1e*y*le Banage0ent is res2onsi6le to a11ir0 the /is, i0ages are availa6le at the Clo4/
Provi/er5 -0age <i1e*y*le Banage0ent tra*,s i0ages an/ 0ay 4se one i0age as the so4r*e
1or another or 64il/ the i0age 1ro0 s*rat*h5 (n*e the i0age is availa6le: -0age <i1e*y*le
Banage0ent is res2onsi6le 1or the availa6ility o1 this /is, i0age at the Clo4/ Provi/er: as
sho7n 6elo7#
Chile 4sing an e'isting i0age as the so4r*e 1or another i0age 0ay hel2 to li0it 2roli1eration o1
i0ages: i1 a syste0 4ses a single /is, i0age that *ontains all the so1t7are nee/e/ 1or that
syste0: the 2otential 1or re-4se is li0ite/5 9o7ever: i1 so1t7are is layere/ as se2arate /is,
i0ages: e5g5 (S: /ata6ase: an/ Lava environ0ent: any o1 these in/ivi/4al layers>/is, i0ages
has 04*h greater 2otential re-4se val4e5 Using this *on*e2t o1 strati1ying so1t7are 2roves to 6e
0ore e11e*t4al5 &or this *on*e2t to 7or,: the a6ility to lin, the se2arate /is, i0ages to 14n*tion
as a single 14n*tional i0age is reD4ire/5 +his is a**o02lishe/ as 2art o1 the 2ost-6oot
*on1ig4ration5
www#redhat#com &- refarch'feed(ac)*redhat#com
Illustration 3-11: 6i(ec-cle ana!ement
,#,#. Application <ifeccle %anagement
Chen the Clo4/ Cons40er /e*i/es to /e2loy their a22li*ation: the *lo4/ inter1a*e is 4se/ to
instr4*t Application Lifecycle Management to *arry o4t this a*tivity5 +his is a**o02lishe/ 6y
4sing a internal reso4r*e 0anger to i/enti1y a Clo4/ Provi/er that 0at*hes the 2oli*ies: D4ota:
a**essi6ility an/ availa6ility that the Clo4/ Cons40er reD4ests5 +hen A22li*ation <i1e*y*le
Banage0ent instantiates ea*h syste0 7ith the so1t7are /esire/: a22lying lo*al an/ intra-
/e2loy0ent *on1ig4rations: a*tivating reD4ire/ *lo4/ servi*es: 2rovi/ing se*4re a**ess to the
syste0s: an/ 0onitoring the /e2loy0ent5 A22li*ation <i1e*y*le Banage0ent 2er1or0s other
a*tions s4*h as sh4tting /o7n the /e2loy0ent: et*: /is2laye/ 6elo75
refarch'feed(ac)*redhat#com &. www#redhat#com
Illustration 3-12: A,,lication 6i(ec-cle ana!ement
,#,#/ Functional Area Summar
+he ill4stration 6elo7 s400ariFes the high level *on*e2t4al sol4tion 7hen Re/ 9at
Clo4/&or0s a6stra*ts vario4s 246li* Clo4/ Provi/ers or 6y Clo4/&or0s e'ten/ing vario4s
virt4aliFation: 3ri/: or 1ar0 environ0ents5 Re/ 9at Clo4/&or0s o2erations are segregate/ into
the 1ollo7ing 14n*tional areas
• Clo4/ -nter1a*e
• Content Provision Banage0ent
• A22li*ation Des*ri2tion 3eneration
• -0age <i1e*y*le Banage0ent
• A22li*ation <i1e*y*le Banage0ent
www#redhat#com &/ refarch'feed(ac)*redhat#com
Illustration 3-13: &',anded Functional /vervie0
- Red Hat CloudForms Components
+he 2revio4s se*tion /es*ri6e/ the ar*hite*t4re in ter0s o1 the 14n*tional areas5 +he a*t4al
i02le0entation 2er1or0s the 14n*tionality as a set o1 2ro/4*ts5 +his se*tion i/enti1ies the
*o02onents o1 Re/ 9at Clo4/&or0s an/ asso*iates the ar*hite*t4ral 14n*tion 7ith the
*orres2on/ing *o02onents5 +he Aeol4s Pro;e*t
$
is the 406rella 2ro;e*t 1or 0any 2ie*es o1 the
*lo4/ so1t7are5 Chile /e2i*te/ 6elo7 is the 0a22ing o1 14n*tional areas to the higher level
2ro;e*ts: the 1ollo7ing se*tions 2rovi/e greater /etail5
refarch'feed(ac)*redhat#com &0 www#redhat#com
Illustration %-1: Arc7itectural Com,onent a,,in!
4.1 Cloud "nter&ace
+he Cloud Interface 2rovi/es the 2ri0ary 4ser inter1a*e 1or Re/ 9at Clo4/&or0s a*tivities5 An
AP- is also availa6le as an alternative a**ess 0etho/5 +he Clo4/ -nter1a*e 14n*tionality is
s422lie/ 6y the Aeolus UI as re2resente/ 6elo75
www#redhat#com &3 refarch'feed(ac)*redhat#com
Illustration %-2: Cloud Inter(ace Com,onents
+he *lo4/ inter1a*e 2rovi/es a *entraliFe/ 0anage0ent inter1a*e 1or Clo4/ Cons40ers:
7hether they 6e a/0inistrators or /evelo2ers: to intera*t 7ith /is2arate *lo4/ 2rovi/ers5 Using
the 7e6-6ase/ inter1a*e: a Clo4/ Cons40er *an log on an/ 2er1or0 *ertain a*tions 6ase/ on
the rights asso*iate/ 7ith their a**o4nt5 +he goal o1 the *lo4/ inter1a*e is to a6stra*t the 6a*,-
en/ *lo4/ 2rovi/er 1ro0 the Clo4/ Cons40er: regar/less o1 7hether the Clo4/ Cons40er
/esires to 4tiliFe AC2: Ra*,s2a*e: a Re/ 9at Anter2rise Virt4aliFation in1rastr4*t4re: or other
a22rove/ *lo4/ in1rastr4*t4re 1or their a22li*ation5 +he ill4stration 6elo7 sho7s ho7 the *lo4/
inter1a*e 2rovi/es a**ess to Resource Management, Image Management, Administration,
Reporting, an/ Accounting
refarch'feed(ac)*redhat#com &7 www#redhat#com
Illustration %-3: Cloud Inter(ace Functional 8ie0
Cith Resource Management, the a4thoriFe/ Clo4/ Cons40er is a6le to 0anage the a*tive
reso4r*es s4*h as liste/ in 8a(le -'"2 Resources5 Cithin ea*h o1 these *ategories: attri64tes
li,e 2ro2erties an/ 2er0issions *an 0e 0o/i1ie/ as nee/e/5
Resource 1escription
User a**o4nt
A Re/ 9at Clo4/&or0s Clo4/ Cons40erJ allo7s a**ess an/
*ontrols 2er0issions > roles5
H4ota
-02le0ents li0its on instan*es or /is, 4sages: *an 6e
asso*iate/ 7ith a 4ser a**o4nt: *lo4/ 2rovi/er a**o4nt: 2ool: or
2ool 1a0ily5
Clo4/ Provi/er
a**o4nt
+he a**o4nt that allo7s a**ess to a s2e*i1i* *lo4/ 2rovi/er5
+his a**o4nt *an 6e asso*iate/ 7ith 04lti2le 2ools5
Pool
A gro42ing o1 *lo4/ 2rovi/ers as s2e*i1ie/ 6y the Clo4/
2rovi/ers a**o4nts assigne/ to 1or the 2oolEs 4se5
Pool 1a0ily
A gro42ing o1 2ools 6y 4ser /e1ine/ se0anti*sM e5g5 /ev: test5
A 2ool *an only 6e assigne/ to on 2ool 1a0ily5
-nstan*es +hese are syste0s that are r4nning in *lo4/ 2rovi/er5
De2loy0ent
3ro42s o1 instan*es that are relate/ 6y 6eing /e1ine/ as 2art o1
the sa0e a22li*ation /e2loy0ent5
Table %-1: Resources
Cith the Image Management inter1a*e: the Clo4/ Cons40er is a6le to *reate: 0o/i1y an/
/elete ite0s relating to the /e1inition o1 a22li*ation /e2loy0ent: e5g5: syste0s: /is, i0ages:
*on1ig4ration settings: et*5 +his allo7s the 4ser to *reate the 1ra0e7or, 1or 246lishing
a22li*ations an/ instan*es5
+he inter1a*e also 2rovi/es Administration *a2a6ilities 7hi*h allo7s *ontrol over a**o4nt roles
an/ 2er0issions5 Provi/ers *an 6e 0anage/ as 7ell as har/7are 2ro1iles5
(ne other ,ey attri64te o1 the *lo4/ inter1a*e is the a6ility to tra*, Reporting an/ Accounting
/etails 1ro0 the *lo4/ 2rovi/ers an/ lo*al reso4r*es 7hi*h are 6eing 4tiliFe/5 -te0s s4*h as the
n406er o1 instan*es r4nning an/ the *orres2on/ing *harges 6e*o0es 0ore an/ 0ore
i02ortant as a22li*ations are s*ale/5
www#redhat#com ,$ refarch'feed(ac)*redhat#com
4.2 Content 'rovision (anagement
Content Provision Management 14n*tionality is 2rovi/e/ 6y the Natello *o02onent 7hi*h
2rovi/es the *olle*tion o1 so1t7are an/ so1t7are 1ee/s 4tiliFe/ 6y -0age &a*tory 7hen 64il/ing
an/ 0o/i1ying i0ages5 +his *ontent *an *o0e 1ro0 a variety o1 reso4r*es5 Chile Re/ 9at
Net7or, is the 2re0i40 s422lier: other 0etho/s in*l4/e re2ositories: -S(s: or so1t7are
*olle*tions - 7hether these are Re/ 9at: Re/ 9at Partners: other (ABs: or *4sto0 s422lie/5
refarch'feed(ac)*redhat#com ," www#redhat#com
Illustration %-%: Content Provision ana!ement
4.3 Application )escription *eneration
Application Description Generation is the set o1 14n*tionality that allo7s the Clo4/ Cons40er to
*reate a re*i2e /es*ri6ing an a22li*ation that they /esire to /e2loy5 As a re*i2e lists the
ingre/ients an/ the instr4*tions o1 ho7 to *o06ine the ingre/ients5 +he generate/ a22li*ation
/es*ri2tion i/enti1ies the syste0s an/ so1t7are along 7ith *on1ig4ration /ata 4se/ in the
2ro*ess o1 *o06ining all ele0ents5 +he 14n*tionality o1 A22li*ation Des*ri2tion 3eneration is
0ostly 2rovi/e/ 6y the Con/4*tor5 8a(le -'&2 1efinitions /e1ines ter0s relevant to this
*o02onent5
8erm E+planation
-0age or Dis,
-0age
+he *ontents o1 a 0o4nta6le /is,J the *ontents o1 a 0o4nt-
2oint
+e02late
Des*ri2tion o1 a /is, i0age 7ith any 0eta-/ata reD4ire/ to
*reate an i0ageJ the /es*ri6e/ i0age 0ay 6e 6oota6le or non-
6oota6leJ a non-6oota6le i0age is 4se/ to 2rovi/e a /istin*t
so1t7are layer: s4*h as a /ata6ase
Asse06ly
De1inition o1 a single instan*e *ontaining one or 0ore
te02lates an/ 0eta-/ata relate/ to servi*e *on1ig4rationsJ
sin*e this /e1ines an instan*e: one *onstit4ent te02late 04st
6e /es*ri6e/ as a 6oota6le i0ageJ all *on1ig4ration a*tions are
2er1or0e/ 2ost-6oot
Servi*e
Con1ig4ration
(2tional attri64te o1 the asse06ly 7hi*h /es*ri6es the servi*e
or servi*es that the asse06ly 2rovi/es to reD4iresJ this
in1or0ation is 4se/ to *on1ig4re an/ tie the asse06lies o1 a
/e2loy0ent together at la4n*h
De2loya6le
A22li*ation /e2loy0ent /e1inition: *ontains one or 0ore
asse06lies an/ 0eta-/ata *on1ig4rationJ this *on1ig4ration
s2e*ialiFes a /e2loy0ent 6y D4ali1ying it 1or a s2e*i1i* targete/
in1rastr4*t4re
CD<
Content Des*ri2tion <ang4ageJ .B< 1or0at lang4age 4se/ 1or
+e02late: Asse06ly an/ De2loya6le =+AD? /e1initions
Table %-2: 4e(initions
www#redhat#com ,& refarch'feed(ac)*redhat#com
+he a22li*ation /e2loy0ents 04st 6e /es*ri6e/ in a str4*t4re/ 1or0at that in*l4/es the
6oota6le o2erating syste0: any so1t7are reD4ire0ents: *on1ig4ration 2rovi/e/ or reD4ire/: an/
any s2e*i1i* targeting in1or0ation to instantiate the a22li*ation5 +his is a**o02lishe/ 6y the
Clo4/ Cons40er intera*ting 7ith the Con/4*tor via the Clo4/ -nter1a*e =1?, as 2i*t4re/ 6elo75
+he /e2loya6le is /e1ine/ in CD< =%? 6y /es*ri6ing the te02lates: asse06lies: servi*es:
*on1ig4ration /ata: an/ targeting /ata that *o02ose the entire a22li*ation /e2loy0ent5 +he
so4r*e o1 the so1t7are o2tions o1 *ontent is 2rovi/e/ 6y the pulp instan*e in Content Provision
Banage0ent =2?5 +argeting in1or0ation allo7s the generi* /es*ri2tion to 6e s2e*ialiFe/ 1or a
s2e*i1i* /e2loy0ent5 Bost *o00only: this in1or0ation s2e*i1ies the *o024te reD4ire0ents
=vCPUs: 0e0ory: /is, s2a*e? nee/e/ 1or an instan*e5
refarch'feed(ac)*redhat#com ,, www#redhat#com
Illustration %-): A,,lication 4escri,tion 5eneration
+he 1ollo7ing a6stra*te/ sa02le 2rovi/es the general *on*e2ts o1 a CD< layo4t5 A De2loya6le
is 0a/e o1 one or 0ore Asse06lies 7ith *on1ig4ration /ata5 Aa*h Asse06ly is 0a/e o1 one or
0ore +e02lates an/ *on1ig4ration5 Aa*h +e02late lists the so1t7are an/ *on1ig4ration /ata5
An Asse06ly o2tionally in/i*ates the servi*es that it /e1ines or reD4ires5 So0e o1 the
*on1ig4ration /ata 0ay 6e /e1ine/ a the ti0e o1 instan*e la4n*h5
Begin Deployable Definition
...
Begin Assembly Definition
...
Begin Template Definition
...
Software list
End Template Definition
End Assembly Definition
End Deployable Definition
4.4 "mage %i&ecycle (anagement
Image Lifecycle Management is the 14n*tionality that *reates: stores: an/ 0aintains the
i0ages an/ /es*ri2tions: 7hi*h s422lies this *ontent to the s422orte/ *lo4/ 2rovi/ers5 -0age
<i1e*y*le Banage0ent 14n*tionality is 2er1or0e/ 6y 04lti2le *o02onent 2ro/4*ts
• Con/4*tor
• -0age &a*tory
• -0age Careho4se
Relevant ter0s 4se/ in this *o02onent se*tion are liste/ in 8a(le -',2 1efinitions5
8erm E+planation
-C-C<A
-0age Content an/ -nten/e/ Con1ig4ration <ang4agAJ Chile
the CD< /es*ri6es the /e1inition o1 +e02lates: Asse06lies:
an/ De2loya6les: the -C-C<A 2rovi/es listing o1 /etaile/
so1t7are revisions an/ *on1ig4ration 2ara0eters o1 the *reate/
entities5 Chile CD< *an 6e tho4ght o1 as the sho22ing list: the
-C-C<A is the ite0iFe/ re*ei2t5
Table %-3: 4e(initions
(ne o1 the 0any 14n*tions o1 the Con/4*tor is to initiate an/ *o-or/inate -0age <i1e*y*le
Banager a*tivities5
-0age &a*tory is the *o02onent that is res2onsi6le 1or 64il/ing all *lo4/ i0ages5 +he i0age
/es*ri2tion is s422lie/ 1ro0 the .B<>CD< generate/ 1ro0 A22li*ation Des*ri2tion 3eneration
=Con/4*tor?5 +he *ontent *o0es 1ro0 Content Provision Banage0ent5 A//itional so1t7are that
is nee/e/ to s422ort the *lo4/ o2erations is also a//e/ to the i0age5
www#redhat#com ,- refarch'feed(ac)*redhat#com
-0age Careho4se tra*,s all i0ages an/ is res2onsi6le 1or staging the i0ages at the
a22ro2riate *lo4/ 2rovi/er5
+he i0ages that are /e1ine/ 6y the *lo4/ *ons40er: are 64ilt 7ith -0age &a*tory an/ store/ in
-0age Careho4se5 Chen a Clo4/ Provi/er 2rovi/es an i0age as the so4r*e 1or the /esire/
i0age: -0age &a*tory is not *alle/ 42on5 +he 2rovi/e/ i0age is s2e*i1ie/ in the /e1inition5
9o7ever: -0age Careho4se still stores the 0eta-/ata 7hi*h allo7s the 2ro2er i0age
1or0ation an/ asse06ly5 -n a//ition: in all *ases -0age Careho4se is also res2onsi6le 1or all
staging o1 i0ages5
-#-#" 4mage <ifeccle ' Standard
+he stan/ar/ -0age <i1e*y*le is e'2li*itly initiate/ 6y the Clo4/ Cons40er a1ter /e1ining
te02lates 4sing the *lo4/ inter1a*e an/ reD4esting a 64il/: or in/ire*tly 6y the *ons40er 6y
reD4esting an instan*e la4n*h o1 a /e2loya6le that *ontains te02lates that have not ha/
*orres2on/ing i0ages 64ilt =1?: as sho7n in the /iagra0 in this se*tion5
refarch'feed(ac)*redhat#com ,. www#redhat#com
A1ter Con/4*tor is reD4este/ to initiate a 64il/ =2?: it trans0its a 0essage *ontaining the CD<
an/ the target Clo4/ Provi/er to -0age &a*tory 7hi*h is 2la*e/ onto a D4e4e =%?5 Chen
reso4r*es are availa6le: -0age &a*tory starts a 64il/ 4sing the in24t re0ove/ 1ro0 the D4e4e5
-1 the 64il/ is 1ro0 s*rat*h: a L4st Ano4gh (2eration Syste0 =Le(S? - 7hi*h is a 0ini0al (S -
is initially *reate/5 -nstea/ o1 64il/ing 1ro0 s*rat*h: -0age &a*tory *an 4se a 2re-e'isting /is,
i0age5 Ne't: the Le(S or 2re-e'isting /is, i0age is 0o/i1ie/ 7ith the a//ition or re0oval o1
so1t7are 4ntil the CD< is satis1ie/ =$?5 +he 1or0at o1 the /is, i0age 0ay reD4ire 0ani24lation
to ens4re *o02ati6ility 7ith the target Clo4/ Provi/er5 (n*e the /is, i0age is *o02lete: -0age
&a*tory *reates an -C-C<A 1ro0 the i0age: listing the s2e*i1i* versions o1 the so1t7are *ontent
an/ *on1ig4ration 2ara0eters =#?5
+he *o02lete/ /is, i0age an/ -C-C<A are trans0itte/ to -0age Careho4se =6?5 -0age
Careho4se stores the /is, i0age: -C-C<A: an/ so4r*e CD< 1or 2otential 14t4re 4se =7?5 -t also
ass4res the /is, i0age is availa6le in the target *lo4/ =8?5 &or e'a02le: i1 the target *lo4/
2rovi/er is a Re/ 9at Clo4/&or0s *lo4/ 4sing Re/ 9at Anter2rise Virt4aliFation: the i0age is
0igrate/ into R9AVEs i02ort /o0ain an/ instantiate/5 -1 the target is A0aFon AC2: the i0age
is 64n/le/ in S% an/ registere/ in the a22ro2riate region: allo7ing a**ess 1or the s2e*i1ie/
Clo4/ Provi/er 4ser5
www#redhat#com ,/ refarch'feed(ac)*redhat#com
Illustration %-+: Ima!e 6i(ec-cle ana!ement - Standard
-#-#& 4mage <ifeccle = Snapshot
A1ter an instan*e ha/ 6een /e2loye/: it 0ay 6e 0o/i1ie/ in the environ0ent 6y 4ser /ire*te/
so1t7are 42/ates 2rovi/e/ 6y the 0anage0ent *a2a6ilities o1 Content Provision Banage0ent5
+hese 42/ates *reate a /is*re2an*y 6et7een the i0age store/ in -0age Careho4se an/ the
r4nning instan*e5 Sin*e the Clo4/ Cons40er 2er1or0e/ the 42/ates: they 0ay also /esire to
42/ate the -0age Careho4se -C-C<A an/ /is, i0age5 +he Clo4/ Cons40er 0ay also /esire
to leave the original i0ages: sin*e 04lti2le /e2loy0ents *o4l/ have 6een starte/ an/ not all
sho4l/ 6e 42/ate/5
+he Clo4/ Cons40er 42/ates the i0age /e1initions =1? 6y in1or0ing Con/4*tor =2? to initiate
the a*tivity5 Natello 42/ates /e1initions initiate/ 6y the Clo4/ Cons40er an/ sen/s -0age
&a*tory the listing o1 *hanges that have 6een a22lie/ to a 2revio4sly instantiate/ i0age =%?5
-0age &a*tory *reates the 42/ate/ -C-C<A an/ /is, i0ages =$? 7hi*h are store/ in -0age
Careho4se =#?5 -0age Careho4se o2tionally 24shes the /is, i0ages to the a22ro2riate *lo4/
2rovi/ers =6?5 +his 7or,1lo7 is /e2i*te/ in the 1ollo7ing ill4stration5
refarch'feed(ac)*redhat#com ,0 www#redhat#com
Illustration %-.: Ima!e 6i(ec-cle ana!ement - Sna,s7ots
-#-#, 4mage <ifeccle = >atello 4mport
+he Clo4/ Cons40er 0ay initiate =1? an i0age 64il/ 1ro0 a Natello te02late =2?: allo7ing the
Natello te02late to s2e*i1y the *ontent /etails o1 an i0age instea/ o1 the Clo4/ Cons40er5 +he
re0aining 2ro*ess : ste2s =%? thro4gh =8?: 1lo7s as in the stan/ar/ *ase =re1er to 4mage
<ifeccle ' Standard?: e'*e2t Con/4*tor is initiate/ 6y Natello5 +his 2ro*ess is 2ortraye/
6elo75
www#redhat#com ,3 refarch'feed(ac)*redhat#com
Illustration %-1: 9atello Tem,late Im,ort
4.+ Application %i&ecycle (anagement
+he 14n*tionality o1 A22li*ation <i1e*y*le Banage0ent allo7s the Clo4/ Cons40er to *ontrol
the state o1 instan*es in the *lo4/: 7hether la4n*hing: sto22ing: 0onitoring: et*5 +he
14n*tionality o1 A22li*ation <i1e*y*le Banage0ent is 2rovi/e/ 6y several 2ro/4*ts: s2e*i1i*ally
• Con/4*tor
• Con/or
• A4/rey
• Delta*lo4/
• -0age Careho4se
8a(le -'-2 1efinitions /e1ines relevant ter0s 4se/ in this se*tion5
8erm E+planation
UU-D Universally UniD4e -/enti1ierJ an i/enti1ier 4niD4e 1or ea*h instan*e
Post-6oot
Con1ig4ration
(n*e an instan*e is initially la4n*he/: a*tivities are 2er1or0e/ to
a22ly *on1ig4ration an/ 2ara0eter settings: a// a//itional so1t7are
or /is, i0ages: 2rovi/e /ata to other syste0s 1or *on1ig4ration: an/
2re2are instan*es 1or *lo4/ 0anage0ent5
Table %-%: 4e(initions
(ne o1 the 0any 14n*tions o1 the Con/4*tor is to initiate an/ *o-or/inate all A22li*ation
<i1e*y*le Banage0ent a*tivities5 +he Con/4*tor is also the 0aintainer o1 the reso4r*e /ata
that is 4se/ in the 7or,1lo7 7hi*h /eter0ines the 6est s4ita6le la4n*h environ0ent5
Con/or 2rovi/es the 14n*tionality o1 a reso4r*e 0anager5 -n a//ition to s*he/4ling the *lo4/
instan*es: it ens4res that reso4r*es are availa6le an/ en1or*es D4ota an/ 2oli*y5 Con/or
*ontrols the state o1 *lo4/ instan*es: 7hether la4n*hing or /estroying5 -1 Con/or sees that an
instan*e is no longer o2erating: it restarts the instan*e 6ase/ 42on 2oli*y settings5
Co004ni*ation 7ith /i11erent *lo4/ 2rovi/ers is *ontrolle/ thro4gh the Delta*lo4/ /river5 +he
Delta*lo4/ /river *reates an a6stra*tion layer 6et7een the *ons40er an/ thir/ 2arty *lo4/s5
+his 0o/el allo7s Re/ 9at Clo4/&or0s to 14n*tion 7ith vario4s Clo4/ Provi/ers 7itho4t
reD4iring all *o02onents to 6e 7ritten 1or the s2e*i1i* Clo4/ Provi/er5
A4/rey is a set o1 tools that 2er1or0s 2ost-6oot *on1ig4ration o1 *lo4/ instan*es5 +he list o1
14n*tionality it 2rovi/es in*l4/es a22lying lo*al an/ intra-/e2loy0ent *on1ig4rations: a*tivating
reD4ire/ *lo4/ servi*es: 2rovi/ing se*4re a**ess to the syste0s: an/ 0onitoring the
/e2loy0ent5
refarch'feed(ac)*redhat#com ,7 www#redhat#com
-0age Careho4se stores the /es*ri2tions o1 the instan*es5 +hese /es*ri2tions are s422lie/ to
the *on1ig4ration server 1or *o02letion o1 any reD4ire/ a*tions5 +he 2ro*ess o1 la4n*hing an
instan*e is 2i*t4re/ as 1ollo7s5
+he Clo4/ Cons40er initiates a instan*e la4n*h 4sing the *lo4/ inter1a*e =1?5 Con/4*tor starts
the instan*e la4n*h 6y s460itting a reD4est 1or the instan*e 7ith Con/or =2?5 Con/or *on1ir0s
that the reD4est /oes not violate 2oli*y or D4ota: an/ 0at*hes the reD4est to a *lo4/ 2rovi/er5
(n*e 0at*he/: Con/or sen/s o4t t7o 2arallel 0essages =%? 7ith the UU-D to 6e 4se/ 1or the
instan*e an/ other *on1ig4ration /ata5 (ne is to the Delta*lo4/ /river to start the instan*e =$?5
+he other 0essage is to A4/rey to *on1ig4re the instan*e 7ith the 2rovi/e/ UU-D5 Con/or also
*onta*ts Natello to resolve entitle0ents 1or the la4n*he/ instan*es =%?5 A4/rey *onta*ts the
-0age Careho4se to retrieve the CD< an/ -C-C<A /ata an/ 2ass on the *on1ig4ration
reD4ests an/ UU-D on to the *on1ig4ration server =#?5 (n*e the *on1ig4ration server /is*overs
the r4nning instan*e 7ith the 0at*hing UU-D =6?: it *ontrols the 2ost-6oot *on1ig4ration
2ro*ess =7?5 -n*l4/e/ in the 2ost 6oot 2ro*ess is esta6lishing tr4ste/ i/entity an/ *re/entials5
(n*e the instan*e has *o02lete/ this 2ro*ess: the *on1ig4ration server 2asses instan*e /ata
to Con/4*tor5
(n*e the instan*e 6oots 42: the 2ost *on1ig4ration ta,es 2la*e5 +his sets any -P a//resses:
start servi*es: et*55 1or the i0age so it is rea/y to r4n5 -n the *ase o1 the loa/-6alan*er a 2ool o1
-P a//resses 04st 6e 2rovi/e/ an/ 2oli*ies 04st 6e set5 &or the 7e6 servers: they 04st 6e
*on1ig4re/ 7ith a /e1a4lt gate7ay an/ the 7e6 servi*es 04st 6e starte/5
www#redhat#com -$ refarch'feed(ac)*redhat#com
Illustration %-2: A,,lication 6i(ec-cle Instance 6aunc7
4., Cloud Services
Section -#, Application 1escription ;eneration 6roa*he/ the s46;e*t that asse06lies 0ay
in/i*ate 7hat servi*es they 2rovi/e or the servi*es they reD4ire5 Using a servi*e that the Clo4/
Cons40er /e1ine/ allo7s the intera*tion o1 04lti2le instan*es to 6e*o0e 2art o1 the
/e2loya6leEs re*i2e5 9o7ever: there 0ay 6e servi*es that a /e2loy0ent 0ay 4se that are not
2rovi/e/ in the *lo4/ 4sers /e2loya6le /e1inition5 Cloud Services are a//-ons to *lo4/
/e2loy0ents that ens4re *onsistent 14n*tionality a0ong vario4s *lo4/ 2rovi/ers5 +he 1ollo7ing
is a list o1 14n*tional areas that so0e 2lanne/ *lo4/ servi*es 0ay 2rovi/e
• Bonitoring
• Banaging
• Bessaging
• Ar*hival Storage
• Re2li*ation &ile Syste0 Storage
• Clo4/ -/ Banage0ent
• 9igh Availa6ility
Clo4/ Servi*es are s2e*ial servi*es that a 4ser /oes not nee/ to /e1ine: as a *onsistent
/e1inition is 2rovi/e/5 Clo4/ Servi*es are a//e/ to a /e2loya6leEs /e1intion 7hen the Clo4/
Cons40er in/i*ates they 7ish to in*l4/e the servi*e5 +he instan*e 0ay 6e s2a7ne/ as 2art o1
their /e2loya6le: or the *lo4/ 2rovi/er 0ay have a /e/i*ate/ instan*e availa6le in the *lo4/
7hi*h 2rovi/es the servi*e to 04lti2le tenants5
-#/#" %onitoring
Re/ 9at 4ses the Batahari
#
in1rastr4*t4re to allo7 0onitoring an/ *ontrolling agents on *lo4/
instan*es5 +he agents 2rovi/e/ allo7 the starting o1 a22li*ations an/ 2rovi/e the 0onitoring
4se/ in 9igh Availa6ility5
&or L)oss Anter2rise Bi//le7are *ontent: a 0anage0ent agent =L)oss (N? is installe/ via a
0anage/ servi*e /e1inition5 +his 0e*hanis0 *an 6e 4se/ 1or any a//itional 0anage/
*ontainers 4se/ in /e2loy0ents5
refarch'feed(ac)*redhat#com -" www#redhat#com
-#/#& %anaging
As 7ith non-*lo4/ environ0ents: Re/ 9at 2rovi/es Banage0ent *a2a6ilities 6oth 1or Re/ 9at
Anter2rise <in4' an/ L)oss Anter2rise Bi//le7are5
&or Re/ 9at Anter2rise <in4': the Clo4/ Cons40erEs a22li*ation *an 6e 42/ate/ in 2la*e 7hen
/e2loye/ 4sing Natello5 +his *a4ses the /e2loye/ i0ages to 1all o4t o1 *o02lian*e 7ith the
/e1initions an/ save/ i0ages store/ in the -0age Careho4se5 Chen a r4nning instan*e
/eviates 1ro0 the store/ i0age: it is i/enti1ie/ as /ivergent5 +he Clo4/ Cons40er *an /e*i/e
to leave this as the stat4s D4o: or re*on*ile the instan*es an/ save/ i0ages5 +o 0a,e the
i0ages *onsistent: Natello sen/s -0age &a*tory the list o1 *hanges it has a22lie/ to the
instan*e5 -0age &a*tory generates 42/ate/ CD<: i0ages: an/ -C-C<As 1or the /e2loy0ent5
+he 42/ate/ i0age or i0ages are 24she/ to -0age Careho4se 7hi*h the 24shes to the *lo4/
2rovi/er5
&or L)oss Anter2rise Bi//le7are: the Clo4/ Cons40er *an /e2loy their a22li*ation 4sing the
6asi* 2rovi/e/ in1rastr4*t4re: or 4se a L)oss (2erations Net7or, =L)oss (N? server5 -n the
e'a02le in this 2a2er: a L)oss (N server allo7s the Clo4/ Cons40er to 14lly 0onitor: *ontrol:
an/ 42/ate the L)oss Anter2rise a22li*ation5
-#/#, %essaging
Not only /oes the in1rastr4*t4re 4se ABHP in the 1or0 o1 BR3
6
1or *o004ni*ations internally:
64t Re/ 9at 7ill /e2loy the Bessaging *o02onent o1 Re/ 9at Anter2rise BR3 as the
Clo4/&or0sE Bessaging Servi*e5
BR3 Bessaging ,ey 1eat4res in*l4/e
• ABHP s422ort
• &le'i6le 0essaging 2ara/ig0s
• B4lti-lang4age *lient s422ort
• 9igh 2er1or0an*e
• +ransient an/ /4ra6le 0essaging
• &e/eration
• +ransa*tions
• Se*4rity
• H4e4e se0anti*s
• .B< s422ort
• Distri64te/ 0anage0ent *onsole
www#redhat#com -& refarch'feed(ac)*redhat#com
-#/#- Archival Storage
Ar*hival Storage: so0eti0es re1erre/ to as 6lo6 storage: is 2rovi/e/ as a 0etho/ 1or rea/ing
an/ 7riting large o6;e*ts5 +he 0e*hanis0 4se/ 1or i0age storage in -0age Careho4se is also
availa6le to the Clo4/ Cons40er 1or their o7n /ata5 (2erations s4*h as 7hole 1ile OgetP an/
O24tP are 2er1or0e/ via 9++P5 +he i02le0entation is 6ase/ on Pro;e*t 9ail
7
or Clo4/&iles 7ith
0o/i1i*ations s4*h as a /istri64te/ /ata6ase 1or tags an/ 0eta/ata5 +he /ata is store/ is a
shar/ 1or0at: 0eaning the /ata is /istri64te/ 4sing horiFontal 2artitioning5 Data is 7ritten to
one 2la*e: ho7ever: re2li*ation *an 6e 4se/ to /istri64te rea/s5 Re2li*ation is 2oli*y /riven
an/ *an 6e 6ase/ on o6;e*t *onte't: site: tags: se*4rity: et*55 +he -0age Careho4se /ae0on
2rovi/es the a6ility 1or a *a*hing or re2li*ation 2ro*ess to 24sh *o2ies to e'isting Ar*hival
Storage s4*h as A0aFonEs S%: Ra*,S2a*eEs Clo4/ 1iles: AF4re: 3oogle Storage or to another
7areho4se instan*e5 -1 re2li*ation is 6et7een 7areho4se instan*es: 7hen a reD4est 1or an
o6;e*t that has not 6een *o2ie/ to the *hil/ no/e is re*eive/: the o6;e*t is E24lle/E on /e0an/5
refarch'feed(ac)*redhat#com -, www#redhat#com
Illustration %-13: Arc7ival Stora!e
-#/#. Replicated File Sstem Storage
Clo4/&S 2rovi/es a /istri64te/ share/ 1ile syste0 1or *lo4/ 4se 7ith P(S-. se0anti*s5
Clo4/&S *an 6e in*l4/e/ in CD< /e1initions to 2rovi/e storage 1or state14ll an/ hy6ri/ *lo4/
/e2loy0ents5 -n a//ition: this 1ile syste0 is s4ita6le 1or /e2loy0ent 6y a *lo4/ 2rovi/er as a
2er0anent: share/ servi*e5 Clo4/&S is 6ase/ on 3l4ster&S an/ a//s the 1ollo7ing
*a2a6ilities
• Stronger a4thenti*ation an/ a4thoriFation
• An*ry2tion =AAS-128>AAS-2#6?: 6oth on the 7ire an/ on /is,
• B4lti-tenan*y =isolating tenantsE na0es2a*es 1ro0 one another?
• H4ota an/ a**o4nting s422ort
• B4lti-site re2li*ation
All o1 these 1eat4res *an 6e i02le0ente/ in a 0o/4lar 7ay: so that /e2loy0ents *an 4tiliFe
only those /ee0e/ ne*essary or a22ro2riate 1or their s2e*i1i* sit4ation5
-#/#/ Cloud 4d %anagement
Clo4/ -/ Banage0entEs 0ain goal is to trans2arently integrate 7ith the e'isting i/entities an/
i/entity 0anage0ent syste0s 2resent in the enter2rise5 -/entity 0anage0ent in Re/ 9at
Clo4/&or0s is a**o02lishe/ thro4gh Re/ 9at Anter2rise -/entity =-PA?
8
2ro;e*t is 6ase/ on
the o2en so4r*e &ree-PA 2ro;e*t
"
5 &ree-PA is an a4thenti*ation an/ a4thoriFation 1ra0e7or,
1or large-s*ale <in4' an/ Uni' /e2loy0ents5 -t integrates servers 1or Ner6eros: <DAP: DNS:
an/ .#0" Certi1i*ates into a se*4re: relia6le: an/ s*ala6le i/entity 0anage0ent sol4tion5
www#redhat#com -- refarch'feed(ac)*redhat#com
-n a *o00on s*enario: 7hen a Clo4/ Cons40er instantiates a reso4r*e: there are several
entities to 6e *onsi/ere/
Entit 1escription ?otes
User
Clo4/ Cons40er
-n *onte02orary /e2loy0ents
a4thenti*ation is 2re/o0inantly
thro4gh A*tive Dire*tory Do0ain
Servi*es =ADDS?5
Ba*hine
Syste0 7hi*h the Clo4/
Cons40er 4ses to a**ess the
Clo4/&or0s environ0ent
Clo4/ Cons40erIs 7or,station 7hi*h
0ay or 0ay not 6e *onne*te/ to an
a4thenti*ating agent5
Clo4/&or0s
Clo4/&or0s in1rastr4*t4re
Uses Re/ 9at Clo4/&or0s internal
se*4re a4thenti*ation5
-nstan*e
Clo4/ Cons40erEs
/e2loy0ent>instan*es
Bay 4se a se2arate or an e'isting
/o0ain5
Table %-): Identit- 4omains
Re/ 9at Clo4/&or0s ta,es a/vantage o1 an internal -PA instan*e or ena6les 2ro'y
a4thenti*ation to the e'ternal ADDS server=s? in *ase a *lo4/ *ons40er has 04lti2le /o0ains5
Clo4/&or0s a//resses the 4se *ase o1 enter2rise Single Sign-(n =SS(? allo7ing the Clo4/
Cons40er *re/entials a*D4ire/ 6y logging into their 7or,station to 6e res2e*te/ 6y the Clo4/
-nter1a*e: th4s the Clo4/&or0s in1rastr4*t4re5 A//itional 14n*tionality allo7s the Clo4/
Cons40erEs i/entity to 6e res2e*te/ a*ross /i11erent i/entity /o0ains: th4s the Clo4/
*ons40er 7ill 6e a6le to /ire*tly a**ess la4n*he/ instan*es5
Using Syste0 Se*4rity Servi*es Dae0on =SSSD?
10
*ross ,er6eros tr4st 14n*tionality 6et7een
-PA an/ ADDS *an 6e esta6lishe/5 +he 1a*t that 04lti2le i/entity /o0ains 04st 6e *onsi/ere/
*reates a *o02le' 0atri' o1 4se *ases - 0ost o1 7hi*h Clo4/&or0s s422orts5 9o7ever: there
are li0itations that Clo4/&or0s 0ight not 6e a6le to a//ress in the near 14t4re as liste/ 6elo75
@se Case Status
Loining a Cin/o7s
0a*hine into the -PA
/o0ain
-t is not 2ossi6le to 0a,e a Cin/o7s 0a*hine 6e a 2art o1 -PA
/o0ain sin*e it has 2ro2rietary 2roto*ols that -PA /oes not 2lan
to s422ort in the near ter0 14t4re
Changing the 7ay
Cin/o7s 0a*hine
;oins /o0ain
-t is the sa0e 2ro6le0 64t the *lient si/e sol4tion5 Clo4/&or0s
/o not 2lan to 2rovi/e a *lient so1t7are 1or the Cin/o7s
7or,station to ;oin an -PA /o0ain: ho7ever: a sol4tion 0ight 6e
2rovi/e/ 6y the Re/ 9at 2artners in the 14t4re5
Table %-+: :se Cases 6imitations
refarch'feed(ac)*redhat#com -. www#redhat#com
-#/#0 High Availa(ilit
+he o2tional 9igh Availa6ility *lo4/ servi*e has the goal to /eliver 0a'i040 a22li*ation
servi*e availa6ility 1or a *olle*tion o1 /e2loy0ents5 +his is a*hieve/ 6y the /ete*tion or
re*overy o1 1ail4res in any o1 the 1ollo7ing *o02onents o1 a /e2loy0ent
15 Bonitore/ A22li*ations
25 -n/ivi/4al -nstan*es o1 De2loy0ents
%5 Cl4ster Servi*es
$5 Antire De2loy0ents
Re*overy 1ro0 a /ete*te/ 1ail4re 0ay reD4ire ter0inations o1 *o02onents o1 the /e2loy0ent5
+he restarting o1 *o02onents is *ontrolle/ 6y either Batahari agents or Con/or5 +he 1ollo7ing
ill4stration /e2i*ts a 6asi* 9igh Availa6ility Con1ig4ration5
www#redhat#com -/ refarch'feed(ac)*redhat#com
Illustration %-11: Hi!7 Availabilit- Standard Cloud Polic- &n!ine
+he 9igh Availa6ility Servi*e also has the a6ility to es*alate 1ail4res as /eter0ine/ 6y the
Cloud Policy !ngine, as sho7n 6elo75 +he 24r2ose o1 es*alating 1ail4res allo7s a re2etitive
lo7er level 1ail4re to 6e re*overe/ 4sing a higher level re*overy5 &or e'a02le: i1 an a22li*ation
1ails 10 ti0es in %0 0in4tes: the Clo4/ Cons40er 0ay 7ish to es*alate the a22li*ation 1ail4re
into an instan*e 1ail4re5 +he Clo4/ Poli*y Angine is i02le0ente/ 4sing 42strea0 Pa*e0a,er
11

servi*es5
refarch'feed(ac)*redhat#com -0 www#redhat#com
Illustration %-12: Hi!7 Availabilit- Advanced Cloud Polic- &n!ine
. High <evel Architectural E+ample
+his se*tion ta,es a high level a22roa*h in /e0onstrating the 2ro*ess o1 /e1ining an
a22li*ation into a Re/ 9at Clo4/&or0s environ0ent5 &or this /is*4ssion: the a*tivities to
s422ort the Clo4/ Cons40er have 6een ass40e/: in other 7or/s: the 1o*4s is on ho7 the
Clo4/ Cons40er i02le0ents their a22li*ation not the *on1ig4ration o1 the in1rastr4*t4re5
+his Clo4/ Cons40er 7o4l/ li,e to 2resent a 0anage/: highly-availa6le 7e6 retail 2resen*e
7hi*h o11ers /igital 2ro/4*ts s4*h as ringtones: a22s: e-6oo,s: 04si*: et*5 +he s2e*i1i* *lo4/
2rovi/er that hosts the retail 2resen*e is not a 2riority5 +he reD4ire0ents are s4*h that the
Clo4/ Cons40er *an a**ess their store 7hile *ontrolling the entire li1e *y*le 0anage0ent o1
the a22li*ation: e5g5 /e1ine: /e2loy: 42/ate: s*ale: 0anage =0igrate: sna2hot>6a*,42?: an/
tear-/o7n5
+he "vervie# se*tion 1ollo7s the 2ro*ess o1 2lanning an/ /esigning the retail store5 +he
Define se*tion 2rovi/es the s2e*i1i* /e1initions that 7o4l/ 6e i02le0ente/5
www#redhat#com -3 refarch'feed(ac)*redhat#com
+.1 -verview
Chether or not one is 4sing a *lo4/: virt4aliFation: or 6are 0etal: a retail 2resen*e reD4ires
2lanning an/ /esign5 +his ty2e o1 a22li*ation 4ses a 04lti-tier 0o/el to allo7 1or s*ala6ility an/
availa6ility5 +hese tiers *onsist o1 a 7e6 tier: a22li*ation tier: an/ /ata6ase tier: as sho7n the
/iagra0 that 1ollo7s5
Ce6 servers are 4se/ to 2rovi/e the 1ronten/5 A reverse 2ro'y is 4se/ to *a*he stati* *ontent:
7hile /yna0i* *ontent is generate/ 6y a *4sto0iFe/ Lava Anter2rise A/ition =AA? a22li*ation5
Lava AA 0i//le7are 2rovi/es a /ata6ase /river 7hi*h allo7s 1or the *onne*tivity 6et7een the
7e6 1ronten/ an/ the /ata6ase 6a*,en/ in an a6stra*te/ 1ashion5
Chile a sol4tion 1or the retail 2resen*e *o4l/ 6e hoste/ on a single syste0: this sol4tion 4ses
04lti2le 7e6 servers to 2rovi/e s*aling an/ a*tive>a*tive availa6ility5 9ar/7are or so1t7are
6ase/ loa/ 6alan*ing 0ay 6e 4se/ to s2rea/ the reD4ests a*ross the 2arti*i2ating 7e6
servers: 64t this i02le0entation 4ses a so1t7are-6ase/ loa/ 6alan*er5 +he 0i//le7are is
hoste/ on the sa0e syste0s as the 7e6-server: 4tiliFing *l4stering to 0aintain availa6ility an/
*onsisten*y5 +he loa/ 6alan*er: reverse 2ro'y: an/ /ata6ase are ea*h se2arate syste0s5
refarch'feed(ac)*redhat#com -7 www#redhat#com
Illustration )-1: A,,lication Tiers
&or high availa6ility o1 the loa/ 6alan*er: reverse 2ro'y: an/ /ata6ase server: the a*tive
instan*e is 0onitore/5 U2on a /isr42tion in the servi*e: a re2la*e0ent server is instantiate/5
&or the /ata6ase server: this reD4ires the storage to 6e highly availa6le: highly relia6le: an/
2ersistent5 +his storage 04st 6e a6le to 6e /isasso*iate/ 7ith the ol/ instan*e an/ asso*iate/
7ith the ne7 instan*e5 A Clo4/ Servi*e that 2rovi/es a Clo4/ &ileSyste0 is 4se/5
+he 2ro*ess o1 /ire*ting net7or, tra11i* to the site 0ay reD4ire a Virt4al Private Net7or,
*on1ig4ration5 -1 the /e2loy0ent is o2en to the internet: a DNS 42/ate is 2ossi6le5
+o s400ariFe: 8a(le .'"2 Store Components lists all a*tive syste0s 6y 14n*tionality 2lanne/
1or the initial /e2loy0ent5
4nstance ?ame
4nstance
Count
Role
loa/-6alan*er01 1 Distri64te -n*o0ing ReD4ests
reverse-2ro'y01 1 Serve stati* *ontent D4i*,ly
/ata6ase01 1 Store /ata 1or a22li*ation
4ser-a22-store01-0% %
9ost 4ser a22li*ations
=7e6server: 0i//le7are:
*l4steriFe/ LAA instan*e 7ith
LD)C instan*es
Table )-1: Store Com,onents
www#redhat#com .$ refarch'feed(ac)*redhat#com
+he 1ollo7ing /iagra0 re2resents the entire a22li*ation /e2loy0ent5
Not all the syste0s have the sa0e *o024te: 0e0ory: or -( reD4ire0ents5 &or e'a02le: a loa/
6alan*er 0ay have 0ini0al reD4ire0ents in regar/s to storage s2a*e: ho7ever: the storage
1or a /ata6ase is 0ore *riti*al5
+.2 )e&ining Application )eployment
+his se*tion /e1ines the a22li*ation in ter0s o1 the +e02lates: Asse06lies: an/ the
De2loya6le5 +he Clo4/ Cons40er has the o2tion to s422ly *on1ig4ration an/>or *4sto0iFation
2ara0eters in*l4/ing a s*ri2t 1or the vario4s *o02onents5
.#&#" 1efine 8emplates
As /es*ri6e/ in /etail in +a6le $-2 De1initions: a +e02late is a re*i2e o1 7hat so1t7are sho4l/
6e in a /is, i0age5 +his /es*ri2tion is the list o1 so1t7are *ontaine/ in the /is, i0age: along
7ith 0eta/ata i/enti1ying the s422orte/ )ase (S5 +he )ase (S te02late is 2rovi/e/ 6y either
a Clo4/ Provi/erEs /e1inition or 1ro0 a Natello /e1inition5
refarch'feed(ac)*redhat#com ." www#redhat#com
Illustration )-2: Retail ;eb Store A,,lication 4e,lo-ment
All +e02lates are /e1ine/ as reD4ire/ 1or the 1inal a22li*ation sta*, as /etaile/ 6elo75
8emplate ReAuirements :oot
rhel6Q6ase rhel-'86Q6$-server-6 R
l6 rhel-'86Q6$-server-l6-6 N
r2ro'y sD4i/ N
/6 PostgreSH< N
a22Qserver L)oss Anter2rise A22li*ation Plat1or0 N
a22Qstore User s422lie/ a22li*ation 64n/le N
Table )-2: Tem,lates
.#&#& 1efine Assem(lies
An Asse06ly is a list o1 +e02lates: one o1 7hi*h 04st /es*ri6e a 6oota6le i0age5 Asse06lies
also /es*ri6e the servi*e *on1ig4rations that are 2rovi/e/ an/ reD4ire/ 6y the asse06ly5 Aa*h
asse06ly that in/i*ates it reD4ires 0anage0ent res4lt in L)oss (N an/ Natello 2arti*i2ating in
0anaging the instan*e5 +he Asse06lies 4se/ 1or this sol4tion are /etaile/ in the 1ollo7ing
ta6le5
Assem(l ?ame 8emplates 4ncluded Services Provided Services ReAuired
loa/-6alan*er rhel6Q6ase: l6 loa/-6alan*er
7e6-i2 =a**e2ts 04lti2les?:
*ontent-0anage0ent
reverse-2ro'y rhel6Q6ase: r2ro'y reverse-2ro'y *ontent-0anage0ent
/ata6ase rhel6Q6ase: /6 /ata6ase
*lo4/-storage =2rovi/e/ 6y
Clo4/&S?: *ontent-
0anage0ent
a22-store
rhel6Q6ase: /6:
a22Qserver: a22Qstore
a22Qserver
7e6-i2
/ata6ase: reverse-2ro'y:
loa/-6alan*er: *ontent-
0anage0ent: L(N-
0anage0ent
Table )-3: Assemblies
www#redhat#com .& refarch'feed(ac)*redhat#com
.#&#, 1efine 1eploa(le
No7 the *o02lete sol4tion sta*, *an 6e /e1ine/ as a De2loya6le: 7hi*h is *o02ose/ o1
Asse06lies an/ a//itional 0eta-/ata5 Chen instantiate/: ea*h Asse06ly is *reate/ a**or/ing
to s2e*i1ie/ 2ara0eters55 8a(le .'-2 1eploa(le lists all relevant *o02onents5
4nstance ?ame Assem(lies 4ncluded 4nstance Count 8argeting 1ata
loa/-6alan*er01 loa/-6alan*er 1 S0all instan*e siFe
reverse-2ro'y01 reverse-2ro'y 1 Be/i40 instan*e siFe
/ata6ase01 /ata6ase 1 <arge instan*e siFe
4ser-a22-store01-0% a22-store % Be/i40 instan*e siFe
Table )-%: 4e,lo-able
refarch'feed(ac)*redhat#com ., www#redhat#com
/ 1etailed Architectural Bor)flows
+his se*tion /es*ri6es the 0a;or 1lo7 o1 a*tivity that Re/ 9at Clo4/&or0s 2er1or0s 7hen a
Clo4/ Cons40er initiates Re/ 9at Clo4/&or0s a*tions as /es*ri6e/ in High <evel
Architectural E+ample5 +he 1ollo7ing 7or,1lo7 sho7s the high-lever overvie7 1or this
2ro*ess5
www#redhat#com .- refarch'feed(ac)*redhat#com
Illustration +-1: Hi!7-level Instance ;or$(lo0
,.1 Functionality (apping
-n the 2revio4s se*tions 14n*tionality 7as /es*ri6e/ as 2er1or0e/ 6y A22li*ation Des*ri2tion
3eneration: A22li*ation <i1e*y*le Banage0ent: Content Provision Banage0ent: -0age
<i1e*y*le Banage0ent: an/ Clo4/ -nter1a*e5 -n this se*tion the a*t4al 2ro/4*t *o02onents
1ro0 Re/ 9at Clo4/&or0s are 4se/5 +he 1ollo7ing ill4stration 0a2s 14n*tionality to
Clo4/&or0s 2ro/4*ts5 Clo4/ -nter1a*e re0ains a6stra*te/ as it re2resents an inter1a*e to ea*h
*o02onent: an/ Clo4/ Servi*es are invo,e/ as nee/e/5
refarch'feed(ac)*redhat#com .. www#redhat#com
Illustration +-2: Functionalit- to Product a,,in!
+he Pro/4*t Classi1i*ation 0a2s in the 1ollo7ing 7ay into the ar*hite*t4re as re2resente/ in
the 1ollo7ing /iagra05
,.2 Assumptions
+he ass402tions 7hi*h 1ollo7 are either 1airly straight1or7ar/ a*tions: or a*tions that are
/es*ri6e/ in 0ore /etail in a 14t4re Re1eren*e Ar*hite*t4re5Ce
Ass40e/ A*tivities
• All 4sers have 6een *reate/ 7ith reD4ire/ 2er0issions to 2er1or0 the a*tivities
atte02te/
• A Pool>Pool &a0ily has 6een esta6lishe/ 7ith the a**o4nt a**ess reD4ire/ 1or the
*onstit4ent *lo4/ 2rovi/ers
• All in1rastr4*t4re an/ s422ort 14n*tions have 6een 2er1or0e/ e5g5: Re/ 9at Clo4/&or0s
has 6een installe/ an/ *on1ig4re/
www#redhat#com ./ refarch'feed(ac)*redhat#com
Illustration +-3: Arc7itectural /vervie0
,.3 )e&ine
+he se*tion High <evel Architectural E+ample 2rovi/es the *ontent /etails o1 /e1ining the
+e02lates: Asse06lies: an/ De2loya6le to s2e*i1y the on-line store a22li*ation5
/#,#" 8emplates
:ase OS
+he 6ase (2erating Syste0 is *hosen 1ro0 a list o1 availa6le 2re-*on1ig4re/ Re/ 9at
Anter2rise <in4' 6 i0ages5 -n this *ase these are A0aFon AC2 Ba*hine -0ages =AB-?: 64t
0ay 6e 2rovi/e/ 6y the Clo4/ Provi/er5 +he 2ro*ess is sho7n in the 1ollo7ing /iagra0 7hi*h
*ontains seD4ential n406ers that *orrelate to the n406ere/ ste2s that 1ollo75
15 Clo4/ Cons40er s2e*i1ies the *reation o1 a ne7 te02late 4sing Re/ 9at Anter2rise
<in4' 6 6ase (S 1or A0aFon Ce6 Servi*es =ACS?
25 Con/4*tor *onta*ts -0age Careho4se to retrieve the list o1 availa6le AB-s
%5 Con/4*tor generates +e02late CD< 6ase/ on Clo4/ Cons40er in24t
$5 Con/4*tor saves +e02late CD< to lo*al D) 4n/er Clo4/ Cons40er a**o4nt
refarch'feed(ac)*redhat#com .0 www#redhat#com
Illustration +-%: Create AI Tem,late
8emplate for ?on':oot 4mage
+he 2ro*ess o4tline/ 6elo7 1or the loa/ 6alan*er +e02late sho4l/ 6e re2eate/ 1or ea*h o1 the
re0aining +e02lates: as /e2i*te/ in the ill4stration that 1ollo7s5
• Piranha loa/ 6alan*er
• SD4i/ reverse 2ro'y
• PostgreSH< /ata6ase
• L)oss Anter2rise A22li*ation Plat1or0
• Clo4/ *ons40er 42loa/e/ a22li*ation
15 Clo4/ Cons40er s2e*i1ies the *reation o1 a ne7 te02late 6ase/ on Re/ 9at Anter2rise
<in4' 6
25 Con/4*tor *onta*ts Natello to o6tain list o1 relate/ availa6le so1t7are
%5 Natello 2rovi/es a list o1 2a*,ages>so1t7are gro42s availa6le
$5 Clo4/ *ons40er sele*ts Oloa/-6alan*erP 2a*,age gro42 =re1er to 8a(le .'&2 8emplates?
#5 Con/4*tor generates +e02late CD< 6ase/ on 4ser in24t
65 Con/4*tor saves +e02late CD< =to lo*al D) 4n/er Clo4/ Cons40er a**o4nt?
www#redhat#com .3 refarch'feed(ac)*redhat#com
Illustration +-): 4e(ine Tem,late
/#,#& Assem(lies
+he 2ro*ess o4tline/ 6elo7 1or the <oa/-6alan*er Asse06ly sho4l/ 6e re2eate/ 1or ea*h o1
the re0aining Asse06lies5 +he 2ro*ess to *reate ea*h Asse06ly is sho7n 6elo75
• Reverse 2ro'y
• Data6ase
• A22 Store
15 Clo4/ Cons40er s2e*i1ies ne7 <oa/-6alan*er Asse06ly 7ith Re/ 9at Anter2rise
<in4'6 )ase an/ Piranha as the +e02lates =re1er to 8a(le .',2 Assem(lies?
a? -n*l4/es Re/ 9at Anter2rise <in4' 6 )ase +e02late
6? -n*l4/es <oa/ )alan*e +e02late
*? -/enti1ies that it 2rovi/es loa/ 6alan*e Servi*e
/? -/enti1ies that it reD4ires one or 0ore Ce6 -P a//resses
e? S2e*i1ies it reD4ires 0anage0ent
25 Con/4*tor generates Asse06ly 6ase/ on Clo4/ Cons40er in24t
%5 Con/4*tor saves Re/ 9at Anter2rise <in4' 6 Ce6 Server Asse06ly CD< to D) 4n/er
Clo4/ Cons40er a**o4nt
refarch'feed(ac)*redhat#com .7 www#redhat#com
Illustration +-+: 4e(ine Assembl-
/#,#, 1eploa(le
-n this ste2 the Clo4/ Cons40er /e1ines the overall De2loya6le 7hi*h *onsists o1 the
2revio4sly *reate/ Asse06lies5 +he 7or,1lo7 is 2i*t4re/ ne't5
15 Clo4/ Cons40er s2e*i1ies ne7 De2loya6le
a? 1 instan*e o1 loa/-6alan*er Asse06ly 7ith na0e loa/-6alan*er01 an/ siFe s0all
6? 1 instan*e o1 reverse-2ro'y Asse06ly 7ith na0e reverse-2ro'y01 an/ siFe 0e/i40
*? 1 instan*e o1 /ata6ase Asse06ly 7ith na0e /ata6ase01 o1 siFe large
/? % instan*es o1 a22-store 7ith na0e 4ser-a22-store01-0% o1 siFe 0e/i40
25 Con/4*tor generates Re/ 9at Anter2rise <in4' 6 Ce6 Server De2loya6le 6ase/ on
Clo4/ Cons40er in24t
%5 Con/4*tor saves the Re/ 9at Anter2rise <in4' 6 Ce6 Server De2loya6le CD< to D)
4n/er Clo4/ Cons40er a**o4nt
www#redhat#com /$ refarch'feed(ac)*redhat#com
Illustration +-.: 4e(ine 4e,lo-able
,.4 )eploy
+he Clo4/ Cons40er has 2lanne/ an/ /e1ine/ a22li*ation /e2loy0ent: in24tting the
/e1initions in Re/ 9at Clo4/&or0s5 +his se*tion /etails the 2ro*ess o1 0a,ing the a22li*ation
live5
/#-#" :uild
+he 64il/ 2ro*ess is /es*ri6e/ in the 1ollo7ing /iagra0 an/ e'2lains ho7 a +e02late re*i2e is
0a/e into a /is, i0age5 -n o4r e'a02le: the )ase (S is not 64ilt 64t 2rovi/e/ 6y an A0aFon
AC2 AB-5
15 Clo4/ Cons40er 42loa/s L)oss 64n/le to L)oss (N
25 L)oss (N 24shes to Natello
%5 Clo4/ Cons40er initiates 64il/ a*tion 1ro0 Con/4*tor
$5 Con/4*tor sen/s 0essage to -0age &a*tory to 64il/ i0age
#5 -0age &a*tory re*eives reD4est to 64il/ i0age
refarch'feed(ac)*redhat#com /" www#redhat#com
Illustration +-1: Ima!e #uild
65 -0age &a*tory *alls 64il/ 2ro*ess
a? *reates a te02orary VB
6? 4ses Natello as so4r*e to 64il/ 0ini0al VB
*? 0ani24lates 0ini0al VB to allo7 te02orary a**ess
/? installs re0aining reD4este/ 2a*,ages>so1t7are
e? installs so1t7are an/ 42/ates *on1ig4ration reD4ire/ to s422ort *lo4/ environ0ent:
in*l4/ing any so1t7are nee/e/ 1or Banage0ent
1? generates -C-C<A
g? 4n/oes 0ani24lation 1ro0 *? that allo7e/ te02orary a**ess
75 -0age &a*tory 24shes i0age: -C-C<A: te02late to -0age Careho4se
85 -0age Careho4se>-0age &a*tory 2re2ares i0age 1or Clo4/ Provi/er an/ 246lishes
a? -0age Careho4se 42/ates its D)
6? -0age Careho4se tells -0age &a*tory i0age is rea/y at Clo4/ Provi/er
*? -0age &a*tor tells Con/4*tor i0age is rea/y at Clo4/ Provi/er
"5 Con/4*tor 42/ates D) an/ Clo4/ -nter1a*e
&or non-6oota6le i0ages a VPA+9
12
install is /one: an/ the relevant /ire*tory str4*t4res are
64il/ into a /is, i0age5 -n a//ition the 0eta-/ata reD4ire/ to 0o4nt an/ lin, the /is, i0age in
04*h the sa0e 7ay alternatives are 0anage/ is re*or/e/5
www#redhat#com /& refarch'feed(ac)*redhat#com
/#-#& 4nstantiate
+he ste2s to la4n*h the on-line store /e2loya6le are 2i*t4re/ ne't5 +his is a /etaile/ 2ro*ess
7hi*h /etails 0any ste2s5
15 Clo4/ Cons40er in/i*ates the start o1 a /e2loya6le in a 2arti*4lar 2ool
25 Con/4*tor *reates a *on/or reD4est to start all 6 instan*es
• loa/-6alan*er01
• reverse-2ro'y01
• /ata6ase01
• 4ser-a22-store01: 4ser-a22-store02: 4ser-a22-store0%
%5 Clo4/ Cons40er is 2ro02te/ 1or any 0issing 2ara0eters that are reD4ire/
$5 Con/or a**e2ts an/ D4e4es reD4est
refarch'feed(ac)*redhat#com /, www#redhat#com
Illustration +-2: 4e,lo-able 6aunc7 Process
#5 Con/or atte02ts to 0at*h reD4est 4sing 2ro*ess o4tline in the 7or,1lo7 6elo75 Con/or
6egins 6y interrogating Con/4*tor to 1in/ availa6le *lo4/ 2rovi/er5
65 -1 a 0at*h is s4**ess14l: Con/or in1or0s Delta*lo4/ to start instan*es an/ in1or0s
A4/rey to *on1ig4re instan*es: 2rovi/ing one ti0e *re/entials: UU-D: an/ other host
i/entity in1or0ation 1or ea*h i0age5 Con/or also *o004ni*ates 7ith NatelloEs
Can/le2in
1%
to reserve entitle0ents 1or ea*h instan*e5 +his is reD4ires three a*tions5
75 Delta*lo4/ re*eives la4n*h reD4ests 1ro0 *on/or an/ initiates instan*es5
85 A4/rey reD4ests CD< an/ -C-C<A 1or ea*h instan*e
www#redhat#com /- refarch'feed(ac)*redhat#com
Illustration +-13: Condor Resource atc7in!
"5 As ea*h instan*e is la4n*he/: a te02orary se*4re *onne*tion is esta6lishe/ 4sing /ata
*olle*te/ 1ro0 the Clo4/ Cons40er5
• Using the te02orary se*4re *onne*tion: long-ter0 i/entity an/ *re/entials are 4se/
1or a4thenti*ate/ *onne*tions5
• ReD4ire/ VPN *onne*tions are esta6lishe/5
105 Aa*h instan*e 2rovi/es its UU-D to the A4/rey *on1ig4ration server: starting any
re0aining *on1ig4ration=s?5 +he 1ollo7ing a*tions are 2er1or0e/: ho7ever: not
ne*essarily in the or/er 2rovi/e/5
• All instan*es
◦ stan/ar/ *on1ig4ration in*l4/ing 6asi* server an/ *lo4/ s2e*i1i* /etails are
retrieve/ 1ro0 *on1ig4ration server
◦ stan/ar/ *on1ig4ration s*ri2ts are a22lie/
◦ non-6oota6le i0ages are 0o4nte/ an/ integrate/
• <oa/-6alan*er01 instan*e
◦ 7aits 1or 7e6--Ps *on1ig4ration s*ri2t 1ro0 *on1ig4ration server
◦ 7e6--P *on1ig4ration s*ri2ts are a22lie/
◦ 2rovi/es loa/ 6alan*er 2ara0eters to *on1ig4ration server
◦ in1or0s *on1ig4ration server that *on1ig4ration is *o02lete
• reverse-2ro'y01 instan*e
◦ 2rovi/es reverse 2ro'y 2ara0eters to *on1ig4ration server
◦ in1or0s *on1ig4ration server that *on1ig4ration is *o02lete
• /ata6ase01 instan*e
◦ 7aits 1or Clo4/&S K /ata6ase *on1ig4ration s*ri2ts 1ro0 *on1ig4ration server
◦ Clo4/&S *on1ig4ration s*ri2t is a22lie/
◦ /ata6ase *on1ig4ration s*ri2t is a22lie/
◦ 2rovi/es /ata6ase server 2ara0eters to *on1ig4ration server
◦ in1or0s *on1ig4ration server that *on1ig4ration is *o02lete
refarch'feed(ac)*redhat#com /. www#redhat#com
• 4ser-a22-store01-0% instan*es
◦ ea*h instan*e starts L)oss agents
◦ agents *onne*t 7ith L)oss (N
◦ ea*h instan*e 2rovi/es 7e6--P 2ara0eters to *on1ig4ration server
◦ ea*h instan*e 7aits 1or a22-store *on1ig4ration s*ri2ts 7hi*h *ontain the
/ata6ase: reverse-2ro'y: an/ loa/-6alan*er 2ara0eters
◦ ea*h instan*e a22lies a22-store *on1ig4ration s*ri2t
◦ in1or0s *on1ig4ration server that *on1ig4ration is *o02lete
• Clo4/&S Servi*e
◦ 7aits 1or Clo4/&S 2ara0eters 1ro0 *on1ig4ration server
◦ a22lies Clo4/&S *on1ig4ration
◦ in1or0s *on1ig4ration server that servi*e is rea/y
• A4/reyEs *on1ig4ration server
◦ 7aits 1or ea*h instan*e to 2rovi/e 2ara0eters: 7hi*h it 4se/ to generate
*oor/inate/ a22li*ation *on1ig4ration: 7hi*h is sent in the 1or0 o1 s*ri2ts to ea*h
instan*e
◦ 7aits 1or *on1ig4ration to *o02lete 1ro0 ea*h instan*e: then 2re2ares trans0its
instan*e /ata to Con/4*tor
115 A4/rey Con1ig4ration Server trans0its instan*e /ata to Con/4*tor
,.+ (anage
+his se*tion 2rovi/es insight to the a*tions that *an 6e 2er1or0e/ on a /e2loy0ent a1ter
la4n*h5 +he 1ollo7ing a*tivities are a//resse/
• U2/ating
• Baintaining>S4s2en/ing
• S*aling
• Bigrating
• Re2orting
• )4siness Contin4ity
• Ali0inating
www#redhat#com // refarch'feed(ac)*redhat#com
/#.#" @pdating
+here are 04lti2le targets 1or 42/ating in a /e2loy0ent5 +he 0ost *o00on 7o4l/ 6e errata
an/ so1t7are 42/ates5 (thers in*l4/e 42/ating the 4ser 2rovi/e/ a22li*ation 7hi*h 0ay
reD4ire a//itional so1t7are: *lo4/ servi*e 42/ates or ne7 o11erings: or *hanges in the
/e2loya6leEs /e1inition5
+hese 42/ates *an ha22en 6y three /i11erent 0etho/s *ontrolle/ 6y 4ser 2oli*y5
• live 42/ate M Natello>L)oss (N 42/ate r4nning /e2loya6le
• restart o1 /e2loy0ent M /e1inition is 42/ate/: then re/e2loye/
• hy6ri/ M live 42/ate 1ollo7e/ 6y an 42/ate/ CD< 7hi*h 24shes an/ reD4ires a restart
/#.#& %aintainingCSuspending
+he Clo4/ Cons40er 0ay /esire to te02orarily have their a22li*ation sto2 2ro*essing so that
0o/i1i*ations *an 6e 0a/e: then allo7 2ro*essing to res40e5 +his 2ro*ess 1ollo7s the ste2s
6elo7
• sto2 all instan*es o1 the /e2loy0ent
• retain sna2shot 1ro0 all instan*es
• 2er1or0 0aintenan*e>0o/i1i*ation
• *ontin4e instan*es 1ro0 sna2hot
/#.#, Scaling
+he Clo4/ Cons40er 0ay 1in/ that they 7ish to s*ale 42 or /o7n their r4nning /e2loy0ent5
+he o2tions availa6le in*l4/e the 1ollo7ing
• 42/ate /e2loya6le /e1inition to in*l4/e 0ore or larger instan*es: then restart entire
/e2loy0ent
• 4sing the sa0e /e2loya6le /e1inition: start 0ore /e2loy0ents
• 42/ate /e2loya6le /e1inition: a22ly *hanges an/ *on/or starts>sto2s a22ro2riately
• a4to0ati*ally in*rease or /e*rease n406er o1 instan*es in /e2loya6le 6ase/ on
*a2a*ity 0eas4re0ent as 0onitore/ 7ith Batahari
/#.#- %igrating
(n*e a /e2loy0ent has 6een r4le/ 4nsta6le: the e'isting /e2loy0ent is sto22e/ an/ a
/e2loy0ent 4sing the sa0e /e1inition is starte/ at a /i11erent *lo4/ 2rovi/er5
refarch'feed(ac)*redhat#com /0 www#redhat#com
/#.#. Reporting
+he *ategories o1 re2orting relating to a r4nning /e2loy0ent in*l4/e
• a22li*ation>instan*e>/e2loy0ent stat4s
• reso4r*e 4sage re2orts
• a22li*ation s2e*i1i* re2orts =0atahari agent /e2en/ent?
/#.#/ :usiness Continuit
Chether the Clo4/ Cons40er is 4sing a *lo4/ or not: the i/ea o1 g4aranteeing that /ata is not
lost is a 2riority5 Chile the 0etho/s have not 6een resolve/ as to 4sing live sna2shots: 6a*, 42
an/ ar*hival so1t7are: or /ata re2li*ation: ea*h o1 the 1ollo7ing is 2ossi6le5
• Point in +i0e 6a*,42 o1 i0age an/ /ata storage M restora6le to 2revio4s lo*ation
• Bigration o1 /ata 1ro0 2la*e to another
• )a*,42 o1 /ata to a re0ote lo*ation: restora6le to a /i11erent lo*ation
/#.#0 Eliminating
Chen the Clo4/ Cons40er /eter0ines that a /e2loy0ent is no longer nee/e/: any i0ages at
the *lo4/ 2rovi/er *an 6e /is*ar/e/5 +he res2onsi6ility to *on1ir0 any reD4ire/ /ata has 6een
re2li*ate/ to a lo*ation that allo7s at-7ill a**ess is 42 to the Clo4/ Cons40er5
www#redhat#com /3 refarch'feed(ac)*redhat#com
0 Architectural Operational Fle+i(ilit
+he e'a02le that 7as 2revio4sly /etaile/ in this 2a2er 7as one 2ossi6le 0etho/ o1
i02le0enting a Clo4/ Cons40erEs nee/ 1or an online store5 Ass40ing no *hanges in the
reD4ire0ents: this se*tion /is*4sses alternative *onsi/erations an/ 2ossi6ilities to
a**o02lishing this goal5 A//itional *onsi/erations 1or *lo4/ /e2loy0ents not *overe/ in the
e'a02le are also e'2lore/5
..1 Security/ (ulti0tenancy/ Service 'ro1y
Re/ 9at Clo4/&or0s 2rovi/es the *a2a6ility 1or 04lti2le Clo4/ Cons40ers to se*4rely share a
*lo4/ 2rovi/er a**o4nt or to si04ltaneo4sly se*4rely a**ess 04lti2le *lo4/s as a single Clo4/
Cons40er5 A**ess to a Re/ 9at Certi1ie/ Clo4/ Provi/er P46li* Clo4/s 0ay reD4ire the 4se o1
2ro'ies5
..2 Alternative )eployments
+he e'a02le in this 2a2er 2rovi/e/ one /e2loya6le /e1inition5 +here are a 04ltit4/e o1
variations in*l4/ing the 1ollo7ing: 64t not li0ite/ to
• 4sing a *lo4/ 6ase/ on lo*al virt4aliFation =o22ose/ to AC2?
• /e1ining an/ 64il/ing a 6ase (S i0age
• 4sing e'isting i0ages to 64il/ ne7 i0ages
• /o not strati1y the so1t7are layers: i5e5 /e1ine a single asse06ly 2er instan*e that has all
the nee/e/ so1t7are 1or that instan*e
• have i0ages 6e 24lle/ 7hen nee/e/ =o22ose/ to 2re-2la*e0ent?
• have asse06lies e'e*4te in se2arate *lo4/s
refarch'feed(ac)*redhat#com /7 www#redhat#com
3 Conclusion
-n 0oving to the *lo4/ or 64il/ing ne7 o22ort4nities 4sing a *lo4/ in1rastr4*t4re: the
o7nershi2: *ontrol: *ost visi6ility: an/ /e*isions are 0oving to the /o0ain e'2ert =Eo7nerE o1
the a22li*ation?5 Re/ 9at Clo4/&or0s *lo4/ in1rastr4*t4re allo7s 1or 6etter o2erational
e11i*ien*y an/ lo7er +C( 1or the *reation an/ li1e*y*le o1 *lo4/ a22li*ation 6y ena6ling the
/o0ain e'2ert5
+his 2a2er 2rovi/e/ a high-level overvie7 o1 Re/ 9atEs ne7 Clo4/&or0s te*hnologies5 As 2art
o1 this overvie7 several *on*e2ts 7ere *overe/: s4*h as a revie7 o1 the N-S+ /e1inition
stan/ar/s: Re/ 9atEs *lo4/ strategy an/ a /es*ri2tion: e'a02le an/ 7or,1lo7 o1 a Clo4/&or0s
/e2loy0ent5
+he ,ey ta,ea7ay 1ro0 this 2a2er sho4l/ 6e that Re/ 9at is 2rovi/ing the te*hnologies to
0a,e yo4r *lo4/ in1rastr4*t4re 1le'i6le M 1le'i6ility 0eans *hoi*es5 +his 4niD4e o11ering ena6les
yo4 to ta,e a/vantage o1 /is2arate *lo4/ 2rovi/ers 7itho4t the overhea/ o1 having to
*4sto0iFe the i0ages 1or ea*h environ0ent5 )y 2rovi/ing a single 4ser inter1a*e that intera*ts
7ith te*hnologies s4*h as Con/4*tor: -0age &a*tory: Con/or: et*5: Re/ 9at is lo7ering the
6arriers to 4sing the ne7 *lo4/ 2ara/ig05 -1 yo4r enter2rise /evelo2er ,no7s that they *an
7rite to one AP- M DeltaClo4/ AP- an/ then 6e a6le to ta,e a/vantage o1 04lti2le *lo4/
2rovi/ers: they are 0ore li,ely to e06ra*e the te*hnology5
www#redhat#com 0$ refarch'feed(ac)*redhat#com
+he 1ollo7ing /iagra0 /e2i*ts an over vie7 o1 the Re/ 9at Clo4/&or0s ar*hite*t4re5
refarch'feed(ac)*redhat#com 0" www#redhat#com
Illustration 1-1: Red Hat CloudForms Arc7itectural /vervie0
Appendi+ A2 Contri(utors
Ce 7o4l/ li,e to than, the 1ollo7ing in/ivi/4als 1or their ti0e an/ 2atien*e as 7e *olla6orate/
on this 2ro*ess5 +his /o*40ent 7o4l/ not have 6een 2ossi6le 7itho4t their 0any *ontri64tions5
Contri(utor 8itle Contri(ution
Vi;ay +rehan Dire*tor o1 Sol4tions Ar*hite*t4res Content: Diagra0s: Revie7s
Carl +rielo11
+e*hni*al Dire*tor: So1t7are
Angineering
Vision: Content: Revie7s
Lohn D4nning Banager: So1t7are Angineering Content: Revie7s
94gh )ro*, Banager: So1t7are Angineering Content: Revie7s
Chris <alan*ette Senior So1t7are Angineer Diagra0s: Content
S*ott Collier: R9CA Prin*i2al So1t7are Angineer Content: Diagra0s: Revie7s
)ryan Nearney Banager: So1t7are Angineering Content: Revie7s
Charles Cro4*h Banager: So1t7are Angineering Content: Revie7s
Le11ery Dar*y Prin*i2al So1t7are Angineer Content: Diagra0s
D0itri Pal Banager: So1t7are Angineering Content
Steven Da,e Prin*i2al So1t7are Angineer Content: Diagra0s
3or/on 9a11 Senior Pro/4*t Bar,eting Banager Content: Diagra0s
)rett +h4r6er: R9CA Senior So1t7are Angineer Revie7s
Lohn 9err: R9CA Senior So1t7are Angineer Revie7s
Table A: Contributors
www#redhat#com 0& refarch'feed(ac)*redhat#com
Appendi+ :2 References
1 htt2>>*sr*5nist5gov>gro42s>SNS>*lo4/-*o024ting>
2 htt2>>*olla6orate5nist5gov>t7i,i-*lo4/-
*o024ting>246>Clo4/Co024ting>Do*40ents>Dra1t-SP-800-1$#Q*lo4/-
/e1inition52/1
% htt2>>*olla6orate5nist5gov>t7i,i-*lo4/-
*o024ting>246>Clo4/Co024ting>Re1eren*eAr*hite*t4re+a'ono0y>N-S+QC
CQRe1eren*eQAr*hite*t4reQv1QBar*hQ%0Q201152/1
$ htt2>>7775aeol4s2ro;e*t5org
# htt2s>>gith465*o0>0atahari>0atahari>7i,i
6 htt2>>7775re/hat5*o0>0rg>0essaging>
7 htt2>>hail57i,i5,ernel5org>
8 htt2>>7775re/hat5*o0>i/entityQ0anage0ent>
" htt2>>1reei2a5org>
10 htt2>>1e/ora2ro;e*t5org>7i,i>&eat4res>SSSD
11 htt2>>7775*l4sterla6s5org>7i,i>Pa*e0a,er
12 htt2>>7775gn45org>s>hello>0an4al>a4to0a,e>VPA+9-)4il/s5ht0l
1% htt2s>>1e/orahoste/5org>*an/le2in>7i,i>(vervie7

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close