Difference between revisions of "Heat/Blueprints/Multi Region Support for Heat"
< Heat
Line 12: | Line 12: | ||
** Secure network access via Internet (VPN connection) | ** Secure network access via Internet (VPN connection) | ||
− | [[File:Multi Region Heat.png| | + | [[File:Multi Region Heat.png|300px|thumb|left|Multi Region Heat]] |
=== Requirements & Challenges === | === Requirements & Challenges === |
Revision as of 18:31, 15 July 2013
Contents
Overview
Introduction
Most of enterprises are focusing on Multi-cloud (using both private and public clouds) as enterprise cloud strategy. They will not completely migrate to Service Provider's cloud (public cloud). They will still keep their mission critical information assets to their premise or collocation space (private cloud).
Our goal is to create Hybrid-cloud (combination of public and private cloud). Creating Hybrid-cloud requires:
- Seamless operation among heterogeneous environment
- End-to-end automatic provisioning based on system template (VM, network, topology)
- Unified control and monitoring
- Multi-Hypervisor including bare-metal
- Multi-Region control
- Secure network access via Internet (VPN connection)
Requirements & Challenges
Requirements for Heat:
- Mapping between Regions and API endpoints
- Mapping between Regions and Images
- Specifying Region for each resource
- Support for VPN as resource
- Horizon interface for Heat with multi regions
Challenges:
- dealing with dependencies between resources in different regions
- minimizing number of single region templates for which multi region template will be split
- figure out efficient way to update multi region stack
Goal
Basic Use Case Scenario
We have two regions (East and West) with separate OpenStack installations. We want to use Heat with multi region support to create in both regions:
- Quantum Network
- Quantum Subnet
- 10.1.0.0/24 in East
- 10.2.0.0/24 in West
- Router
- Router Interface for created subnet
- Router Gateway for external network
- VPN Service for created router
- IKE Policy
- IPsec Policy
- VPN Connection
- Server connected to created subnet
Template file example in appendix.