network analysis automation in openstack › www › fyp › fyp18sem1 › report › 43748.… ·...
TRANSCRIPT
NETWORK ANALYSIS AUTOMATION IN
OPENSTACK
NURUL JANNAH BINTI MOHAMAD YUSOFF
BACHELOR OF COMPUTER SCIENCE (COMPUTER
NETWORK SECURITY) WITH HONORS
UNIVERSITI SULTAN ZAINAL ABIDIN
2018
NETWORK ANALYSIS AUTOMATION IN
OPENSTACK
NURUL JANNAH BINTI MOHAMAD YUSOFF
Bachelor of Computer Science (Computer Network Security) With
Honors
Faculty of Informatics and Computing
Universiti Sultan Zainal Abidin, Terengganu, Malaysia
September 2018
i
DECLARATION
I hereby declare that this report is based on my original work except for quotations and
citations, which have been duly acknowledged. I also declare that it has not been previously
or concurrently submitted for any other degree at University Sultan Zainal Abidin or other
institutions.
____________________________
Name: Nurul Jannah binti Mohamad Yusoff
Date:
ii
CONFIRMATION
This is to confirm that:
The research conducted and the writing of this report was under my supervision.
___________________________
Name: Prof. Madya Dr. Zarina Binti Mohamad
Date:
iii
DEDICATION
First and foremost, praised to Allah, the most Merciful for giving bless and
opportunity to undergo the final year project, Network Analysis Automation in OpenStack.
Second, I would like to express my gratitude to my caring supervisor, Prof. Madya Dr.
Zarina Binti Mohamad for her full support, expert guidance, kindness, ideas towards research
of this project and gives me this meaningful experience. Next, I would like to express my
appreciation to my panels, Prof. Madya Dr. Mohamad Afendee Bin Mohamed and Dr.
Aznida Hayati Binti Zakaria @ Mohamad for their thoughtful questions and comments
regarding my final year project.
Other than that, I would like to thank my beloved family especially my mother and
my father, Zalina Binti Mohd and Mohamad Yusoff Bin Abd Aziz for their unconditionally
love, encouragement, support either financially, physically or mentally during this project.
Besides, thanks to all my friends especially my OpenStack and Django members, Wan
Nurshuhada Binti Wan Mohd Asri, Nor Ashila Binti Mohd Rashid and Nur Izzati Sholehah
Binti Azlan for their motivation, enthusiasm also knowledge toward this project.
Last but not least, I would also like to thank all staff of the Faculty of Informatics and
Computing for helping me directly and directly as well as giving me this opportunity to
explore more about my project
iv
ABSTRAK
Pada dekad terakhir ini dunia telah menyaksikan pertumbuhan pesat paradigma Cloud
Computing (CC) dalam dunia ICT. Ianya menarik banyak perhatian daripada akademik dan
industri. Pengurusan pusat data CC ini boleh digerakkan dan dilaksanakan dengan baik
kerana ianya disokong oleh kos perkakasan komoditi yang rendah seta kepopularitian sistem
operasi awan. OpenStack, platform pengkomputeran awan terbuka yang agak baru, memberi
tumpuan kepada penyampaian Network as a Service (NaaS) menggunakan teknologi
virtualisasi. OpenStack menjanjikan infrastruktur awan berskala besar. Menjadi yang baru, ia
masih akan disiasat mengenai bagaimana ianya menyampaikan kebolehan tersebut dan
apakah kerja yang tepat mengenai butiran dalamannya. Data pemantauan rangkaian
memberikan wawasan ke atas status operasi rangkaian. Dengan cara yang semakin canggih
untuk menyelidik, merangkumi dan merakam aktiviti rangkaian, banyak data pemantauan
membawa kedua-dua peluang dan cabaran untuk analisis data rangkaian. Tujuan projek ini
adalah untuk mengautomasikan analisis rangkaian dalam platform OpenStack. Dengan
menggunakan pendekatan metodologi dan menjalankan pelbagai eksperimen, kami
membentangkan prestasi analisis rangkaian. Akhirnya, kami dapat membuat kesimpulan
mengenai automasi analisis rangkaian dalam OpenStack.
v
ABSTRACT
The last decade has witnessed the rapid growth of Cloud Computing (CC) paradigm in the
ICT world, drawing much attention from academia and industry. The increasing popularity of
cloud operating systems, supported by the vastly decreased cost of commodity hardware,
makes deploying and managing a CC data center more feasible than ever. OpenStack, a
relatively new open source cloud computing platform, focuses on delivering Network as a
Service (NaaS) using virtualization technology. OpenStack promises large-scale cloud
infrastructures. Being new, it remains to be investigated on how it delivers those abilities and
what the exact working of its internal details are. Network monitoring data provides insight
into the network operation status. With increasingly sophisticated ways of probing, sampling
and recording network activities, the huge amount of monitoring data brings both an
opportunity and a challenge for network data analysis. The aim of this project is to automate
the network analysis in the OpenStack platform. Using a methodological approach and
having carried out numerous experiments, we present the performance of network analysis.
Eventually, we are able to draw conclusions on the automation of network analysis in
OpenStack.
vi
CONTENTS
PAGE
DECLARATION i
CONFIRMATION ii
DEDICATION iii
ABSTRAK iv
ABSTRACT v
CONTENTS vi-vii
LIST OF FIGURES viii
LIST OF ABBREVIATIONS ix
CHAPTER 1 INTRODUCTION
1.1 Background Project 1 - 2
1.2 Problem Statement 3
1.3 Objective 3
1.4 Scopes 3
1.5 Limitation 4
1.6 Expected Result 4
vii
CHAPTER 2 LITERATURE REVIEW
2.1 Introduction 5
2.2 Cloud Computing 5 - 6
2.2.1 Cloud Computing Models 6 - 7
2.3 OpenStack 7 - 8
2.3.1 OpenStack Software Components 8 - 9
2.4 OpenStack Networking: Neutron 9 - 10
2.5 Analysis on Existing Research 10 - 11
2.6 Summary 11
CHAPTER 3 METHODOLOGY
3.1 Introduction 12
3.2 Framework 13 - 15
3.3 Proof of Concept 16 - 17
REFERENCES 18 - 19
viii
LIST OF FIGURES
FIGURE TITLE PAGE
2.3 OpenStack Conceptual Architecture 9
3.2 Framework of Network Analysis Automation in OpenStack 13
3.2.1 Data Model (Flowchart) in General About Network Analysis 14
3.3.1 Installation OpenStack 15
3.3.2 Installation Component in OpenStack 16
ix
LIST OF ABBREVIATIONS / TERMS / SYMBOLS
IaaS Infrastructure as a Service
PaaS Platform as a Service
SaaS Software as a Service
VM Virtual Machine
API Application Programming Interface
CC Cloud Computing
NIST National Institute of Standards and Technology
XaaS Anything as a Service
REST API Representational State Transfer API
NAT Network Address Translation
DHCP Dynamic Host Configuration Protocol
FWaas Firewall as a Service
LBaaS LoadBalancer as a Service
VPN Virtual Private Network
VPNaaS VPN as a Service
CPU Central Processing Unit
VXLAN Virtual Extensible LAN
1
CHAPTER I
INTRODUCTION
1.1 BACKGROUND PROJECT
Cloud computing is a model for allowing network access anywhere, convenient, on-
demand network access to a shared pool of configurable computing resources that can be
rapidly provisioned and released with minimal management effort or service provider
interaction [1]. In other words, cloud computing is a major transition from the traditional way
of business to think of IT resources. There are many common reasons organizations are
turning to cloud computing services such as cost, speed, performance, and security [2]. Cloud
computing deployment model can be private, public and hybrid and cloud computing services
can be divided into three categories: infrastructure as a service (IaaS), platform as a service
(PaaS) and software as a service (SaaS). There are many examples of cloud computing such
as Dropbox, Google Drive, Gmail, OpenStack and more. This project will use one of those
examples which are OpenStack.
OpenStack is an open-source platform for creating and managing cloud
infrastructures, originally developed by NASA and Rackspace. OpenStack operates with
large pools of computing, storage, and networking resources. It consisted of Compute (Nova
service) module responsible for arranging, managing and providing virtual machines [3].
Object storage (Swift service) is a scalable redundant storage system while block storage
(Cinder service) manages virtualized block storage pools. OpenStack dashboard (Horizon
service) enables users to access and manage VMs, VNs and other OpenStack resources via a
2
web-based graphical users’ interface. OpenStack has several other services that are
commonly used by the above core projects, making it easier to implement and operate on the
cloud. These services are keystone (Identity service), glance (Image service), ceilometer
(Telemetry service) and heat (Orchestration service). This project will emphasize neutron
(Networking service) in OpenStack.
Neutron is an OpenStack project to provide “network connectivity as a service”
between interface devices managed by other OpenStack services [4]. It ensures the network is
not a bottleneck or limiting factor in a cloud computing. It is allowing users to create and
manage network objects, such as networks, subnets, and ports, which other OpenStack
services can use through an API. It is also allowing users to control traffic, connect servers
and device to one or more networks.
For the expected result, network analysis in OpenStack will be done automatedly. It
will easier the admin to manage the network and the automation features can be cover and
improve in OpenStack.
In conclusion, the OpenStack project has been on the market for over 5 years,
delivering one of the most successful open-source software platforms to use Cloud
Computing [5]. This software itself has been gradually accommodated with increasing
development efforts from the community to be more stable and to have more features to meet
the growing needs of Cloud providers and users. As OpenStack is a relatively new and still
growing cloud computing solution, it is very important to improve the service in OpenStack
and to add the features that will make easier to user and admin.
3
1.2 PROBLEM STATEMENT
OpenStack is an open source (release in 2010), openly designed, openly developed by an
open community. It is improved from one version to another but there are still many features
that need to be improved to become a complete software. One of the important features that
need to improve is automation that can be cover in the network area in OpenStack. An
automated system is required for performing network analysis, processing the results and
presenting the reports. Automating the network analysis allows easy identification of lots of
problems that network engineers know that they should be done but never had the time to
implement.
1.3 OBJECTIVES
1. To propose the automation of the network analysis in OpenStack.
2. To design the network analysis to be friendlier.
3. To implement the effectiveness automation of the network analysis in OpenStack.
1.4 SCOPE
The scope of this project are as follows:
1. This project will configure and implement one of the cloud computing platforms
called OpenStack.
2. This project will integrate automation of network analysis in the OpenStack platform.
4
1.5 LIMITATION
Some technical challenge of this project is described as follows:
1. No references for a similar project from senior’s thesis at Faculty Informatics and
Computing.
2. Time is spent more in the installation process and complicated to configure
OpenStack.
1.6 EXPECTED RESULT
Based on the objectives, an optimal result can be achieved which are:
1. Network analysis can be done automatedly in the OpenStack platform.
2. Easier to admin to monitor the network in OpenStack.
5
CHAPTER II
LITERATURE REVIEW
2.1 INTRODUCTION
This chapter will discuss the previous articles and research papers that are related to
this project. It is important to gather the information or knowledge to get a better
understanding of the idea of how this project works. The literature review that will be
analyzed and summarize will be between 2011 until 2018.
2.2 CLOUD COMPUTING
Cloud Computing (CC) has been in the market for a while and is praised by
consumers and enterprise for its provision of on-demand access to scalable computing
resources, to meet the need services and applications with the growing complex. Yet there
has not been any standardized definition of what Cloud Computing is and as a matter of fact,
different companies and institutions tend to have their own definitions for this new
technology/business model [6-8].
Among many ways in the literature of how the term Cloud Computing is defined, the
one in the published work of the U.S. National Institute of Standards and Technology (NIST)
[8] has been taken as the de-facto definition:
“Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., network, servers, storage,
6
applications, and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction.”
CC introduces a new way of optimally utilizing and computing power (CPU, memory,
storage), in which cloud resources are not only shared among multiple users but also able to
be dynamically supplied (on demand). Provisioned to users on a pay-for-use basis, CC offers
an attractive environment for users and enterprise to develop and/or run Internet-based
applications and services, with little concerns over upfront costs as well as infrastructure
maintenance costs.
2.2.1 CLOUD COMPUTING MODELS
The ICT industry has defined the three main forms of Cloud Computing including
Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service
(IaaS). These three models are commonly referred to as SPI model.
SaaS, short for Software-as-a-Service, is the most basic form of cloud service where
users are able to run their favourite applications and services (such as emails, office, or even
video games and so on) in the cloud. As such, users use the resources effectively regardless
of constraints on IT implementation problems. This model also helps to minimize upfront
cost in operation as well as maintenance. Typical examples of SaaS are Google apps,
Salesforce, Cisco, WebEx and so on.
PaaS, short for Platform-as-a-Service, provides a development platform (i.e.
development kits and a number of supported programming languages, database or other
software components) on which cloud users can leverage to develop, manage and run their
own applications and services. With PaaS, cloud users are given more control over the
7
environments for managing applications. Typical examples of PaaS include Window Azure,
Heroku, Google App Engine and so on.
IaaS, short for Infrastructure-as-a-Service, provides cloud users with physical
resources or virtual machines in terms of CPU, storage, load balancers or operating system.
Some IaaS service providers also provide disk image library and file-based storage. Typical
examples of IaaS include Amazon EC2, Google Compute Engine and so on.
SaaS, PaaS, and IaaS as listed above are the most common forms of XaaS with the
provisioned resources being referred to software, platform, and infrastructure, respectively.
Everything-as-a-Service (also known as Anything-as-a-Service), or XaaS, refers to the
growing diversity of services provided over the Internet rather than locally or non-premise.
2.3 OPENSTACK
OpenStack [9] is a free and open-source cloud computing software platform that
enables rapid deployment, management, and development of cloud infrastructure in a data
center. OpenStack was jointly launched by NASA [10] and Rackspace Hosting [11] in July
2010 and is managed by the OpenStack Foundation. OpenStack Foundation is a non-profit
organization formed in September 2012 to promote the development, distribution, and
adoption of the software stack. Currently, the OpenStack project is supported by more than
500 companies.
OpenStack platform provides cloud computing services running on standard
commodity hardware and is primarily deployed as an Infrastructure-as-a-Service (IaaS)
model. The software stack consists of a group of interrelated projects that control pools of
processing (Nova), storage (Swift, Cinder) and networking (Neutron) resources throughout a
8
data center. Management and control over these pools are exposed to users through a web-
based dashboard (Horizon), command-line tools, or a RESTful API. By utilizing a massive
collection of popular enterprises and open-source technologies, OpenStack becomes an ideal
solution for heterogeneous infrastructure.
The OpenStack project currently has a 6-month release cycle. There has been 18
stable release, among which the latest one (code name Rocky), was released in August 2018
while the soon-to-be-released version (code name Stein) is planned to come out on 10 April
2019 [12].
2.3.1 OPENSTACK SOFTWARE COMPONENTS
The OpenStack project consists of several interrelated sub-projects that help to
manage different aspects of hardware resources including computing, storage, networking,
and other related services, each of which offers its own set of APIs to facilitate the integration
of the whole software stack. Figure 2.3 illustrates the OpenStack conceptual architecture with
interactions among its software components [13]. As an IaaS-focused cloud platform,
OpenStack has VMs at its center, provisioned by the Nova module. VMs are surrounded by
other services including network connectivity handled by Neutron; operating system images
stored by Glance; storage services provided by Swift and Cinder. Keystone is responsible for
the authentication of the whole OpenStack system while, at a high level, Horizon provides a
web-based management interface to all the other services.
9
Figure 2.3: OpenStack Conceptual Architecture
2.4 OPENSTACK NETWORKING: NEUTRON
The OpenStack Neutron project, having its premiere in Havana release (October
2013), replaces nova-network to provide OpenStack with a full-featured abstraction of the
Virtual Network Infrastructure as well as basic and advanced network services. Thanks to
Neutron, cloud users have access to essential networking infrastructure and resources like
network, subnet and router objects. The elements simulate functionalities of real-world
corresponding physical components: network consists of subnet connected to routers, which
route traffic between different subnets and networks. Besides the provision of such basic
network services as NAT, DHCP or routing, Neutron also enables users to create advanced
virtual network topologies including services such as firewalls (Firewall-as-a-Service, or
10
FWaaS), load balancers (LoadBalancer-as-a-Service, or LBaaS) and virtual private networks
(VPN-as-a-Service, or VPNaaS).
2.5 ANALYSIS ON EXISTING RESEARCH
There are many previous kinds of research on network performance analysis and
automation. The first is Cloud Network Performance Analysis: An OpenStack Case Study by
Tuan-Anh BUI (2016) [5]. This thesis works aims to achieve a thorough understanding of the
OpenStack architecture, especially its Networking module and to study the network
performance of an OpenStack based cloud cluster. This stud comes up with, beyond a high-
level understanding of the software architecture, a detailed deployment strategy along with a
properly planned experimental and evaluative methodology in order to give an insightful
observation on OpenStack operation. They are able to present the traffic patterns and the
correspondingly measured network performance (in terms of throughput and latency) under
the Neutron-based architecture. According to the experiment results, while packet
encapsulation guarantees network isolation in the OpenStack Cloud environment, its
bandwidth utilization is limited to below 30% of the underlying physical channel. Further
system analysis based on CPU profiling indicated that the use of VXLAN encapsulation
potentially causes CPUs to throttle and thus degrade the network performance.
Second is Network Automation and Orchestration by Juniper Network (2015) [14].
This paper aims the need for network automation. Designed with a flexible and open
standards-based framework, Juniper Network tools and strategies help data center
infrastructures by enabling automation across the full operations lifecycle-from network
provisioning to management to orchestration. By leveraging these technologies, networking
11
professionals are able to reliably streamline processes, eliminate human errors and maximize
uptime.
Last but not least, Analysis Farm: A Cloud-based Scalable Aggregation and Query
Platform for Network Log Analysis by Jianwen WEI, Yusu ZHAO, Kaida JIANG, Rui XIE
and Yaohui JIN (2011) [15]. This paper proposed a scalable platform for network log
analysis, which targets for fast aggregation and agile query. Combining the scalability of
cloud-based infrastructure (OpenStack) and NoSQL data storage system (MongoDB), they
build the Analysis Farm prototype. Analysis Farm’s scalability lies in the ability of storage
expansion, computation upgrade and agile query. In the evaluation experiments, Analysis
Farm successfully finishes aggregation task within a given time and demonstrates usable ad-
hoc queries.
2.6 SUMMARY
Based on this chapter, it can be concluded that previous research is an important step
because it will give more knowledge about the topic and how the previous researcher does
their research. This is also important to not do the same mistake or the same idea and
technique that used.
12
CHAPTER III
METHODOLOGY
3.1 INTRODUCTION
This chapter reports the approach or model development and application of a
comprehensive framework taken in the development of system, application or
implementation of the study. This chapter contains methods, techniques or approach that will
be used during the design and implementation of the project. The selection of the most
suitable methodology for the development of the project is very important as the side effect
of choosing false methodology is chaotic enough because the project might not complete on
the right schedule or the project might completely fail because the developer might be lost
guidance in order to complete the project development. All the phases that involved during
this project will be detailed.
13
3.2 FRAMEWORK
Figure 3.2: Framework of Network Analysis Automation in OpenStack
Figure 3.2 shows an overall framework of Network Analysis Automation in
OpenStack. The first step is to install CentOS 7 in VirtualBox. Next, install and configure
OpenStack as a platform in CentOS 7. Then, the new program will be added in file neutron in
OpenStack. Finally, the result will be displayed in the admin dashboard.
Install CentOS 7 in
VirtualBox Install and configure
OpenStack in
CentOS 7
Add new program in
file neutron in
OpenStack
Result will be
displayed at the
admin dashboard
14
Figure 3.2.1: Data Model (Flowchart) in General About Network Analysis
Success?
Start
End
User report the
problem
Gather the specific
data
Combine that data
Do program analysis
Admin make the
report of the solution
The solution will be
displayed at admin
dashboard
No
Yes
15
Figure 3.2.1 shows data model (flowchart) in general about network analysis. First,
the user will report the problem that occurs. Then, the data to solve the specific problem will
be gathered and combine. After that, problem analysis will take the job. If the program
analysis is successful, the solution for a specific problem will be displayed at the admin
dashboard and admin can make the report of the solution. If the program analysis
unsuccessful, the program analysis will be redone to get the good and better solution.
16
3.3 PROOF OF CONCEPT
Figure 3.3.1: Installation OpenStack
Figure 3.3.1 shows the proof that OpenStack had been installed in CentOS 7. Linux
command is used in this project to locate where the directory of OpenStack in system’s root.
This Linux command is based on the root. First, go to the entire system’s root directory by
using command ‘cd/’. Then by using the command ‘ls’, it will list all the directory in
system’s root. After that, use the command ‘cd etc’ to go to the directory etc, files in the root
and it will list all the files in the directory etc. Openstack_dashboard is in the list which is
means OpenStack had been installed.
17
Figure 3.3.2: Installation Component in OpenStack
Figure 3.3.2 shows that not only OpenStack dashboard had been installed but the
other components in OpenStack also had been installed such as glance for image service,
neutron for networking service, cinder for block storage service, keystone for identity service
and nova for compute service. This is all core components in OpenStack.
18
REFERENCES
1. Mell, P., & Grance, T. (2009). The NIST definition of cloud computing. National
institute of standards and technology, 53(6), 50.
2. What is cloud computing? A beginner’s guide.
URL https://azure.microsoft.com/en-us/overview/what-is-cloud-computing/
3. OpenStack Docs: Overview.
URL https://docs.openstack.org/liberty/install-guide-ubuntu/overview.html
4. OpenStack Docs: Welcome to Neutron’s Documentation!
URL https://docs.openstack.org/neutron/latest/
5. Bui, T. A. (2016). " Cloud network performance analysis: an openstack case study.
6. Vaquero, L. M., Rodero-Merino, L., Caceres, J., & Lindner, M. A Break in the
Clouds: Towards a Cloud Definition.
7. Kalapatapu, A., & Sarkar, M. (2012). Cloud computing: An overview. Cloud
Computing: Methodology, Systems and Applications, 1-28.
8. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing.
9. OpenStack.
URL https://www.openstack.org/
10. National Aeronautics and Space Administration.
URL https://www.nasa.gov/
11. Rackspace Hosting.
URL https://www.openstack.org/
12. Openstack releases.
URL https://releases.openstack.org/
19
13. Openstack Installation Guide.
URL https://docs.openstack.org/install-guide/
14. Network Automation and Orchestration - Juniper Networks.
URL https://www.juniper.net/assets/de/de/local/pdf/whitepapers/2000541-en.pdf
15. Wei, J., Zhao, Y., Jiang, K., Xie, R., & Jin, Y. (2011). Analysis farm: A cloud-based
scalable aggregation and query platform for network log analysis.
16. New release of CentOS Linux 7.
URL https://www.unixmen.com/new-release-of-centos-linux-7/
17. What is OpenStack?
URL https://www.ibm.com/blogs/cloud-computing/2013/08/21/what-is-openstack/
18. Basic vi Commands.
URL https://www.cs.colostate.edu/helpdocs/vi.html