OCS 2.6 System Tour

Elastic Cloud Services

Simple, Reliable On-demand Compute, Storage and Networking

With Cloudscaling OCS, you can spin up virtual machines (VMs), store and retrieve objects, and attach and detach virtual disks to achieve the performance, automation and cost benefits of public cloud infrastructure with the flexibility and control of your own private cloud deployment.

OCS Compute allows users to flexibly deploy virtual machine instances on-demand to support workloads and development projects in a secure, multi-tenant environment. VM instance types can be 100% compatible with Amazon Web Services (AWS) or Google Compute Engine (GCE) or custom sized for particular workloads or tenants.

OCS Block Storage provides persistent data volumes that are dynamically attached to virtual machine instances over the network to deliver high performance, scalable and cost-effective virtual disk drives. Additionally, volume snapshots (point-in-time copies) can be created and stored in OCS Object Storage to support a variety of reuse and backup use cases.

OCS Object Storage provides a triple-replicated, scale-engineered and durable repository for arbitrary files. It is ideal for storing media files, logs, virtual machine images and backups.

OCS Elastic Networking (VPC & Classic) – OCS delivers both Virtual Private Cloud (VPC) and Classic networking models to support a broad range of deployment options. Both leverage the same elastic networking architecture as modern public clouds such as AWS and GCE, employing high-speed L3 (layer-3) switch fabrics with 100% IP routing end-to-end to achieve maximum throughput at the lowest cost.

OCS Virtual Private Cloud (VPC) networking supports provisioning of logically isolated virtual networks with complete control and customization of the IP address range, subnet creation and specification of network gateways. Virtual Private Clouds provide a familiar network construct for typical enterprise networks, without sacrificing functionality such as tenant Security Groups and Elastic IPs.

For deployments that don’t require Virtual Private Clouds, OCS Classic Networking delivers scalable, public cloud compatible networking and security functionality with support for Elastic IPs, Security Groups, Elastic NetBlocks (contiguous tenant IP pools) and a scale-out, stateless NAT service.

All elastic cloud resources can be accessed via a command line interface (CLI) or graphical user interface (GUI) that leverages the underlying API calls. This simple, web services based programmability allows tenants to easily deploy 10s to 1000s of virtual machine instances on-demand.

Production-Grade Features

Cloudscaling OCS employs a systems approach that extends the power and cost-effectiveness of OpenStack with a number of unique, production-grade features to streamline the entire cloud operations lifecycle in scaled-out, production environments.

Putting OpenStack on a handful of servers may work for a simple dev/test virtual machine environment, but what happens when you need to transition to a full production data center that can scale to hundreds of racks and thousands of machines? Managing a full-production cloud environment requires a deep yet hierarchical understanding of system topology.

Manage your Cloud, Not Individual Servers

OCS Cloud Topology Management delivers the tools to manage configuration and deployment across a cloud topology designed for your needs. You can define, organize and manage blocks of cloud capacity through the intelligent integration of OCS software with supported hardware reference configurations.

OCS employs a Cloud-Wide Data Model of all physical cloud resources to aggregate key operational metrics. This cloud-wide data enables automation (e.g. abstractions like resource pools for managing capacity) and improves manageability.

Scale Engineered to Manage Zones of Resource Blocks

Leading public cloud providers achieve significant operational efficiency by eliminating time-consuming troubleshooting of individual servers. Similarly, Cloudscaling OCS enables cloud operators to manage racks of servers as a single resource to deliver unparalleled cloud management efficiency.

OCS manages elastic cloud infrastructure using blocks of compute, storage, networking and controllers organized into zones. The OCS Zone Management provides a secure control point to coordinate all block level hardware and software lifecycle automation tasks such as initial verification, hardware burn-in, OCS software provisioning, re-provisioning and decommissioning operations.

OCS Zone ManagerOCS Zone Management aggregates blocks of cloud capacity to simplify cloud management and streamline operations. It can assign resources to each block, manage the zone lifecycle, provide DNS for system-wide backend elements and take system-wide actions.

 

 

 

 

Operator Focused Automation & Lifecycle Management

Cloudscaling OCS automates deployment and provisioning of cloud capacity to let cloud operators build their OCS elastic cloud predictably and reliably. OCS provides a Cloud Operations Interface – via graphical user interface (GUI), command line interface (CLI) and application programming interface (API) – to simplify systems management and facilitate integration with external management systems.

Managing your cloud at scale means managing the entire system lifecycle across both hardware and software. Using OCS you can readily stand up, burn-in and provision hardware, deploy and organize software across multiple racks, make automation and capacity management decisions using cross-rack metadata, and perform rolling upgrades a rack at a time.

OCS Hardware Lifecycle Management

How many compute instances of which types do you have left? How much object storage capacity remains unused? When do you need more and of what kind? OCS can easily answer these questions, and more, by providing the topology and cloud system management features required by cloud operators. What used to take days can now be accomplished in minutes.

When the cloud is down, so is your business.

OCS incorporates unique scale-out availability features as a primary design goal. Our engineers are continuously refining and hardening OCS with each new release. OCS takes several approaches to providing scale-out availability:

  • OCS Multi-pathing
  • Small failure domains
  • Internal sharding

OCS Multi-pathing is a unique load balancing pattern for all of OpenStack’s stateless components such as API endpoints and scheduler processes. This approach allows running as many API servers and schedulers as needed. OCS scales horizontally, just like the applications that run on it, with every load-balanced service designed to fail in isolation.

Real clouds are designed for failure and assume that something will break at any time. OCS is designed using a “small failure domain” model for this reason. Components are loosely-coupled, as small as possible, and designed to fail in isolation. In combination with OCS Multi-pathing and OCS Intelligent Scheduling, work is distributed to API endpoints, worker processes and cloud controllers of various types. Any system component can fail at any time without impacting its neighbors.

The availability features built into OCS reduce the chance of catastrophic cascading failures, enable effortless horizontal scaling of the cloud’s internal services, and support building a cloud that can deliver 99.9% to 99.99% uptime for core cloud services. OCS is the only cloud system designed for high uptime to support 24x7x365 workloads.

How do you maintain quality of service during critical elastic spikes in system usage? How do you avoid performance bottlenecks when you grow your overall cloud footprint, while avoiding a painful re-engineering of the core cloud deployment architecture? Under the hood, OCS delivers high performance features optimized to work together across the system, as well as an overall architecture scale-engineered from top to bottom.

The OCS Intelligent Resource Schedulers ensure that compute and block storage resources maximize utilization while ensuring minimum Quality of Service (QoS) levels. They also distribute resources across failure domains, reducing the impact of failed servers, disk drives and storage clusters. To learn more, download the OCS Scheduler Feature Brief.

The OCS Elastic Network Architecture leverages open, proven and performant technologies to enable a high performance network architecture. The network architecture is broken up into three layers: block, core and edge. At the data layer, the OCS network architecture leverages 10GE switches and connections to provide a high bandwidth fabric for data (VM and storage) traffic. In concert with Block Designs, network capacity is scalable by increasing the number of uplinks per block. By limiting the Nova Network Controller (NNC) to only be responsible for security group and VM metadata management while distributing core networking services – such as IP routing, Elastic IPs, DHCP and NAT services to dedicated scale-out OCS nodes – OCS is able to completely eliminate all network performance bottlenecks in Nova.

OCS delivers High IOPS, Multi-Tenant Block Storage on industry standard x86 hardware using a variety of storage technologies including SSD acceleration to prevent performance problems. This feature bundles random writes into large block sequential writes – reducing head contention on block storage clusters and smoothing multi-tenancy latency effects. On the read side, large RAM configurations also provide high-speed read caches. This further reduces head contention, decreases latency and delivers SSD-grade I/O performance at the cost of standard magnetic disk drives. A single volume can provide in excess of 40,000 IOPS with 4K block sizes using mixed read/write and mixed sequential/random workloads. OCS Block Storage also includes built-in data protection via 128-bit checksumming, guaranteeing the integrity of your data. To learn more, download the OCS Storage Feature Brief.

OCS Security Philosophy

The Cloudscaling OCS Security philosophy is focused on protection of both the entry points into OCS (namely the API endpoints that power the cloud control plane) and the cloud resources themselves. Our goal is to minimize or eliminate the effects of denial-of-service attacks, unauthorized remote access, transmission of malformed data and destruction of data.

Cloudscaling employs a defense-in-depth strategy that embeds security controls at every layer of OCS. These controls include:

  • OS Hardening such as removing non-essential packages and services
  • Logging for a secure network audit trail
  • Network Access Control Lists for resource network partitioning
  • Encryption via SSL/TLS-enabled API endpoints
  • Restricted Operator Access via the OCS Secure Administration Gateway

 

Classic and VPC Networking for Security and Control

Modern public clouds such as AWS and GCE use high-speed switch fabrics with 100% IP routing end-to-end to achieve maximum throughput at the lowest cost. OCS delivers the same elastic networking architecture built on a scalable layer 3 fabric with a choice of both Classic & Virtual Private Cloud (VPC) network models.

OCS Classic NetworkingIn terms of security, OCS Classic Networking supports ingress security groups and the creation and assignment of elastic IPs. As all instances are visible by default with public and private IP addresses assigned, inbound security groups are the primary mechanism for network security.

 

 

 

 

For additional security and flexibility, OCS VPC Networking delivers full control of the network fabric. Virtual Private Clouds (VPCs) are virtual networks created as an overlay above cloud infrastructure to improve network agility, to increase network isolation for application services and to emulate existing physical network configurations for interoperability.

OCS VPC NetworkingCloudscaling OCS VPC employs Software Defined Networking (SDN) to create the virtual network overlay above the shared layer 3 physical networking. Each tenant in the cloud can create multiple VPCs, and then within each VPC, multiple subnets that logically isolate network traffic. Users can manage the IP address pools for each VPC and subnet, and create and manage Elastic Network Interfaces to dynamically bind network profiles to instances. Beyond the security groups controlling inbound traffic at the instance level, VPC networking also supports Network ACLs to control network traffic on the subnets. Deploying application tiers into isolated subnets ensures they are not directly accessible from the Internet and further isolates these servers from external attacks over the network to increase security.

Public Cloud Fidelity Architecture

Enable hybrid cloud deployments spanning private and public cloud services

Elastic clouds represent a completely new IT infrastructure model. Pioneered by the largest Internet businesses like Amazon and Google, the elastic cloud approach rethinks the entire IT stack from the concrete up through the applications. Data center design, industry standard hardware, network engineering and software architecture have all been reconsidered. Cloudscaling OCS delivers a true elastic cloud model following in the footsteps of these giants.

OCS faithfully recreates operational and architectural compatibility with both Amazon Web Services (AWS) and Google Compute Engine (GCE) to support hybrid cloud deployments. OCS provides the only elastic cloud system specifically designed to enable the integration and management of public and private cloud infrastructure as a single environment in support of use cases such as:

  • Hybrid deployment of applications (for example, to run the sensitive database on the private cloud with the stateless web instances in the public cloud)
  • Bursting during peak usage to the public cloud to 
“own the base and rent the spike”
  • Repatriation of apps from the public cloud 
(either dev/test or production) for control or economics

Behavioral Fidelity Beyond APIs

OCS provides full API compatibility to both AWS and GCE and can easily leverage common tools and libraries. As a result, there’s no need to refactor applications for private cloud or to retrain personnel that are already using public clouds.

API compatibility, however, is not enough to realize common private/public cloud use cases. Behavioral fidelity is also required. This means the infrastructure underneath the API also needs to match. OCS includes a number of additional capabilities that provide a 1:1 mapping to key elastic cloud resources and recreate the architecture, cost model and scalability of supported public clouds, including:

  • AWS-style resource scheduling
  • Classic Networking in the EC2 model
  • VPC Networking in the EC2 model
  • Elastic Block Storage in the EC2 model
  • Block-based reference architecture

By minimizing differences in compute, storage, networking and APIs, OCS facilitates deploying and managing cloud applications in the environment that best fits your business needs. This behavioral fidelity can only be achieved when an integrated systems architecture is applied to building elastic clouds. With low cost hardware and fast provisioning times, OCS can support highly resilient applications at less than half the cost of using public cloud infrastructure.

100% OpenStack Technology

Extending OpenStack

Cloudscaling’s production-ready system is built around 100% stock OpenStack components. Cloudscaling takes the base OpenStack release, adds drivers, plugins and additional open source software to address functional gaps, then tunes the system configuration to production-ready defaults. With OpenStack Compute providing over 500 configuration choices, Cloudscaling OCS prescribes a system configuration that is production-grade and public cloud compatible.

With every new OCS release, Cloudscaling evaluates new OpenStack sub-projects to be incorporated into OCS when they are stable and production-ready.

Modular Capacity Reference Configurations

So how do you quickly deploy a scalable, elastic cloud that can handle multiple tenants with a wide range of different workloads and performance requirements? Enter Open Cloud System’s CloudBlocks™ architecture. Leading public cloud pioneers use modular, industry standard hardware rack configurations that leverage standard interfaces (Ethernet, TCP/IP, x86, open source hypervisors). Repeatable, homogeneous blocks of compute, storage and networking capacity support faster scale-out and a lower total cost of ownership than traditional, server-centric design approaches. Cloudscaling OCS implements the same modular design approach, but extends it for flexible configurability.

Block Architecture

CloudBlocks is a unified software and hardware reference architecture for enabling managed blocks of cloud capacity to match application workload demands with the appropriate virtual infrastructure resources. CloudBlocks let you design, deploy and manage one rack or block at a time. By providing a proven and scale-engineered reference architecture, OCS CloudBlocks speed time to deployment, simplify overall capacity management and optimize application performance.

Choice of Hardware Components

Certified hardware components

With years of production-grade IaaS experience, we know that testing and certifying specific infrastructure hardware is critical to enable support for the entire running system (including the hypervisor, hardware infrastructure and network elements). There is sufficient variability across even industry standard hardware to introduce instability in large-scale, distributed systems.

Cloudscaling’s OCS CloudBlocks support a wide range of configurations using proven, standards-based hardware components from Arista, Cisco, Dell, Juniper and Quanta. OCS system software integrates reference hardware configurations for every OCS Block Design.