summaryrefslogtreecommitdiffstats
path: root/docs/requirements/multisite-centralized-service.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/requirements/multisite-centralized-service.rst')
-rw-r--r--docs/requirements/multisite-centralized-service.rst109
1 files changed, 109 insertions, 0 deletions
diff --git a/docs/requirements/multisite-centralized-service.rst b/docs/requirements/multisite-centralized-service.rst
new file mode 100644
index 0000000..5dbbfc8
--- /dev/null
+++ b/docs/requirements/multisite-centralized-service.rst
@@ -0,0 +1,109 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+==============================
+ Multisite centralized service
+==============================
+
+
+Problem description
+===================
+
+Abstract
+--------
+
+a user should have one centralized service for resources management and/or
+replication(sync tenant resources like images, ssh-keys, etc) across multiple
+OpenStack clouds.
+
+Description
+------------
+
+For multisite management use cases, some common requirements in term of
+centralized or shared services over the multiple openstack instances could
+be summarized here.
+
+A user should be able to manage all their virtual resouces from one
+centralized management interface, at least to have a summarized view of
+the total resource capacity and the live utilization of their virtual
+resources, for example:
+
+- Centralized Quota Management
+ Currently all quotas are set for each region separataly. And different
+ services (Nova, Cinder, Neutron, Glance, ...) have different quota to
+ be set. The requirement is to provide global view for quota per tenant
+ across multiple regions, and soft/hard quotas based on current usage for
+ all regions for this tenant.
+
+- A service to clone ssh keys across regions
+ A user may upload keypair to access the VMs allocated for her. But if her
+ VMs are spread in multiple regions, the user has to upload the keypair
+ seperatly to different region. Need a service to clone the SSH key to
+ desired OpenStack clouds.
+
+- A service to sync images across regions
+ In multi-site scenario, a user has to upload image seperatly to different
+ region. There can be 4 cases need to be considered:
+ No image sync
+ Auto-sync of images
+ Lazy sync - clone the requested image on demand.
+ Controlled sync, where you can control propagation and rollback if
+ problems.
+
+- Global view for tenant level IP address / mac address space management
+ If a tenant has networks in multiple region, and these networks are routable
+ (for example, connected with VPN), then, IP address may be duplicated. Need
+ a global view for IP address space management.
+ If IP v4 used, this issue needs to be considered. For IPv6, it should als
+ be managed. This requirement is important not only just for prevention of
+ duplicate address.
+ For security and other reasons it's important to know which IP Addresses
+ (IPv4 and IPv6) are used in which region.
+ Need to extend such requirement to floating and public IP Addresses.
+
+- A service to clone security groups across regions
+ No appropriate service to security groups across multiple region if the
+ tenant has resources distributed, has to set the security groups in
+ different region manually.
+
+- A user should be able to access all the logs and indicators produced by
+ multiple openstack instances, in a centralized way.
+
+Requirement analysis
+====================
+
+All problems me here are not covered by existing projects in OpenStack.
+
+Candidate solution analysis
+---------------------------
+
+- Kingbird[1][2]
+ Kingbird is an centralized OpenStack service that provides resource
+ operation and management across multiple OpenStack instances in a
+ multi-region OpenStack deployment. Kingbird provides features like
+ centralized quota management, centralized view for distributed virtual
+ resources, synchronisation of ssh keys, images, flavors etc. across regions.
+
+- Tricircle[3][4]
+ Tricricle is to provide networking automation across Neutron in multi-region
+ OpenStack deployments. Tricircle can address the challenges mentioned here:
+ Tenant level IP/mac addresses management to avoid conflict across OpenStack
+ clouds, global L2 network segement management and cross OpenStack L2
+ networking, and make security group being sync-ed across OpenStack clouds.
+
+
+Affected By
+-----------
+ OPNFV multisite cloud.
+
+Conclusion
+----------
+ Kingbird and Tricircle are candidate solutions for these centralized
+ services in OpenStack multi-region clouds.
+
+References
+==========
+[1] Kingbird repository: https://github.com/openstack/kingbird
+[2] Kingbird launchpad: https://launchpad.net/kingbird
+[3] Tricricle wiki: https://wiki.openstack.org/wiki/Tricircle
+[4] Tricircle repository: https://github.com/openstack/tricircle/