Cloud-IT

1. Les membres du groupe :

Yosra Ben Chaaben

Mohamed Ali Gatri

Aymen Hachicha

Mohamed Bouaziz

Malek Gana

Fatma Mrabet

2. Les Exigences :

● Haute Disponibilité

● Automatisation

● Virtualisation

● Orchestration

● Répartition des charges

● Informatique utilitaire

3.
 Les Solutions
Définition
contraintes
(Par rapport au document)

techniques

- Doit pouvoir effectuer

autant de tâches et - SaltStack
de processus que - Ansible
possible en temps - Microsoft Azure
Automatisation opportun. Automation
- Jenkins
- Assurez-vous
- Chef
d'obtenir des résultats
- ActiveBatch
de qualité.
- Contrôle
- Réduire le temps, les BMC-M
efforts et les coûts, - Broadcom CA
tout en réduisant le Automic
nombre d'erreurs. - Lycée OpCon
- Fantoche

- La mise à l'échelle - Kubernetes

des applications - Open Shift
Orchestration conteneurisées - Docker Swarm
- Nomad
- éliminer de nombreux - Docker
processus manuels Compose
associés au - MiniKube
déploiement - Marathon
- Cloudify
- Rancher
- ContainerShip
- AZK
- GKE
- AKS
- AWS EKS
Virtualisation - Compatibilité - Gestionnaire
de
- Doit être un logiciel virtualisatio
open-source n
SolarWinds

- Nuage V2

- VMware

- Parallels
Desktop

- Boîte
virtuelle
Oracle VM

- Station de
travail
VMware

- QEMU

- PC virtuel
Windows

- Microsoft
Hyper-V

- Virtualisation
RedHat

- Veertu pour
Mac

- KVM
 Conteneurisation - Flexibilité - Docker.

- Sécurité - AWS Fargate.

- Fiabilité - Google
Kubernetes
Engine.

- Amazon
ECS.

- LXC.

- Container
Linux par
CoreOS.

- Microsoft
Azure.

- Google
Cloud
Platform

- Apache
Mesos.

Gestion des infrastructures - Déploiement rapide - open stack

- Haute Disponibilité - cloud stack

- Infrastructures - OpenNebula
efficaces et durables.
- Apache
Mesos

- Jenkins

- TeamCity

- DeployBot

- GitLab
 Automation :

Ansible SaltStack Microsoft Chef

Azure

✅ ✅ ❌ ✅
Automation

An open-source software

Able to provide provisioning,

configuration management,
and application-deployment
✅ ✅ ✅ ✅
features

To run on any Windows,

Linux and Unix-like systems
✅ ✅ ✅ ✅
Agentless, does not require
to deploy any agents to
✅ ✅ ✅ ✅
nodes

Using simple and

standardized communication
✅ ✅ ✅ ❌
protocols like SSH

Orchestration :
 ✅ ✅ ✅
Kubernetes Openshift Docker Swarm

Installable almost on any Linux distribution

such as Debian or Ubuntu

Installable automatically using configuration

management tools
✅ ✅ ✅
Be a standard and is available on a large
number of platforms
✅ ❌ ✅
Facilitate both declarative configuration and
✅ ✅ ✅
✅ ✅ ✅
automation

Provide deployment patterns and templates

Provide service discovery and load balancing

✅ ❌ ✅
Ensure self-healing
✅ ✅ ✅
La solution est Kubernetes

Virtualization :
 KVM VMware Hyper-v

Fully supported and compatible with the

infrastructure management solution
✅ ✅ ✅
Can use a wide variety of certified
Linux-supported hardware platforms.
✅ ✅ ❌
Supports live migration
✅ ✅ ✅
Scales to match demand load if the
number of guest machines and requests
✅ ✅ ✅
increases

Allows the most demanding application

workloads to be virtualized
✅ ❌ ✅

Gestion des infrastructures :

 open cloud stack OpenNebula Apache Mesos
stack

An open source solution ✅ ✅ ✅ ✅

Have a modular architecture ✅ ✅ ✅ ✅
Provide orchestration capabilities ✅ ✅ ✅ ✅
Support private and hybrid deployment ✅ ✅ ✅ ✅
Leverages commodity hardware ✅ ❌ ✅ ✅
Provide self-healing, reliable, data redundancy ✅ ❌ ❌ ✅
protection from failures

Scale vertically and horizontally-distributed storage ✅ ❌ ❌ ✅

Provide standards for building open, massively ✅ ✅ ❌ ✅
scalable clouds

Support a large choice of hypervisors ✅ ❌ ✅ ❌

Containerization:
 Docker AWS Google Amazon LXC Cont.core M.Azure A.Meso G.Cloud
Fargate K8s ECS Os s platorm

✅ ❌ ❌ ✅ ✅ ✅ ✅ ❌
engine

Open source ❌
Easy to set up ❌ ❌ ❌ ✅ ✅ ❌ ✅ ✅ ✅
Fits well with
✅ ✅ ✅ ✅ ✅ ❌ ✅ ✅ ✅
✅ ✅ ✅ ✅ ✅ ✅ ✅ ✅ ✅
CI/CD

Scaling up or

❌ ✅ ✅ ✅ ✅ ❌ ✅ ❌ ❌
down

Intuitive GUI

Easy ❌ ✅ ✅ ❌ ✅ ❌ ✅ ❌ ❌
✅ ❌ ❌ ✅ ✅ ❌ ✅ ✅
configuration

Cost ❌

Ansible:
• Created in 2012 by AnsibleWorks, acquired by RedHat in 2015.
• Developed in Python
• Operating systems: Linux, Unix, Mac OS, and Windows
• License: open source
• Commercial version: Ansible Tower.
• Architecture: agentless
• Language: Json, YAML
• Ansible Tower (formerly 'AWX') is a web-based solution that makes Ansible even more
easy to use for IT teams of all kinds

● The Pros and Cons of Ansible

Pros:
● Simple/Easy-to-Learn
● Written in Python
● Agentless
● YAML-Based Playbooks
● Ansible Galaxy
Cons:

● UI is Lacking
● No Notion of State
● Nascent Windows Support
● Minimal Enterprise Support Experience
● A Newer Offering
source :https://www.upguard.com/blog/top-5-best-and-worst-attributes-of-ansible

● Ansible Vs Ansible Tower

Ansible Ansible Tower

Graphic interface yes yes

Resource Provisioning Amazone EC2, GCP, MS EC2, GCP, MS Azure,

Azure, Rackspace Rackspace

Configuration management yes yes

Orchestration yes yes

Role based Access control no yes

REST API no yes

● Architecture

Inventory :
• A list of managed nodes, also called “host file”.
• The most used formats are INI and YAML
Modules:
• Units of code (already existing) that Ansible executes:
• List of modules available on:
https://docs.ansible.com/ansible/2.9/modules/list_of_cloud_modules.html

Playbooks:
Written in YAML
• Not a script or a programming language, rather a model of
configuration or a process.
• Each playbook is composed of one or a list of Play
• The objective of a Play is the mapping between a group of hosts and a
set of roles using tasks
• A task is a call for an ansible module
• A list of example playbooks is made available to users

Roles
Les rôles permettent de charger automatiquement fichiers de configurations,
tasks, et des handlers basés sur une structure bien définie.
• Role Directory Structure:
• Chaque répertoire doit contenir un fichier main.yml
Liens utiles:
Documentation Ansible : https://docs.ansible.com/
• Installation Ansible:
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.htm
l

Solution Of the Orchestration KUBERNETES

What is Kubernetes ?
Kubernetes is an automation platform for application deployment, scaling, and management
of individual containers within multiple clusters.

Kubernetes or K8s is a free and open-source (FOSS) container orchestration system by

Google. It is now managed by the CNCF- Cloud Native Computing Foundation.
History of Kubernetes :
● Mid 2014 : google introduces Kubernetes as an open source version of Borg
● July 10 : Microsoft , IBM , RedHat , Docker joins the Kubernetes community

Why kubernetes ?

K8s is already a significant player in cloud computing.

K8s helps businesses by maintaining the clusters of containers by providing proper
automation tools. It provides tools to prepare and run applications based on host memory,
central processor, and custom metrics.

It has all the capabilities to approach the critical concerns of any given microservice
architecture successfully.

Kubernetes components ( architecture ) :

Features of Kubernetes :
● Automated rollouts and rollbacks
● Service discovery and load balancing
● Storage orchestration
● Self healing
● Secret and configuration management
● Automatic bin packing
● Batch execution
● Horizontal scaling
● IPV4/IPV6 dual-stack
● Designed for extensibility

Pros and Cons of using Kubernetes :

 Pros :

● It has self-healing abilities. It’s important to know that although by default, K8s do
come with self-healing abilities, but only for pods. But, a Kubernetes solution provider
may have further integration of self-healing layers to ensure application reliability.

● K8s draw underlying computing resources and allow developers to deploy workloads
to the entire cluster and not just a particular server.

● Kubernetes enables workload portability without limiting the types of applications it

supports. Any application that a container can run, Kubernetes can too.

● It is an extensible platform. In January 2018, the Storage Orchestrator Runtime for

Kubernetes was announced. STORK helps users to run and monitor applications
without disturbing their state and more efficiently.

● For a swift load-balancing, K8s provides individual IP addresses for every pod and a
single DNS name for a set of pods.

● Kubernetes is a portable and cost-effective platform. It demands lesser computing

resources to operate. Furthermore, for your containers, you can set max and
minimum for the CPU and memory resources accordingly.
Cons :

● Making way across Kubernetes’, because of its constant innovation and too many
additions, the landscape could be confusing for new users. The transition to
Kubernetes can become slow, complicated, and challenging to manage.

● Kubernetes has a steep learning curve. It is recommended to have an expert with a

more in-depth knowledge of K8s on your team, and this could be expensive and hard
to find.

● Adapting to a new system with so many integrations and new technologies could be
overwhelming for some deployment processes.

● Kubernetes requires experience and extensive training for its debugging and
troubleshooting in due time.

● The benefits of K8s are in abundance, but reaching that level might consume a lot of
time, effort, and resources. Teams need to re-plan out their time to invest and
familiarize themselves with new processes and workflow.
KVM:

Kernel-based Virtual Machine (KVM) is an open source virtualization technology built

into Linux. Specifically, KVM lets you turn Linux into a hypervisor that allows a host
machine to run multiple, isolated virtual environments called guests or virtual
machines (VMs).
Each virtual machine has private virtualized hardware: a network card, disk, graphics
adapter, etc.

How does KVM work?

KVM converts Linux into a type-1 (bare-metal) hypervisor. All hypervisors need some
operating system-level components—such as a memory man
ager, process scheduler, input/output (I/O) stack, device drivers, security manager, a
network stack, and more—to run VMs.
KVM has all these components because it’s part of the Linux kernel. Every VM is
implemented as a regular Linux process, scheduled by the standard Linux scheduler,
with dedicated virtual hardware like a network card, graphics adapter, CPU(s), memory,
and disks.

Advantages of KVM:

● As the KVM system derives itself from Linux, it is quite a matured system.

● KVM comes in-built in most of Linux distributions.

● KVM is open source and hence free to use.

● KVM ensures performance and stability.

 ● It has been developed by reputable organizations hence making it trustworthy

to be used.

● Libvirt makes administration automated.

● Disadvantages :

● Only available for Linux systems

● Powerful hardware required for the host computer

● Requires a learning period to be able to use it
● Centralization of the hardware increases the risk in the event of a system
failure (i.e. a single point of failure, but this risk can be reduced with a smart
backup strategy)
● Architecture:

KVM features:

● Security
● Storage
 ● Hardware support
● Memory management
● Live migration
● Performance and scalability
● Scheduling and resource control
● Lower latency and higher prioritization

Managing KVM

It’s possible to manually manage a handful of VM fired up on a single workstation

without a management tool. Large enterprises use virtualization management
software that interfaces with virtual environments and the underlying physical
hardware to simplify resource administration, enhance data analyses, and streamline
operations. Red Hat created Red Hat Virtualization for exactly this purpose.

Why KVM ?

KVM scales better, orchestration better, performs better and supports a wider range
of hardware and, also, you can implement at ZERO cost and with a very powerful
web interface for management, from very little to very big company.
 Solution Of the Managing infrastructure : Openstack

Architecture :
WHAT IS OPENSTACK?
OpenStack is a cloud operating system that controls large pools of compute, storage, and
networking resources throughout a datacenter, all managed and provisioned through APIs with
common authentication mechanisms.

A dashboard is also available, giving administrators control while empowering their users to
provision resources through a web interface.

Beyond standard infrastructure-as-a-service functionality, additional components provide

orchestration, fault management and service management amongst other services to ensure
high availability of user applications.

What does OpenStack do?

To create a cloud computing environment, an organization typically
builds off of its existing virtualized infrastructure, using a
well-established hypervisor such as VMware vSphere, Microsoft
Hyper-V or KVM. However, cloud computing offers more than just
virtualization -- a public or private cloud provides extensive
provisioning, lifecycle automation, user self-service, cost reporting
and billing, orchestration and other features.

Installing OpenStack software on top of a virtualized environment forms a

cloud operating system. An organization can use that to organize, provision
and manage large pools of heterogeneous compute, storage and network
resources. Whereas an IT administrator typically provisions and manages
resources in a more traditional virtualized environment, OpenStack enables
individual users to provision resources through management dashboards
and an API.
This cloud-based infrastructure created through OpenStack supports an
array of uses cases, including web hosting, big data projects,
software-as-a-service delivery or container deployment.

OpenStack competes most directly with other open source cloud platforms,
including Eucalyptus and Apache CloudStack. Some also see it as an
alternative to public cloud platforms such as Amazon Web Services or
Microsoft Azure, and some smaller public cloud providers use OpenStack
as the native cloud platform.

How does OpenStack work?

OpenStack is not an application in the traditional sense, but rather a

platform composed of several dozen separate components, called projects,
which interoperate with each other through APIs. Each component is
complementary, but not all components are required to create a basic
cloud. Organizations can install only select components that build the
features and functionality in a desired cloud environment.

OpenStack also relies on two additional foundation technologies: a base

operating system, such as Linux, and a virtualization platform, such as
VMware or Citrix. The OS handles the commands and data exchanged
from OpenStack, while the virtualization engine manages the virtualized
hardware resources used by OpenStack projects.
Once the OS, virtualization platform and OpenStack components are
deployed and configured properly, administrators can provision and
manage the instanced resources that applications require. Actions and
requests made through a dashboard produce a series of API calls, which
are authenticated through a security service and delivered to the
destination component, which executes the associated tasks.

As a simple example, an administrator logs into OpenStack and manages

the cloud environment through a dashboard. Administrators can create and
connect new compute instances and storage instances, and configure
network behaviors. Additionally, an administrator might connect various
other services, such as to monitor the performance of a provisioned
instance and employ resource billing and chargeback.

The OpenStack platform's vast scope and sheer number of interrelated

components can be confusing, and even daunting. Most OpenStack
adopters start with a small number of essential components and gradually
deploy other components over time to build out their cloud's operational
and business capabilities.

What are the different OpenStack components?

The OpenStack cloud platform is an amalgam of software components.

These components are shaped by open source contributions from the
developer community, and OpenStack adopters can choose to implement
some or all of these components as business needs dictate.
 OpenStack Services
An OpenStack deployment contains a number of components providing APIs to access infrastructure
resources. This page lists the various services that can be deployed to provide such resources to
cloud end users.

Compute

NOVA
Compute Service
ZUN
Containers Service

Hardware Lifecycle

IRONIC
Bare Metal Provisioning Service
CYBORG
Lifecycle management of accelerators

²Storage
SWIFT
Object store
CINDER
Block Storage
MANILA
Shared filesystems

Networking

NEUTRON
Networking
OCTAVIA
Load balancer
DESIGNATE
DNS service

Shared Services

KEYSTONE
Identity service
PLACEMENT
Placement service
GLANCE
Image service
BARBICAN
Key management

Orchestration

HEAT
Orchestration
SENLIN
Clustering service
MISTRAL
Workflow service
ZAQAR
Messaging Service
BLAZAR
Resource reservation service
AODH
Alarming Service

Workload Provisioning
MAGNUM
Container Orchestration Engine Provisioning
SAHARA
Big Data Processing Framework Provisioning
TROVE
Database as a Service

Application Lifecycle

MASAKARI
Instances High Availability Service
MURANO
Application Catalog
SOLUM
Software Development Lifecycle Automation
FREEZER
Backup, Restore, and Disaster Recovery

API Proxies

EC2API
EC2 API proxy

Web frontends

HORIZON
Dashboard
SKYLINE
Next generation dashboard (emerging technology)

What are the pros and cons of OpenStack?

Many enterprises that deploy and maintain an OpenStack
infrastructure enjoy several advantages, including that it is:

● Affordable. OpenStack is available freely as open source

software released under the Apache 2.0 license. This means
there is no upfront cost to acquire and use OpenStack.
 ● Reliable. With almost a decade of development and use,
OpenStack provides a comprehensive and proven
production-ready modular platform upon which an enterprise can
build and operate a private or public cloud. Its rich set of
capabilities includes scalable storage, good performance and high
data security, and it enjoys broad acceptance across industries.
● Vendor-neutral. Because of OpenStack's open source nature,
some organizations also see it as a way to avoid vendor lock-in,
as an overall platform as well as its individual component
functions.

But potential adopters must also consider some drawbacks, such as

the following:

● Complexity. Because of its size and scope, OpenStack requires

an IT staff with significant knowledge to deploy the platform and
make it work. In some cases, an organization might require
additional staff or a consulting firm to deploy OpenStack, which
adds time and cost.
● Support. As open source software, OpenStack is not owned or
directed by any one vendor or team. This can make it difficult to
obtain support for the technology, beyond the open source
community.
● Consistency. The OpenStack component suite is always in flux
as new components are added and others are deprecated.
DOCKER

Docker is an open platform for developing, shipping, and running applications. Docker enables
you to separate your applications from your infrastructure so you can deliver software quickly.

Pros and Cons of Docker:

Pros :
● Rapid Deployment: It can decrease deployment to seconds. It is because of the fact
that it can create a container for every process and even does not boot an OS. So,
 even without worrying about the cost to bring it up again, it would be higher than what
is affordable, Data can be created as well as destroyed.

● Security: Docker makes sure that applications that are running on containers are
completely segregated and isolated from each other, from a security point of view, by
granting us complete control over traffic flow and management.

● Simplicity and Faster Configurations; The way Docker simplifies the matters is one of
the key benefits of it. It gives flexibility to users to take their own configuration, put
that into the code, and further deploy it without any problems.

● CI Efficiency: With the help of a Docker, we can build a container image and can
further use that same image over every step of the deployment process.

● Continuous Integration: While it comes to Continuous Integration, Docker works well

as part of its pipelines along with tools such as Travis, Jenkins, and Wercker.
Pros :
● Docker is not good for application that requires rich GUI

● It is difficult to manage large amount of containers

● Docker does not provide cross-platform compatibility means if an application is

designed to run in a Docker container on windows, then it cannot run on Linux
Docker container

● It does not provide any solution for data backup and recovery

FEATURES:

● Easy and Faster Configuration

● Increase productivity

● Application Isolation

● Swarm

● Routing Mesh

● Services

● Security Management
ARCHITECTURE;

The Docker daemon (dockerd) listens for Docker API requests and manages Docker
objects such as images, containers, networks, and volumes. A daemon can also
communicate with other daemons to manage Docker services.
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use,
and Docker is configured to look for images on Docker Hub by default. You can even run your
own private registry.
An image is a read-only template with instructions for creating a Docker container.
A container is a runnable instance of an image. You can create, start, stop, move, or delete a
container using the Docker API or CLI.