OPENSTACK FOR VSPECIALISTS

MODULE 7: OPENSTACK BLOCK STORAGE (CINDER)

EMC CONFIDENTIAL—INTERNAL USE ONLY 1

MODULE 7: CINDER BLOCK STORAGE

Upon completion of this module, you should be able

to:
• Understand the concepts of the OpenStack Volume
service
• Diagram the principal components of Cinder and
explain their functions

EMC CONFIDENTIAL—INTERNAL USE ONLY 2

THE CINDER BLOCK STORAGE SERVICE
• Cinder provides self-provisioning of persistent
block storage entities (volumes) for VMs
• Project forked from Nova (was nova-volumes),
with some architectural similarities
• Usually deployed in conjunction with Nova, but
can be deployed alone (cf. ViPR controller
southbound target)
• Focused on providing API and management
framework for volumes using available storage
platforms, as opposed to developing a specific
storage implementation – very plugin-driven
EMC CONFIDENTIAL—INTERNAL USE ONLY 3
CINDER AT A HIGH LEVEL
• Cinder is only the control
plane – no storage traffic
passes through Cinder
components per se
• Cinder controls the
lifecycle of volumes and
delegates to back-end
storage providers
• Nova controls association
and dissociation of
volumes with instances,
leveraging the Cinder API
implicitly
• Cinder can have awareness
Image source: Intro to OpenStack Cinder / Mike Perez (Cinder PTL) of Nova AZ’s
EMC CONFIDENTIAL—INTERNAL USE ONLY 4
BASIC CONCEPTS: VOLUMES & TYPES
• Volume is a persistent,
detachable block storage
device that can be
associated with instance(s)
– Support in Kilo for attaching
volume to multiple instances

• Admins can define volume

types for different storage
back-ends in use
• Operations on volumes may
vary depending on target
storage back-end
– E.g. volume replication,
migration, incremental backups
EMC CONFIDENTIAL—INTERNAL USE ONLY 5
SNAPSHOTS & BACKUPS
• Volume backups: full copies of volumes
stored in an Object Storage backend (e.g.
Swift) vol Object store
– Backups are independent of the source
backup
volume
vol’
– Backups can be used to restore volumes or
create new volumes

• Volume snapshots: capture point-in-time

state of a volume volT1
– Snapshots linked to source volume
– Snapshots can be used to create new vol volT2
volumes

• Volume must be available (unattached) to snapshot volT3

create a backup or snapshot

EMC CONFIDENTIAL—INTERNAL USE ONLY 6

KEY SERVICE OPERATIONS: VOLUMES
• CRUD on volumes $ cinder create …
– Volumes created from scratch, backup, $ cinder list …
snapshot, image, or existing volume $ cinder delete …
$ cinder show …

• CRUD on volume metadata $ cinder metadata …

• Attempt to extend volumes $ cinder metadata-show …
– Volume must be available
$ cinder extend …
• Create images from volumes
• Transfer volumes between tenants $ cinder upload-to-image …
– Tenant A creates transfer request and gets
transfer ID and key $ cinder transfer-*
– Tenant B uses ID and key to accept
request
EMC CONFIDENTIAL—INTERNAL USE ONLY 7
KEY SERVICE OPERATIONS: BACKUPS
$ cinder backup-create …
• CRD on volume backups: $ cinder backup-list …
Volumes created from scratch, $ cinder backup-delete …
backup, snapshot, image, or $ cinder backup-show …
existing volume
$ cinder backup-restore …
• Restore volume from backup
$ cinder snapshot-create …
• CRUD on volume snapshots and
$ cinder snapshot-list …
snapshot metadata $ cinder snapshot-show …
$ cinder snapshot-delete …

$ cinder snapshot-metadata …
$ cinder snapshot-metadata-
show...
EMC CONFIDENTIAL—INTERNAL USE ONLY 8
KEY SERVICE OPERATIONS: ADMINS
• Admins can use the CLI to create, manage and set extra specs
on volume types (for back-end drivers)
– $ cinder type-list (or openstack volume type list)
– $ cinder type-key <vtype> <set|unset> <key=value>
– $ cinder type-create <name>

• Can also create and manage QoS specs and associate with
volume types for defining quality of service targets
– $ cinder qos-*

• Set and manage project resource quotas

– $ cinder quota-*
– $ cinder quota-show <project>

EMC CONFIDENTIAL—INTERNAL USE ONLY 9

 CINDER ARCHITECTURE
Horizon
cinder/no • Cinder API can be invoked through cinder,
va CLI nova, or openstackclient
HTTP Control
Node • API implemented as WSGI pipeline,
cinder-api Object typically with Keystone middleware for
store authentication and authorization
cinder-
scheduler
LVM
driver
RBD (Ceph)
cinder-
backup SolidFire…
Cinder
DB
cinder- EMC…
volume
IBM…
driver(s)
SQL NetApp…
AMQP
HTTP Nova queues …
Cinder queues
EMC CONFIDENTIAL—INTERNAL USE ONLY 10
 SCHEDULING VOLUME CREATION
Horizon
cinder/no • cinder-scheduler selects between configured
va CLI back-ends for creating new volumes
HTTP Control
Node • Scheduler is pluggable, with FilterScheduler
cinder-api Object supporting series of filters for back-end
store selection (e.g. CapacityFilter,
cinder- CapabilitiesFilter)
scheduler
LVM
driver
RBD (Ceph)
cinder-
backup SolidFire…
Cinder
DB
cinder- EMC…
volume
IBM…
driver(s)
SQL NetApp…
AMQP
HTTP Nova queues …
Cinder queues
EMC CONFIDENTIAL—INTERNAL USE ONLY 11
 SCHEDULING VOLUME CREATION
Horizon
cinder/no • cinder-scheduler selects between configured
va CLI back-ends for creating new volumes
HTTP Control
Node • Scheduler is pluggable, with FilterScheduler
cinder-api Object supporting series of filters for back-end
store selection (e.g. CapacityFilter,
cinder- CapabilitiesFilter)
scheduler
LVM
driver
RBD (Ceph)
cinder-
backup SolidFire…
Cinder
DB
cinder- EMC…
volume
IBM…
driver(s)
SQL NetApp…
AMQP
HTTP Nova queues …
Cinder queues
EMC CONFIDENTIAL—INTERNAL USE ONLY 12
 VOLUME CREATION AND MANAGEMENT
Horizon
cinder/no • cinder-volume may run on controller or on
va CLI node providing storage (e.g. LVM node),
HTTP Control depending on deployment configuration
Node
cinder-api Object • Volume service can support multiple back-
store end drivers, individually configured in
cinder- cinder.conf
scheduler
LVM
driver
RBD (Ceph)
cinder-
backup SolidFire…
Cinder
DB
cinder- EMC…
volume
IBM…
driver(s)
SQL NetApp…
AMQP
HTTP Nova queues …
Cinder queues
EMC CONFIDENTIAL—INTERNAL USE ONLY 13
CINDER VOLUME STATES
• cinder show and cinder
list will report on state of
volumes
• Certain operations require
volumes to be in states
– E.g. available for taking
a backup or snapshot
• States also reported for
backups and snapshots,
which have simpler
lifecycles
Source: Cinder Block Storage v2 API Documentation

EMC CONFIDENTIAL—INTERNAL USE ONLY 14

 VOLUME SNAPSHOTS AND BACKUPS
Horizon
cinder/no • Backups stored in configured object
va CLI storage backend, typically Swift or Ceph
HTTP Control
Node • Snapshots handled by volume storage
cinder-api Object driver
store
cinder-
scheduler
LVM
driver
RBD (Ceph)
cinder-
backup SolidFire…
Cinder
DB
cinder- EMC…
volume
IBM…
driver(s)
SQL NetApp…
AMQP
HTTP Nova queues …
Cinder queues
EMC CONFIDENTIAL—INTERNAL USE ONLY 15
WHAT CINDER DRIVERS ARE USED?

• Ceph has a lot of mindshare in the

marketplace, with Red Hat behind it
• LVM is the reference implementation for
Cinder development
• SolidFire has been cultivating
OpenStack community for years for AFA

Source: OpenStack User Survey, October 2015

EMC CONFIDENTIAL—INTERNAL USE ONLY 16

DRIVERS FOR CLOUDS >1000 CORES

• Ceph running in over a

third of large clouds
• NetApp at 12% and
SolidFire at 9%

Source: OpenStack User Survey, October 2015

EMC CONFIDENTIAL—INTERNAL USE ONLY 17

WHAT CINDER DRIVERS ARE THERE?
• Cinder support
matrix shows
features
supported in
which release
• Tracks drivers
merged
upstream in
Cinder repo
• Over 60
drivers in
Liberty trunk
Image source: https://wiki.openstack.org/wiki/CinderSupportMatrix

EMC CONFIDENTIAL—INTERNAL USE ONLY 18

INCREASING STANDARDS FOR DRIVERS
• New drivers must be
tested by an external
CI system that
reports results to
Gerrit
• Gate is Tempest
volume tests for
every commit
• Number of drivers
dropped from Kilo
release as a result
Image source: OpenStack is doomed and it is Your Fault

EMC CONFIDENTIAL—INTERNAL USE ONLY 19