NETWORK ANALYSIS AUTOMATION IN

OPENSTACK

NURUL JANNAH BINTI MOHAMAD YUSOFF

BACHELOR OF COMPUTER SCIENCE (COMPUTER

NETWORK SECURITY) WITH HONORS

UNIVERSITI SULTAN ZAINAL ABIDIN

2018

NETWORK ANALYSIS AUTOMATION IN

OPENSTACK

NURUL JANNAH BINTI MOHAMAD YUSOFF

Bachelor of Computer Science (Computer Network Security) With

Honors

Faculty of Informatics and Computing

Universiti Sultan Zainal Abidin, Terengganu, Malaysia

September 2018

i

DECLARATION

I hereby declare that this report is based on my original work except for quotations and

citations, which have been duly acknowledged. I also declare that it has not been previously

or concurrently submitted for any other degree at University Sultan Zainal Abidin or other

institutions.

____________________________

Name: Nurul Jannah binti Mohamad Yusoff

Date:

ii

CONFIRMATION

This is to confirm that:

The research conducted and the writing of this report was under my supervision.

___________________________

Name: Prof. Madya Dr. Zarina Binti Mohamad

Date:

iii

DEDICATION

First and foremost, praised to Allah, the most Merciful for giving bless and

opportunity to undergo the final year project, Network Analysis Automation in OpenStack.

Second, I would like to express my gratitude to my caring supervisor, Prof. Madya Dr.

Zarina Binti Mohamad for her full support, expert guidance, kindness, ideas towards research

of this project and gives me this meaningful experience. Next, I would like to express my

appreciation to my panels, Prof. Madya Dr. Mohamad Afendee Bin Mohamed and Dr.

Aznida Hayati Binti Zakaria @ Mohamad for their thoughtful questions and comments

regarding my final year project.

Other than that, I would like to thank my beloved family especially my mother and

my father, Zalina Binti Mohd and Mohamad Yusoff Bin Abd Aziz for their unconditionally

love, encouragement, support either financially, physically or mentally during this project.

Besides, thanks to all my friends especially my OpenStack and Django members, Wan

Nurshuhada Binti Wan Mohd Asri, Nor Ashila Binti Mohd Rashid and Nur Izzati Sholehah

Binti Azlan for their motivation, enthusiasm also knowledge toward this project.

Last but not least, I would also like to thank all staff of the Faculty of Informatics and

Computing for helping me directly and directly as well as giving me this opportunity to

explore more about my project

iv

ABSTRAK

Pada dekad terakhir ini dunia telah menyaksikan pertumbuhan pesat paradigma Cloud

Computing (CC) dalam dunia ICT. Ianya menarik banyak perhatian daripada akademik dan

industri. Pengurusan pusat data CC ini boleh digerakkan dan dilaksanakan dengan baik

kerana ianya disokong oleh kos perkakasan komoditi yang rendah seta kepopularitian sistem

operasi awan. OpenStack, platform pengkomputeran awan terbuka yang agak baru, memberi

tumpuan kepada penyampaian Network as a Service (NaaS) menggunakan teknologi

virtualisasi. OpenStack menjanjikan infrastruktur awan berskala besar. Menjadi yang baru, ia

masih akan disiasat mengenai bagaimana ianya menyampaikan kebolehan tersebut dan

apakah kerja yang tepat mengenai butiran dalamannya. Data pemantauan rangkaian

memberikan wawasan ke atas status operasi rangkaian. Dengan cara yang semakin canggih

untuk menyelidik, merangkumi dan merakam aktiviti rangkaian, banyak data pemantauan

membawa kedua-dua peluang dan cabaran untuk analisis data rangkaian. Tujuan projek ini

adalah untuk mengautomasikan analisis rangkaian dalam platform OpenStack. Dengan

menggunakan pendekatan metodologi dan menjalankan pelbagai eksperimen, kami

membentangkan prestasi analisis rangkaian. Akhirnya, kami dapat membuat kesimpulan

mengenai automasi analisis rangkaian dalam OpenStack.

v

ABSTRACT

The last decade has witnessed the rapid growth of Cloud Computing (CC) paradigm in the

ICT world, drawing much attention from academia and industry. The increasing popularity of

cloud operating systems, supported by the vastly decreased cost of commodity hardware,

makes deploying and managing a CC data center more feasible than ever. OpenStack, a

relatively new open source cloud computing platform, focuses on delivering Network as a

Service (NaaS) using virtualization technology. OpenStack promises large-scale cloud

infrastructures. Being new, it remains to be investigated on how it delivers those abilities and

what the exact working of its internal details are. Network monitoring data provides insight

into the network operation status. With increasingly sophisticated ways of probing, sampling

and recording network activities, the huge amount of monitoring data brings both an

opportunity and a challenge for network data analysis. The aim of this project is to automate

the network analysis in the OpenStack platform. Using a methodological approach and

having carried out numerous experiments, we present the performance of network analysis.

Eventually, we are able to draw conclusions on the automation of network analysis in

OpenStack.

vi

CONTENTS

PAGE

DECLARATION i

CONFIRMATION ii

DEDICATION iii

ABSTRAK iv

ABSTRACT v

CONTENTS vi-vii

LIST OF FIGURES viii

LIST OF ABBREVIATIONS ix

CHAPTER 1 INTRODUCTION

1.1 Background Project 1 - 2

1.2 Problem Statement 3

1.3 Objective 3

1.4 Scopes 3

1.5 Limitation 4

1.6 Expected Result 4

vii

CHAPTER 2 LITERATURE REVIEW

2.1 Introduction 5

2.2 Cloud Computing 5 - 6

2.2.1 Cloud Computing Models 6 - 7

2.3 OpenStack 7 - 8

2.3.1 OpenStack Software Components 8 - 9

2.4 OpenStack Networking: Neutron 9 - 10

2.5 Analysis on Existing Research 10 - 11

2.6 Summary 11

CHAPTER 3 METHODOLOGY

3.1 Introduction 12

3.2 Framework 13 - 15

3.3 Proof of Concept 16 - 17

REFERENCES 18 - 19

viii

LIST OF FIGURES

FIGURE TITLE PAGE

2.3 OpenStack Conceptual Architecture 9

3.2 Framework of Network Analysis Automation in OpenStack 13

3.2.1 Data Model (Flowchart) in General About Network Analysis 14

3.3.1 Installation OpenStack 15

3.3.2 Installation Component in OpenStack 16

ix

LIST OF ABBREVIATIONS / TERMS / SYMBOLS

IaaS Infrastructure as a Service

PaaS Platform as a Service

SaaS Software as a Service

VM Virtual Machine

API Application Programming Interface

CC Cloud Computing

NIST National Institute of Standards and Technology

XaaS Anything as a Service

REST API Representational State Transfer API

NAT Network Address Translation

DHCP Dynamic Host Configuration Protocol

FWaas Firewall as a Service

LBaaS LoadBalancer as a Service

VPN Virtual Private Network

VPNaaS VPN as a Service

CPU Central Processing Unit

VXLAN Virtual Extensible LAN

1

CHAPTER I

INTRODUCTION

1.1 BACKGROUND PROJECT

Cloud computing is a model for allowing network access anywhere, convenient, on-

demand network access to a shared pool of configurable computing resources that can be

rapidly provisioned and released with minimal management effort or service provider

interaction [1]. In other words, cloud computing is a major transition from the traditional way

of business to think of IT resources. There are many common reasons organizations are

turning to cloud computing services such as cost, speed, performance, and security [2]. Cloud

computing deployment model can be private, public and hybrid and cloud computing services

can be divided into three categories: infrastructure as a service (IaaS), platform as a service

(PaaS) and software as a service (SaaS). There are many examples of cloud computing such

as Dropbox, Google Drive, Gmail, OpenStack and more. This project will use one of those

examples which are OpenStack.

OpenStack is an open-source platform for creating and managing cloud

infrastructures, originally developed by NASA and Rackspace. OpenStack operates with

large pools of computing, storage, and networking resources. It consisted of Compute (Nova

service) module responsible for arranging, managing and providing virtual machines [3].

Object storage (Swift service) is a scalable redundant storage system while block storage

(Cinder service) manages virtualized block storage pools. OpenStack dashboard (Horizon

service) enables users to access and manage VMs, VNs and other OpenStack resources via a

2

web-based graphical users’ interface. OpenStack has several other services that are

commonly used by the above core projects, making it easier to implement and operate on the

cloud. These services are keystone (Identity service), glance (Image service), ceilometer

(Telemetry service) and heat (Orchestration service). This project will emphasize neutron

(Networking service) in OpenStack.

Neutron is an OpenStack project to provide “network connectivity as a service”

between interface devices managed by other OpenStack services [4]. It ensures the network is

not a bottleneck or limiting factor in a cloud computing. It is allowing users to create and

manage network objects, such as networks, subnets, and ports, which other OpenStack

services can use through an API. It is also allowing users to control traffic, connect servers

and device to one or more networks.

For the expected result, network analysis in OpenStack will be done automatedly. It

will easier the admin to manage the network and the automation features can be cover and

improve in OpenStack.

In conclusion, the OpenStack project has been on the market for over 5 years,

delivering one of the most successful open-source software platforms to use Cloud

Computing [5]. This software itself has been gradually accommodated with increasing

development efforts from the community to be more stable and to have more features to meet

the growing needs of Cloud providers and users. As OpenStack is a relatively new and still

growing cloud computing solution, it is very important to improve the service in OpenStack

and to add the features that will make easier to user and admin.

3

1.2 PROBLEM STATEMENT

OpenStack is an open source (release in 2010), openly designed, openly developed by an

open community. It is improved from one version to another but there are still many features

that need to be improved to become a complete software. One of the important features that

need to improve is automation that can be cover in the network area in OpenStack. An

automated system is required for performing network analysis, processing the results and

presenting the reports. Automating the network analysis allows easy identification of lots of

problems that network engineers know that they should be done but never had the time to

implement.

1.3 OBJECTIVES

1. To propose the automation of the network analysis in OpenStack.

2. To design the network analysis to be friendlier.

3. To implement the effectiveness automation of the network analysis in OpenStack.

1.4 SCOPE

The scope of this project are as follows:

1. This project will configure and implement one of the cloud computing platforms

called OpenStack.

2. This project will integrate automation of network analysis in the OpenStack platform.

4

1.5 LIMITATION

Some technical challenge of this project is described as follows:

1. No references for a similar project from senior’s thesis at Faculty Informatics and

Computing.

2. Time is spent more in the installation process and complicated to configure

OpenStack.

1.6 EXPECTED RESULT

Based on the objectives, an optimal result can be achieved which are:

1. Network analysis can be done automatedly in the OpenStack platform.

2. Easier to admin to monitor the network in OpenStack.

5

CHAPTER II

LITERATURE REVIEW

2.1 INTRODUCTION

This chapter will discuss the previous articles and research papers that are related to

this project. It is important to gather the information or knowledge to get a better

understanding of the idea of how this project works. The literature review that will be

analyzed and summarize will be between 2011 until 2018.

2.2 CLOUD COMPUTING

Cloud Computing (CC) has been in the market for a while and is praised by

consumers and enterprise for its provision of on-demand access to scalable computing

resources, to meet the need services and applications with the growing complex. Yet there

has not been any standardized definition of what Cloud Computing is and as a matter of fact,

different companies and institutions tend to have their own definitions for this new

technology/business model [6-8].

Among many ways in the literature of how the term Cloud Computing is defined, the

one in the published work of the U.S. National Institute of Standards and Technology (NIST)

[8] has been taken as the de-facto definition:

“Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network

access to a shared pool of configurable computing resources (e.g., network, servers, storage,

6

applications, and services) that can be rapidly provisioned and released with minimal

management effort or service provider interaction.”

CC introduces a new way of optimally utilizing and computing power (CPU, memory,

storage), in which cloud resources are not only shared among multiple users but also able to

be dynamically supplied (on demand). Provisioned to users on a pay-for-use basis, CC offers

an attractive environment for users and enterprise to develop and/or run Internet-based

applications and services, with little concerns over upfront costs as well as infrastructure

maintenance costs.

2.2.1 CLOUD COMPUTING MODELS

The ICT industry has defined the three main forms of Cloud Computing including

Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service

(IaaS). These three models are commonly referred to as SPI model.

SaaS, short for Software-as-a-Service, is the most basic form of cloud service where

users are able to run their favourite applications and services (such as emails, office, or even

video games and so on) in the cloud. As such, users use the resources effectively regardless

of constraints on IT implementation problems. This model also helps to minimize upfront

cost in operation as well as maintenance. Typical examples of SaaS are Google apps,

Salesforce, Cisco, WebEx and so on.

PaaS, short for Platform-as-a-Service, provides a development platform (i.e.

development kits and a number of supported programming languages, database or other

software components) on which cloud users can leverage to develop, manage and run their

own applications and services. With PaaS, cloud users are given more control over the

7

environments for managing applications. Typical examples of PaaS include Window Azure,

Heroku, Google App Engine and so on.

IaaS, short for Infrastructure-as-a-Service, provides cloud users with physical

resources or virtual machines in terms of CPU, storage, load balancers or operating system.

Some IaaS service providers also provide disk image library and file-based storage. Typical

examples of IaaS include Amazon EC2, Google Compute Engine and so on.

SaaS, PaaS, and IaaS as listed above are the most common forms of XaaS with the

provisioned resources being referred to software, platform, and infrastructure, respectively.

Everything-as-a-Service (also known as Anything-as-a-Service), or XaaS, refers to the

growing diversity of services provided over the Internet rather than locally or non-premise.

2.3 OPENSTACK

OpenStack [9] is a free and open-source cloud computing software platform that

enables rapid deployment, management, and development of cloud infrastructure in a data

center. OpenStack was jointly launched by NASA [10] and Rackspace Hosting [11] in July

2010 and is managed by the OpenStack Foundation. OpenStack Foundation is a non-profit

organization formed in September 2012 to promote the development, distribution, and

adoption of the software stack. Currently, the OpenStack project is supported by more than

500 companies.

OpenStack platform provides cloud computing services running on standard

commodity hardware and is primarily deployed as an Infrastructure-as-a-Service (IaaS)

model. The software stack consists of a group of interrelated projects that control pools of

processing (Nova), storage (Swift, Cinder) and networking (Neutron) resources throughout a

8

data center. Management and control over these pools are exposed to users through a web-

based dashboard (Horizon), command-line tools, or a RESTful API. By utilizing a massive

collection of popular enterprises and open-source technologies, OpenStack becomes an ideal

solution for heterogeneous infrastructure.

The OpenStack project currently has a 6-month release cycle. There has been 18

stable release, among which the latest one (code name Rocky), was released in August 2018

while the soon-to-be-released version (code name Stein) is planned to come out on 10 April

2019 [12].

2.3.1 OPENSTACK SOFTWARE COMPONENTS

The OpenStack project consists of several interrelated sub-projects that help to

manage different aspects of hardware resources including computing, storage, networking,

and other related services, each of which offers its own set of APIs to facilitate the integration

of the whole software stack. Figure 2.3 illustrates the OpenStack conceptual architecture with

interactions among its software components [13]. As an IaaS-focused cloud platform,

OpenStack has VMs at its center, provisioned by the Nova module. VMs are surrounded by

other services including network connectivity handled by Neutron; operating system images

stored by Glance; storage services provided by Swift and Cinder. Keystone is responsible for

the authentication of the whole OpenStack system while, at a high level, Horizon provides a

web-based management interface to all the other services.

9

Figure 2.3: OpenStack Conceptual Architecture

2.4 OPENSTACK NETWORKING: NEUTRON

The OpenStack Neutron project, having its premiere in Havana release (October

2013), replaces nova-network to provide OpenStack with a full-featured abstraction of the

Virtual Network Infrastructure as well as basic and advanced network services. Thanks to

Neutron, cloud users have access to essential networking infrastructure and resources like

network, subnet and router objects. The elements simulate functionalities of real-world

corresponding physical components: network consists of subnet connected to routers, which

route traffic between different subnets and networks. Besides the provision of such basic

network services as NAT, DHCP or routing, Neutron also enables users to create advanced

virtual network topologies including services such as firewalls (Firewall-as-a-Service, or

10

FWaaS), load balancers (LoadBalancer-as-a-Service, or LBaaS) and virtual private networks

(VPN-as-a-Service, or VPNaaS).

2.5 ANALYSIS ON EXISTING RESEARCH

There are many previous kinds of research on network performance analysis and

automation. The first is Cloud Network Performance Analysis: An OpenStack Case Study by

Tuan-Anh BUI (2016) [5]. This thesis works aims to achieve a thorough understanding of the

OpenStack architecture, especially its Networking module and to study the network

performance of an OpenStack based cloud cluster. This stud comes up with, beyond a high-

level understanding of the software architecture, a detailed deployment strategy along with a

properly planned experimental and evaluative methodology in order to give an insightful

observation on OpenStack operation. They are able to present the traffic patterns and the

correspondingly measured network performance (in terms of throughput and latency) under

the Neutron-based architecture. According to the experiment results, while packet

encapsulation guarantees network isolation in the OpenStack Cloud environment, its

bandwidth utilization is limited to below 30% of the underlying physical channel. Further

system analysis based on CPU profiling indicated that the use of VXLAN encapsulation

potentially causes CPUs to throttle and thus degrade the network performance.

Second is Network Automation and Orchestration by Juniper Network (2015) [14].

This paper aims the need for network automation. Designed with a flexible and open

standards-based framework, Juniper Network tools and strategies help data center

infrastructures by enabling automation across the full operations lifecycle-from network

provisioning to management to orchestration. By leveraging these technologies, networking

11

professionals are able to reliably streamline processes, eliminate human errors and maximize

uptime.

Last but not least, Analysis Farm: A Cloud-based Scalable Aggregation and Query

Platform for Network Log Analysis by Jianwen WEI, Yusu ZHAO, Kaida JIANG, Rui XIE

and Yaohui JIN (2011) [15]. This paper proposed a scalable platform for network log

analysis, which targets for fast aggregation and agile query. Combining the scalability of

cloud-based infrastructure (OpenStack) and NoSQL data storage system (MongoDB), they

build the Analysis Farm prototype. Analysis Farm’s scalability lies in the ability of storage

expansion, computation upgrade and agile query. In the evaluation experiments, Analysis

Farm successfully finishes aggregation task within a given time and demonstrates usable ad-

hoc queries.

2.6 SUMMARY

Based on this chapter, it can be concluded that previous research is an important step

because it will give more knowledge about the topic and how the previous researcher does

their research. This is also important to not do the same mistake or the same idea and

technique that used.

12

CHAPTER III

METHODOLOGY

3.1 INTRODUCTION

This chapter reports the approach or model development and application of a

comprehensive framework taken in the development of system, application or

implementation of the study. This chapter contains methods, techniques or approach that will

be used during the design and implementation of the project. The selection of the most

suitable methodology for the development of the project is very important as the side effect

of choosing false methodology is chaotic enough because the project might not complete on

the right schedule or the project might completely fail because the developer might be lost

guidance in order to complete the project development. All the phases that involved during

this project will be detailed.

13

3.2 FRAMEWORK

Figure 3.2: Framework of Network Analysis Automation in OpenStack

Figure 3.2 shows an overall framework of Network Analysis Automation in

OpenStack. The first step is to install CentOS 7 in VirtualBox. Next, install and configure

OpenStack as a platform in CentOS 7. Then, the new program will be added in file neutron in

OpenStack. Finally, the result will be displayed in the admin dashboard.

Install CentOS 7 in

VirtualBox Install and configure

OpenStack in

CentOS 7

Add new program in

file neutron in

OpenStack

Result will be

displayed at the

admin dashboard

14

Figure 3.2.1: Data Model (Flowchart) in General About Network Analysis

Success?

Start

End

User report the

problem

Gather the specific

data

Combine that data

Do program analysis

Admin make the

report of the solution

The solution will be

displayed at admin

dashboard

No

Yes

15

Figure 3.2.1 shows data model (flowchart) in general about network analysis. First,

the user will report the problem that occurs. Then, the data to solve the specific problem will

be gathered and combine. After that, problem analysis will take the job. If the program

analysis is successful, the solution for a specific problem will be displayed at the admin

dashboard and admin can make the report of the solution. If the program analysis

unsuccessful, the program analysis will be redone to get the good and better solution.

16

3.3 PROOF OF CONCEPT

Figure 3.3.1: Installation OpenStack

Figure 3.3.1 shows the proof that OpenStack had been installed in CentOS 7. Linux

command is used in this project to locate where the directory of OpenStack in system’s root.

This Linux command is based on the root. First, go to the entire system’s root directory by

using command ‘cd/’. Then by using the command ‘ls’, it will list all the directory in

system’s root. After that, use the command ‘cd etc’ to go to the directory etc, files in the root

and it will list all the files in the directory etc. Openstack_dashboard is in the list which is

means OpenStack had been installed.

17

Figure 3.3.2: Installation Component in OpenStack

Figure 3.3.2 shows that not only OpenStack dashboard had been installed but the

other components in OpenStack also had been installed such as glance for image service,

neutron for networking service, cinder for block storage service, keystone for identity service

and nova for compute service. This is all core components in OpenStack.

18

REFERENCES

1. Mell, P., & Grance, T. (2009). The NIST definition of cloud computing. National

institute of standards and technology, 53(6), 50.

2. What is cloud computing? A beginner’s guide.

URL https://azure.microsoft.com/en-us/overview/what-is-cloud-computing/

3. OpenStack Docs: Overview.

URL https://docs.openstack.org/liberty/install-guide-ubuntu/overview.html

4. OpenStack Docs: Welcome to Neutron’s Documentation!

URL https://docs.openstack.org/neutron/latest/

5. Bui, T. A. (2016). " Cloud network performance analysis: an openstack case study.

6. Vaquero, L. M., Rodero-Merino, L., Caceres, J., & Lindner, M. A Break in the

Clouds: Towards a Cloud Definition.

7. Kalapatapu, A., & Sarkar, M. (2012). Cloud computing: An overview. Cloud

Computing: Methodology, Systems and Applications, 1-28.

8. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing.

9. OpenStack.

URL https://www.openstack.org/

10. National Aeronautics and Space Administration.

URL https://www.nasa.gov/

11. Rackspace Hosting.

URL https://www.openstack.org/

12. Openstack releases.

URL https://releases.openstack.org/

19

13. Openstack Installation Guide.

URL https://docs.openstack.org/install-guide/

14. Network Automation and Orchestration - Juniper Networks.

URL https://www.juniper.net/assets/de/de/local/pdf/whitepapers/2000541-en.pdf

15. Wei, J., Zhao, Y., Jiang, K., Xie, R., & Jin, Y. (2011). Analysis farm: A cloud-based

scalable aggregation and query platform for network log analysis.

16. New release of CentOS Linux 7.

URL https://www.unixmen.com/new-release-of-centos-linux-7/

17. What is OpenStack?

URL https://www.ibm.com/blogs/cloud-computing/2013/08/21/what-is-openstack/

18. Basic vi Commands.

URL https://www.cs.colostate.edu/helpdocs/vi.html