Portal:Cloud VPS/Infrastructure

From Wikitech

Cloud VPS is a virtualization cloud that uses OpenStack Compute. Base images are managed with Glance, and authentication uses LDAP-backed Keystone.

Cloud VPS currently runs in a single data center in Ashburn, Virginia. In the future, it will span two or more data centers, with a slightly different configuration in each.

For troubleshooting immediate issues, visit Portal:Cloud_VPS/Admin/Troubleshooting.

Slides from a brief presentation about WMCS OpenStack architecture

Cloud VPS Eqiad (Ashburn, VA)

Regions

We have one region: eqiad1-r (also referred to as eqiad1).

The eqiad name is based on the naming convention for data centers.

Horizon

Most users will manage their virtual servers using Horizon. Horizon is an upstream OpenStack web interface for the OpenStack APIs. Our Horizon site also includes several custom dashboards to access special WMCS features not available in stock Horizon.

Horizon is hosted on labweb1001.wikimedia.org and labweb1002.wikimedia.org and can be accessed at https://horizon.wikimedia.org.

Individual user accounts on WMCS can also be created via Striker which is at https://toolsadmin.wikimedia.org. Currently, any account created there is automatically added to the Tools project.

Controller

The OpenStack controller box cloudcontrol1005 runs the Glance and Keystone services, as well as nova-conductor and nova-scheduler. It is also the preferred place to access the OpenStack command-line client.

Other nodes cloudcontrol1006, cloudcontrol1007 are present as well.

Network

In the eqiad1-r region, we use Openstack Neutron which runs on servers cloudnet1003 and cloudnet1004.

Virtualization

See the deployments page for a list of hypervisors per region and their current status.

Cloudvirt hosts (also known as hypervisors) are pooled or depooled using the profile::openstack::eqiad1::nova::scheduler_pool key in Puppet Hiera.

Storage

Most Cloud VPS projects do not use shared NFS storage. If they need NFS, these are the available options:

  • Each member of a project has a project-wide shared home directory.
  • The project has a public shared volume, generally mounted to /data/project

All of the above are hosted on various NFS servers (clouddumps* and cloudstore*).

Monitoring

Most OpenStack-related services are monitored in Icinga just like other production services.

LDAP

LDAP is used for services throughout the WMF. The same LDAP database keeps track of project management and SSH keys for logins on VPS servers. LDAP is hosted on seaborgium and neptunium; The LDAP server software is OpenLDAP.

Each Cloud VPS instance has an /etc/ldap.conf file (managed by Puppet) with setting on how to access the LDAP servers.

DNS

DNS is handled by PowerDNS. Private DNS entries (e.g. foo.eqiad1.wikimedia.cloud) are created via Designate Sink and stored in a PDNS server using a MySQL backend. Public DNS entries are created via Horizon and the Designate API.

DNS in WMCS
DNS in WMCS
Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Portal:Cloud_VPS/Infrastructure&oldid=2117296"