DOCSLIB.ORG

Red Hat Openstack Platform 16.0 Instances and Images Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Red Hat OpenStack Platform 16.0 Instances and Images Guide Managing Instances and Images Last Updated: 2020-10-23 Red Hat OpenStack Platform 16.0 Instances and Images Guide Managing Instances and Images OpenStack Team [email protected] Legal Notice Copyright © 2020 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project. The OpenStack ® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community. All other trademarks are the property of their respective owners. Abstract The Instances and Images guide provides procedures for the management of instances, images of a Red Hat OpenStack Platform environment. Table of Contents Table of Contents .P .R . E. .F . A. .C . E. 6. .C . H. .A . P. .T .E . R. 1.. .I .M . A. .G . .E . S. .E . R. .V . I.C . E. 7. 1.1. UNDERSTANDING THE IMAGE SERVICE 7 1.1.1. Image Signing and Verification 7 1.1.2. Image conversion 8 1.1.3. Image Introspection 8 1.1.4. Interoperable Image Import 9 1.1.5. Improving scalability with Image service caching 9 1.1.6. Image pre-caching 10 1.1.6.1. Configuring the default interval for periodic image pre-caching 10 1.1.6.2. Using a periodic job to pre-cache an image 10 1.2. MANAGE IMAGES 13 1.2.1. Creating an Image 13 1.2.1.1. Use a KVM Guest Image With Red Hat OpenStack Platform 13 1.2.1.2. Create Custom Red Hat Enterprise Linux or Windows Images 14 1.2.1.2.1. Create a Red Hat Enterprise Linux 7 Image 15 1.2.1.2.2. Create a Red Hat Enterprise Linux 6 Image 20 1.2.1.2.3. Create a Windows Image 25 1.2.1.3. Use libosinfo 26 1.2.2. Upload an Image 26 1.2.3. Update an Image 27 1.2.4. Import an Image 28 1.2.4.1. Import from a Remote URI 28 1.2.4.2. Import from a Local Volume 28 1.2.5. Delete an Image 29 1.2.6. Hide or Unhide an Image 29 1.2.7. Show Hidden Images 30 1.2.8. Enabling image conversion 30 1.2.9. Converting an image to RAW format 30 1.2.9.1. Configuring Image Service to accept RAW and ISO only 30 1.2.10. Storing an image in RAW format 31 .C . H. .A . P. .T .E . R. 2. C. .O . .N . F. .I G. .U . .R .I .N . G. T. .H . E. C. .O . M. P. .U . T. .E . .( N. O. .V . A. .) . S. E. .R . V. .I C. .E . .3 . 2. 2.1. CONFIGURING MEMORY FOR OVERALLOCATION 33 2.2. CALCULATING RESERVED HOST MEMORY ON COMPUTE NODES 33 2.3. CALCULATING SWAP SIZE 34 .C . H. .A . P. .T .E . R. 3. C. O. .N . F. .I G. U. .R . E. .O . .P . E. N. S. T. .A . C. .K . .C . O. .M . .P . U. .T . E. S. T. .O . .R .A . G. E. .3 . 5. 3.1. ARCHITECTURE OVERVIEW 35 3.2. CONFIGURATION 36 .C . H. .A . P. .T .E . R. 4. .V . I.R . T. U. .A . .L . M. A. .C . H. .I N. E. .I N. S. T. .A . N. .C . E. .S . .3 . 9. 4.1. MANAGE INSTANCES 39 4.1.1. Add Components 39 4.1.2. Launch an Instance 39 4.1.2.1. Launch Instance Options 40 4.1.3. Update an Instance (Actions menu) 41 4.1.4. Resize an Instance 43 4.1.5. Connect to an Instance 43 4.1.5.1. Access an Instance Console using the Dashboard 44 4.1.5.2. Directly Connect to a VNC Console 44 1 Red Hat OpenStack Platform 16.0 Instances and Images Guide 4.1.6. View Instance Usage 45 4.1.7. Delete an Instance 45 4.1.8. Manage Multiple Instances at Once 45 4.2. MANAGE INSTANCE SECURITY 46 4.2.1. Manage Key Pairs 46 4.2.1.1. Create a Key Pair 46 4.2.1.2. Import a Key Pair 46 4.2.1.3. Delete a Key Pair 46 4.2.2. Create a Security Group 47 4.2.3. Create, Assign, and Release Floating IP Addresses 47 4.2.3.1. Allocate a Floating IP to the Project 47 4.2.3.2. Assign a Floating IP 47 4.2.3.3. Release a Floating IP 48 4.2.4. Log in to an Instance 48 4.2.5. Inject an admin Password Into an Instance 49 4.3. MANAGE FLAVORS 50 4.3.1. Update Configuration Permissions 51 4.3.2. Create a Flavor 51 4.3.3. Update General Attributes 52 4.3.4. Update Flavor Metadata 52 4.3.4.1. View Metadata 52 4.3.4.2. Add Metadata 52 4.4. MANAGE HOST AGGREGATES 57 4.4.1. Enable Host Aggregate Scheduling 58 4.4.2. View Availability Zones or Host Aggregates 58 4.4.3. Add a Host Aggregate 58 4.4.4. Update a Host Aggregate 59 4.4.5. Delete a Host Aggregate 59 4.5. SCHEDULE HOSTS 60 4.5.1. Configure Scheduling Filters 61 4.5.2. Configure Scheduling Weights 64 4.5.2.1. Configure Weight Options for Hosts 64 4.5.3. Configure Placement Service Traits 65 4.5.3.1. libvirt virtualization driver capabilities as placement service traits 66 4.5.3.2. Using placement service traits to specify resource provider requirements 66 4.5.4. Configuring a guaranteed minimum bandwidth QoS 67 4.5.4.1. Removing a guaranteed minimum bandwidth QoS from an instance 69 4.5.5. Reserve NUMA Nodes with PCI Devices 69 4.5.6. Configure Emulator Threads to run on Dedicated Physical CPU 70 4.6. MANAGE INSTANCE SNAPSHOTS 70 4.6.1. Create an Instance Snapshot 71 4.6.2. Manage a Snapshot 72 4.6.3. Rebuild an Instance to a State in a Snapshot 72 4.6.4. Consistent Snapshots 72 4.7. USE RESCUE MODE FOR INSTANCES 73 4.7.1. Preparing an Image for a Rescue Mode Instance 73 4.7.1.1. Rescue Image if Using ext4 Filesystem 73 4.7.2. Adding the Rescue Image to the OpenStack Image Service 74 4.7.3. Launching an Instance in Rescue Mode 74 4.7.4. Unrescuing an Instance 75 4.8. SET A CONFIGURATION DRIVE FOR INSTANCES 75 4.8.1. Configuration Drive Options 75 4.8.2. Use a Configuration Drive 75 2 Table of Contents .C . H. .A . P. .T .E . R. 5. M. I.G . .R . A. .T .I .N . G. V. .I R. .T . U. .A . L. M. .A . C. .H . .I N. .E . .I N. .S . T. .A . N. .C . E. .S . B. .E . T. .W . .E .E . N. C. .O . .M . .P . U. .T .E . .N . O. D. .E . S. .7 . 6. 5.1. MIGRATION TYPES 76 5.2. MIGRATION CONSTRAINTS 78 5.3. PREPARING TO MIGRATE 79 5.4. COLD MIGRATING AN INSTANCE 80 5.5. LIVE MIGRATING AN INSTANCE 81 5.6. CHECKING MIGRATION STATUS 82 5.7. EVACUATING AN INSTANCE 83 5.7.1. Evacuating one instance 83 5.7.2. Evacuating all instances on a host 84 5.7.3. Configuring shared storage 85 5.8. TROUBLESHOOTING MIGRATION 86 5.8.1. Errors during migration 86 5.8.2. Never-ending live migration 87 5.8.3. Instance performance degrades after migration 88 .C . H. .A . P. .T .E . R. 6. .S .C . A. .L . I.N . G. .D . E. .P . L. O. Y. .M . E. .N . T. .S . .W . .I T. .H . .C . O. .M . .P . U. .T . E. C. .E .L . L. .S . .8 .9 . 6.1. CELL COMPONENTS 89 6.2. CELL DEPLOYMENTS ARCHITECTURE 90 6.3. CONSIDERATIONS FOR MULTI-CELL DEPLOYMENTS 91 6.4. DEPLOYING A MULTI-CELL OVERCLOUD 93 6.5. CREATING AND PROVISIONING A CELL 98 6.6.
Recommended publications
  • Upgrading Cfengine Nova a Cfengine Special Topics Handbook

    Upgrading Cfengine Nova a Cfengine Special Topics Handbook

    Upgrading CFEngine Nova A CFEngine Special Topics Handbook CFEngine AS This document describes how software updates work in CFEngine Nova. ¨ © Copyright c 2010- CFEngine AS 1 v i Table of Contents What does upgrading mean? ::::::::::::::::::::::::::::::::::::::::: 3 Why do I need to upgrade?::::::::::::::::::::::::::::::::::::::::::: 3 How does upgrading work? ::::::::::::::::::::::::::::::::::::::::::: 3 How can I do phased deployment? :::::::::::::::::::::::::::::::::::: 4 What if I have multiple operating system platforms? ::::::::::::::::::: 4 How do Nova policies update if I already have my own policy? ::::::::: 4 Appendix A Manual package upgrade commands ::::::: 5 3 What does upgrading mean? A software upgrade involves obtaining a new version of the CFEngine software from soft- ware.CFEngine.com and installing it in place of the old. When software is updated, the previous version of the software is retained. From version 1.1 of CFEngine Nova, CFEngine is fully capable of managing its own updates ¨ and service restarts with a minimum of manual work on the policy server. Existing users of version 1.0 will need to upgrade the software manually on the affected sys- tems, or use the existing CFEngine to assist in the manual process. Please contact CFEngine Professional Services for for assistance (see Appendix). © Why do I need to upgrade? Bug fixes and new features are included in new software releases. To gain access to these fixes, you need to upgrade the software. Changes to the standard Community Open Promise Body Library might make use of new features, so upgrading brings you access to these new methods. How does upgrading work? CFEngine packages its software in operating sytsem compatible package formats (RPM, PKG, MSI, etc).
  • Trusted Docker Containers and Trusted Vms in Openstack

    Trusted Docker Containers and Trusted Vms in Openstack

    Trusted Docker Containers and Trusted VMs in OpenStack Raghu Yeluri Abhishek Gupta Outline o Context: Docker Security – Top Customer Asks o Intel’s Focus: Trusted Docker Containers o Who Verifies Trust ? o Reference Architecture with OpenStack o Demo o Availability o Call to Action Docker Overview in a Slide.. Docker Hub Lightweight, open source engine for creating, deploying containers Provides work flow for running, building and containerizing apps. Separates apps from where they run.; Enables Micro-services; scale by composition. Underlying building blocks: Linux kernel's namespaces (isolation) + cgroups (resource control) + .. Components of Docker Docker Engine – Runtime for running, building Docker containers. Docker Repositories(Hub) - SaaS service for sharing/managing images Docker Images (layers) Images hold Apps. Shareable snapshot of software. Container is a running instance of image. Orchestration: OpenStack, Docker Swarm, Kubernetes, Mesos, Fleet, Project Docker Layers Atomic, Lattice… Docker Security – 5 key Customer Asks 1. How do you know that the Docker Host Integrity is there? o Do you trust the Docker daemon? o Do you trust the Docker host has booted with Integrity? 2. How do you verify Docker Container Integrity o Who wrote the Docker image? Do you trust the image? Did the right Image get launched? 3. Runtime Protection of Docker Engine & Enhanced Isolation o How can Intel help with runtime Integrity? 4. Enterprise Security Features – Compliance, Manageability, Identity authentication.. Etc. 5. OpenStack as a single Control Plane for Trusted VMs and Trusted Docker Containers.. Intel’s Focus: Enable Hardware-based Integrity Assurance for Docker Containers – Trusted Docker Containers Trusted Docker Containers – 3 focus areas o Launch Integrity of Docker Host o Runtime Integrity of Docker Host o Integrity of Docker Images Today’s Focus: Integrity of Docker Host, and how to use it in OpenStack.
  • Red Hat Enterprise Linux 6 Developer Guide

    Red Hat Enterprise Linux 6 Developer Guide

    Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Dave Brolley William Cohen Roland Grunberg Aldy Hernandez Karsten Hopp Jakub Jelinek Developer Guide Jeff Johnston Benjamin Kosnik Aleksander Kurtakov Chris Moller Phil Muldoon Andrew Overholt Charley Wang Kent Sebastian Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Edition 0 Author Dave Brolley [email protected] Author William Cohen [email protected] Author Roland Grunberg [email protected] Author Aldy Hernandez [email protected] Author Karsten Hopp [email protected] Author Jakub Jelinek [email protected] Author Jeff Johnston [email protected] Author Benjamin Kosnik [email protected] Author Aleksander Kurtakov [email protected] Author Chris Moller [email protected] Author Phil Muldoon [email protected] Author Andrew Overholt [email protected] Author Charley Wang [email protected] Author Kent Sebastian [email protected] Editor Don Domingo [email protected] Editor Jacquelynn East [email protected] Copyright © 2010 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
  • Providing User Security Guarantees in Public Infrastructure Clouds

    Providing User Security Guarantees in Public Infrastructure Clouds

    1 Providing User Security Guarantees in Public Infrastructure Clouds Nicolae Paladi, Christian Gehrmann, and Antonis Michalas Abstract—The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments. Index Terms—Security; Cloud Computing; Storage Protection; Trusted Computing F 1 INTRODUCTION host level. While support data encryption at rest is offered by several cloud providers and can be configured by tenants Cloud computing has progressed from a bold vision to mas- in their VM instances, functionality and migration capabil- sive deployments in various application domains. However, ities of such solutions are severely restricted.
  • Red Hat Enterprise Linux 8 Security Hardening

    Red Hat Enterprise Linux 8 Security Hardening

    Red Hat Enterprise Linux 8 Security hardening Securing Red Hat Enterprise Linux 8 Last Updated: 2021-09-06 Red Hat Enterprise Linux 8 Security hardening Securing Red Hat Enterprise Linux 8 Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
  • Secure Foundations: Why RHEL Isn't Just Another Linux

    Secure Foundations: Why RHEL Isn't Just Another Linux

    Secure Foundations: Why RHEL isn’t just another Linux distribution Lucy Kerner Principal Technical Product Marketing Manager - Security, Red Hat May 3, 2017 ONLY TWO OPERATING SYSTEMS MATTER WORLDWIDE SERVER OPERATING ENVIRONMENT NEW LICENSE SHIPMENTS AND PAID SUBSCRIPTIONS 2008-2019 (000) Why does the OS matter? “Vulnerabilities, patch management, and their exploitation are still the root cause of most breaches.” - Gartner, September 2016 [http://www.gartner.com/doc/3438517/time-align-vulnerability-manageme nt-priorities] There are lots of OS’s out there…. TRADITIONAL LIGHTWEIGHT ABSTRACTION 15 Years of Making Open Source Enterprise-Ready PARTICIPATE We participate in and create STABILIZE community-powered upstream projects. We commercialize these platforms together with a rich ecosystem of services and certifications. INTEGRATE We integrate upstream projects, fostering open Containers community platforms. Secure Virtualization Software IBM Power Control Groups Defined Cluster File IBM Z Series Automated Security Real-Time Networking Red Hat Systems Audits Kernel Enterprise Virtualization Software Linux is Born Defined Storage ‘02 ‘03 ‘05 ‘07 ‘10 ‘11 ‘12 ‘13 ‘15 ‘17 Top Corporate Maintainer of the Linux Kernel CORPORATE SIGNOFFS SINCE KERNEL 3.19 Source: Linux Kernel Development (The Linux Foundation, August 2016) What security do I get with Red Hat Enterprise Linux? Security Technologies in Red Hat Enterprise Linux Identity Crypto SELinux Management OpenSCAP Auditd IdM/SSSD VALUE OF A RED HAT SUBSCRIPTION CUSTOMER GLOBAL AUTOMATED PRODUCT EXPERTISE PORTAL TECHNICAL SERVICES SECURITY SUPPORT CERTIFICATIONS COMMUNITIES CONTINUOUS ASSURANCES LIFE-CYCLE FEEDBACK PROMISE PRODUCT SECURITY MISSION Red Hat Product Security's mission is to help protect customers from meaningful security concerns and manage vulnerabilities in open source software.
  • Ein Wilder Ritt Distributionen

    Ein Wilder Ritt Distributionen

    09/2016 Besichtigungstour zu den skurrilsten Linux-Distributionen Titelthema Ein wilder Ritt Distributionen 28 Seit den frühen 90ern schießen die Linux-Distributionen wie Pilze aus dem Boden. Das Linux-Magazin blickt zurück auf ein paar besonders erstaunliche oder schräge Exemplare. Kristian Kißling www.linux-magazin.de © Antonio Oquias, 123RF Oquias, © Antonio Auch wenn die Syntax anderes vermu- samer Linux-Distributionen aufzustellen, Basis für Evil Entity denkt (Grün!), liegt ten lässt, steht der Name des klassischen denn in den zweieinhalb Jahrzehnten falsch. Tatsächlich basierte Evil Entity auf Linux-Tools »awk« nicht für Awkward kreuzte eine Menge von ihnen unseren Slackware und setzte auf einen eher düs- (zu Deutsch etwa „tolpatschig“), sondern Weg. Während einige davon noch putz- ter anmutenden Enlightenment-Desktop für die Namen seiner Autoren, nämlich munter in die Zukunft blicken, ist bei an- (Abbildung 3). Alfred Aho, Peter Weinberger und Brian deren nicht recht klar, welche Zielgruppe Als näher am Leben erwies sich der Fo- Kernighan. Kryptische Namen zu geben sie anpeilen oder ob sie überhaupt noch kus der Distribution, der auf dem Ab- sei eine lange etablierte Unix-Tradition, am Leben sind. spielen von Multimedia-Dateien lag – sie heißt es auf einer Seite des Debian-Wiki wollten doch nur Filme schauen. [1], die sich mit den Namen traditioneller Linux für Zombies Linux-Tools beschäftigt. Je kaputter, desto besser Denn, steht dort weiter, häufig halten Apropos untot: Die passende Linux- Entwickler die Namen ihrer Tools für Distribution für Zombies ließ sich recht Auch Void Linux [4], der Name steht selbsterklärend oder sie glauben, dass einfach ermitteln. Sie heißt Undead Linux je nach Übersetzung für „gleichgültig“ sie die User ohnehin nicht interessieren.
  • NOVA: a Log-Structured File System for Hybrid Volatile/Non

    NOVA: a Log-Structured File System for Hybrid Volatile/Non

    NOVA: A Log-structured File System for Hybrid Volatile/Non-volatile Main Memories Jian Xu and Steven Swanson, University of California, San Diego https://www.usenix.org/conference/fast16/technical-sessions/presentation/xu This paper is included in the Proceedings of the 14th USENIX Conference on File and Storage Technologies (FAST ’16). February 22–25, 2016 • Santa Clara, CA, USA ISBN 978-1-931971-28-7 Open access to the Proceedings of the 14th USENIX Conference on File and Storage Technologies is sponsored by USENIX NOVA: A Log-structured File System for Hybrid Volatile/Non-volatile Main Memories Jian Xu Steven Swanson University of California, San Diego Abstract Hybrid DRAM/NVMM storage systems present a host of opportunities and challenges for system designers. These sys- Fast non-volatile memories (NVMs) will soon appear on tems need to minimize software overhead if they are to fully the processor memory bus alongside DRAM. The result- exploit NVMM’s high performance and efficiently support ing hybrid memory systems will provide software with sub- more flexible access patterns, and at the same time they must microsecond, high-bandwidth access to persistent data, but provide the strong consistency guarantees that applications managing, accessing, and maintaining consistency for data require and respect the limitations of emerging memories stored in NVM raises a host of challenges. Existing file sys- (e.g., limited program cycles). tems built for spinning or solid-state disks introduce software Conventional file systems are not suitable for hybrid mem- overheads that would obscure the performance that NVMs ory systems because they are built for the performance char- should provide, but proposed file systems for NVMs either in- acteristics of disks (spinning or solid state) and rely on disks’ cur similar overheads or fail to provide the strong consistency consistency guarantees (e.g., that sector updates are atomic) guarantees that applications require.
  • Red Hat Enterprise Linux Openstack Platform on Inktank Ceph Enterprise

    Red Hat Enterprise Linux Openstack Platform on Inktank Ceph Enterprise

    Red Hat Enterprise Linux OpenStack Platform on Inktank Ceph Enterprise Cinder Volume Performance Performance Engineering Version 1.0 December 2014 100 East Davie Street Raleigh NC 27601 USA Phone: +1 919 754 4950 Fax: +1 919 800 3804 Linux is a registered trademark of Linus Torvalds. Red Hat, Red Hat Enterprise Linux and the Red Hat "Shadowman" logo are registered trademarks of Red Hat, Inc. in the United States and other countries. Dell, the Dell logo and PowerEdge are trademarks of Dell, Inc. Intel, the Intel logo and Xeon are registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. All other trademarks referenced herein are the property of their respective owners. © 2014 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, V1.0 or later (the latest version is presently available at http://www.opencontent.org/openpub/). The information contained herein is subject to change without notice. Red Hat, Inc. shall not be liable for technical or editorial errors or omissions contained herein. Distribution of modified versions of this document is prohibited without the explicit permission of Red Hat Inc. Distribution of this work or derivative of this work in any standard (paper) book form for commercial purposes is prohibited unless prior permission is obtained from Red Hat Inc. The GPG fingerprint of the [email protected] key is: CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E www.redhat.com 2 Performance Engineering Table of Contents 1 Executive Summary ........................................................................................
  • Firecracker: Lightweight Virtualization for Serverless Applications

    Firecracker: Lightweight Virtualization for Serverless Applications

    Firecracker: Lightweight Virtualization for Serverless Applications Alexandru Agache, Marc Brooker, Andreea Florescu, Alexandra Iordache, Anthony Liguori, Rolf Neugebauer, Phil Piwonka, and Diana-Maria Popa, Amazon Web Services https://www.usenix.org/conference/nsdi20/presentation/agache This paper is included in the Proceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’20) February 25–27, 2020 • Santa Clara, CA, USA 978-1-939133-13-7 Open access to the Proceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’20) is sponsored by Firecracker: Lightweight Virtualization for Serverless Applications Alexandru Agache Marc Brooker Andreea Florescu Amazon Web Services Amazon Web Services Amazon Web Services Alexandra Iordache Anthony Liguori Rolf Neugebauer Amazon Web Services Amazon Web Services Amazon Web Services Phil Piwonka Diana-Maria Popa Amazon Web Services Amazon Web Services Abstract vantage over traditional server provisioning processes: mul- titenancy allows servers to be shared across a large num- Serverless containers and functions are widely used for de- ber of workloads, and the ability to provision new func- ploying and managing software in the cloud. Their popularity tions and containers in milliseconds allows capacity to be is due to reduced cost of operations, improved utilization of switched between workloads quickly as demand changes. hardware, and faster scaling than traditional deployment meth- Serverless is also attracting the attention of the research com- ods. The economics and scale of serverless applications de- munity [21,26,27,44,47], including work on scaling out video mand that workloads from multiple customers run on the same encoding [13], linear algebra [20, 53] and parallel compila- hardware with minimal overhead, while preserving strong se- tion [12].
  • Raiffeisenbank Speeds Data Warehouse, Cuts Costs with Red Hat Enterprise Linux

    Raiffeisenbank Speeds Data Warehouse, Cuts Costs with Red Hat Enterprise Linux

    CUSTOMER CASE STUDY RAIFFEISENBANK SPEEDS DATA WAREHOUSE, CUTS COSTS WITH RED HAT ENTERPRISE LINUX Raiffeisenbank, a banking institution that provides a wide range of services to private and corporate clients in the Czech Republic, needed to replace the aging hardware and IBM AIX operating system that supported its data warehouse. By migrating to Red Hat Enterprise Linux running on cost-effective Hitachi servers with Intel processors, the bank has tripled system performance speed and maintained stability — while cutting total cost SOFTWARE AND of ownership (TCO) by 50%. SERVICES Red Hat® Enterprise Linux® HARDWARE Hitachi Unified Compute Platform for Oracle Database Hitachi Compute Blade 2500 Prague, Czech Republic FINANCIAL SERVICES (CB 2500) Hitachi Virtual Storage HEADQUARTERS 3,000 EMPLOYEES Platform G600 (VSP G600) 120 BRANCHES PARTNER “There are many benefits to using Red Hat MHM computer a.s. and Oracle solutions together, and also BENEFITS from moving from IBM to Intel. We feel • Achieved three times faster a combination of Red Hat and Oracle on system performance an Intel platform is a preferred solution • Anticipates 50% decrease for any company.” in total cost of ownership over five years JIŘÍ KOUTNÍK HEAD OF SYSTEM ADMINISTRATION, • Gained greater flexibility by RAIFFEISENBANK eliminating vendor lock-in facebook.com/redhatinc @redhatnews linkedin.com/company/red-hat redhat.com AGING UNIX SYSTEM TOO SLOW FOR MODERN BUSINESS Raiffeisenbank a.s. provides a wide range of banking services to private and corporate clients in the Czech Republic at more than 120 branches and business client centers. The bank offers corpo- rate and personal finance products and services related to savings, insurance, and leasing, including specialized mortgage centers and business advisors.
  • Blanc Und Fischer IT Services Gmbh Improves Manufacturing with Red Hat, IBM, and SAP

    Blanc Und Fischer IT Services Gmbh Improves Manufacturing with Red Hat, IBM, and SAP

    Customer case study Blanc und Fischer IT Services GmbH improves manufacturing with Red Hat, IBM, and SAP BLANC & FISCHER Family Holding, the parent and holding company of five subgroups, shapes kitchens as living spaces all over the world. The Holding sought to improve manufacturing pro- ductivity and speed application development for its subgroups. To support these efforts, the group became one of the world’s first companies to migrate its extensive SAP environment to Red Hat Enterprise Linux for SAP Solutions on IBM POWER9. With this central, reliable infra- structure foundation, BLANC & FISCHER has achieved consistent global production processes, improved system availability, and reduced database response times by 30%. Software Manufacturing Red Hat® Enterprise Linux® for SAP Solutions 8,300 employees Hardware 56 locations worldwide IBM POWER9 servers Oberderdingen, Baden-Württemberg, Germany Partners Benefits SAP Headquarters • Improved consistent worldwide production IBM with central, standardized “ With the parallel operation of our SAP platform for SAP systems systems on Red Hat and IBM technology, we • Reduced database response can develop and launch new business models times by 30%—with fewer to prepare for a more connected future in compute resources the kitchen, the factory, and beyond.” • Enhanced production performance by Manfred Leistner Director and Head of Technology, eliminating downtime Blanc und Fischer IT Services GmbH facebook.com/redhatinc @RedHat linkedin.com/company/red-hat redhat.com Standardizing IT infrastructure for SAP environment Blanc und Fischer IT Services GmbH is the central IT service provider to the BLANC & FISCHER Family Holding, which shapes kitchen living spaces worldwide. It includes E.G.O.-Group, BLANCO- Group, BLANCO Professional-Group, ARPA and DEFENDI-Group.