Cisco Blogs


Cisco Blog > Open at Cisco

Cisco Edition of OpenStack

On Friday, Cisco released the Cisco Edition of OpenStack. This contains all the core OpenStack services for Essex and Folsom, along with installation scripts and other open source components to make it easier to install and run in production. Cisco has been an active participant in OpenStack since the early days of the Quantum project. During the Diablo Summit in Santa Clara in April 2012, Cisco merged it’s own NaaS proposal with other vendor and provider blueprints to create the Quantum component of OpenStack. Over the last year and a half, we’ve been significant contributors to OpenStack in the following areas:

  • Quantum: Cisco Plugin, Linux Bridge Plugin, Extensions and L3 work
  • Horizon: Quantum integration
  • Nova: VIF drivers model
  • devstack

Where Can I Get the Cisco Edition of OpenStack Packages?

The Cisco Edition of OpenStack can be downloaded from this FTP site, and information on the packages can be found on this wiki. The packages are free and open source. The Cisco Edition of OpenStack is tested on Ubuntu 12.04 with the Cisco Nexus family of switches and Cisco UCS C Series servers. You do not need to run the Cisco Edition of OpenStack on Cisco hardware, but it is validated on this hardware configuration. The Cisco Quantum Plugin supports L2 segmentation using VLAN, and is formulated to work with both Open vSwitch as well as the Cisco Nexus sub-plugin. We are evaluating other versions of Linux (RHEL/CentOS) to be validated as the base Linux version.

Cisco Specific Additions

This edition uses Puppet (Puppet Labs) to automate the deployment of OpenStack services and in the Essex version we’ve included other software components required for running in a production setting. Work was done around service assurance. The compute monitoring stack consists of Nagios, Collectd, and Graphite. Compute performance and metric graphs have been integrated with the OpenStack Horizon dashboard. High availability is supported using the open source components ha-proxy, kickstartd and galera. As was mentioned earlier, all of the components of the Cisco Edition of OpenStack are Open Source components. We will release a similar HA version for Folsom shortly.

Cisco Edition of OpenStack: Take It For a Test Drive

We encourage you to download our OpenStack Edition and provide us with feedback. Cisco will have a strong presence at the Grizzly Summit, so please stop by our booth to get additional information on the Cisco Edition of OpenStack.

Tags: ,

Summary: The Architecture of Open Source Applications, Volume II

I was recently fortunate enough to be invited to write a chapter in a book about the architecture of  the major open source application that I work on for Cisco: Open MPI.

Not only does this chapter give insight into how and why we designed Open MPI the way we did, it is in excellent company with other well-known open source developers who provide detail into the architectural decisions of their open source applications, too.

Best of all, all the proceeds from the book go to charity.

Read the full article The Architecture of Open Source Applications, Volume II for more details.

Tags:

Upcoming Cloud Computing Open Source Conferences

In case you missed it, Cloud Computing is hot right now. Has it peaked? That depends on who’s articles you read. Maybe along those lines, Gartner is arguing that cloud washing is coming to an end, and customers are now making more informed decisions. Regardless of if the hype cycle is over or just beginning, one thing which remains constant is the use of Open Source Software in Cloud Computing. Look no further than projects such as OpenStack, CloudStack, and oVirt to see the past, present and future of Open Source Cloud Computing platforms. If you’re serious about deploying these technologies as part of your infrastructure, you should note the following events coming up which can help you explore the technologies at a venue with the people who helped create each of them.

  • The OpenStack Summit is coming up the week of October 15 in San Diego, CA. This event will showcase both vendors and users of OpenStack technology. But the real treat for developers and DevOps folks is the design portion of the Summit. This allows developers of OpenStack the chance to plan features for the upcoming “Grizzly” release, slated for spring of 2013.
  • CloudStack will have it’s CloudStack Collaboration Conference November 30th to December 2nd in Las Vegas, NV. This event is a chance to get familiar with CloudStack and attend sessions detailing the technology underlying CloudStack, as well as user focused sessions detailing deployments of the Apache CloudStack project.
  • The upcoming KVM Forum will be collocated with the oVirt Workshop. The event takes place in Barcelona, Spain November 7-9. This event is a great chance to gather more information about oVirt, specifically about the future direction of the project, as well as sessions on deploying and using oVirt.

Each of the events listed above is a great way to get a better understanding of your Cloud Computing software of choice, and to engage with developers, users, and vendors around the software. What Open Source Cloud Computing events are you looking forward to attending?

Tags: , , , ,

The Age of Hypervisors

The science behind Virtual Machine Monitors, or VMM, aka Hypervisors, was demystified almost half a century ago, in a famous ACM publication, “Formal Requirements for Virtualizable Third Generation Architectures”.

In my life, I had the honor of working on some of the most bleeding edge virtualization technologies of their day.  My first was IBM’s VM, VSAM and a host of other v-words.  My last was at XenSource (now Citrix) and Cisco, on what I still think is the most complete hypervisor of our age, true to its theoretical foundation in the Math paper I just mentioned.

Though Xen is arguably the most widely used hypervisor in the Cloud or sum of all servers in the world today, I actually think its most interesting accomplishment lies in what its founders just announced this week.  Therefore, I want to extend my congratulations to my good friends Simon Crosby and Ian Pratt for the admirable work at Bromium with vSentry.

I think it is remarkable for two reasons.  It addresses the missing part of what hypervisors are useful, which is security; for those of you that actually read Popek & Goldberg’s paper, you would note that VMM’s are very good at intercepting not just privileged but also sensitive instructions, and very few people out there, until now have focused on the latter, the security piece.  But there is one more reason, in fact the key point of this paper, the necessary and sufficient conditions for a system to be able to have a VMM or hypervisor, and I am hoping the Xen guys who have done so well articulating that for real (not fictional or hyped) hypervisors, can also help sort our the hype from fiction in what is ambiguously called nowadays a “network hypervisor”.

Could this approach be what is actually missing, to sort out truth from hype in what we call SDN today?  Is this the new age of hypervisors?  Or is this just another useful application of an un-hyped hypervisor?

Tags: , , , , , , , , ,

Bundled Third-Party Software Security at OSCON 2012

The practice of using Open Source Software (OSS) and other third-party software (TPS) to build products and services is well established. Not only can it create tremendous efficiency–why build an operating system or web server if you don’t need to?–it also allows individual products to leverage best-of-breed functionality. This best-of-breed functionality can be critical on today’s Internet as security and scalability are often difficult or even patently ignored until it is too late.

The use of TPS to build things has been so successful and is so widespread that many products may even be assembled from a majority of software written by unknown third parties. This practice is not without its challenges. One of those challenges is security.

How does the security of a product’s constituent TPS affect its own security? How does the creator of the product learn of, manage and ultimately resolve security issues that originate in the relevant TPS packages?

These are the types of questions I attempted to address during a recent presentation at O’Reilly OSCON 2012. During that session I touched on seven challenges and offered five tools that I believe can make a difference.

Our friends on the Cisco Security Marketing team have posted the slides from that presentation online at slideshare.net.

Managing the Security Impact of Bundled Open Source Software from OSCON from Cisco Security

Is this an area of concern for you? If it is, I’d like to know how you are tackling it. What is working well? What is working not-so well?

Tags: , , ,