 Oh, there we are, all right. Hi, everybody. Thanks for joining us today, a discussion about OpenStack and Hyper-V. My name's Peter Puglia, and I'm a senior at Stead with Microsoft, responsible for community management of OpenStack, as well as testing. With me today is Alzendro Pilotti, one of the key contributors for the Folsom release and one of the key people responsible for helping us bring back Hyper-V support within the OpenStack code base. So thanks for joining us today. Thanks for coming to learn about Hyper-V. All right, so six months ago, I came to the San Diego Summit with a couple goals in mind. Okay, I'd just started at Microsoft at the time, and obviously we had a lot of challenges ahead of us. One of the key goals was to organize a community specifically to support and maintain the OpenStack Hyper-V integration. The other key, one of the other key pieces was to actually get that code reintegrated back into the release, followed by the obvious one is making Hyper-V the best possible hypervisor you could use within an OpenStack environment. Looking back at it now, we've had a, although it'd be an interesting run and with lots of excitement, we were able to successfully build the community that we set out to build. We were able to restore the code back into Folsom for this release. Not only the code that was originally there, but heavily advanced or enhanced code that supports new features that are very common with the other hypervisors. So it was a key, really just key success story I think for Microsoft in general are just being able to build a community in such a short amount of time and achieve this feat of getting this code reintegrated back into the code base. So heads off to all the community members who helped make that possible. So thanks. How's Andrew and Pedro? Everybody involved. It was quite amazing to see how quickly and cohesively they could come together and get things done. So it worked really well. So obviously we just sort of passed the release of Server 2012 and with 2012, there's a lot of key features that we actually utilize within the open stack environment and here's a list of some of the other features that get brought to the table. Specifically, we now have a Hyper-V extensible switching infrastructure which is something we're gonna look into utilizing for Quantum as well as Hyper-V replica which is also a great new key feature that maybe could have some use cases within an open stack environment. One of the largest key features that I find extremely useful is the migration model that's now available with 2012. I think at a high level when you really look at where Hyper-V has come from its early stages to what we have today in 2012, it is a fully baked, ready-for-prime time hypervisor now with the same features that you would expect from a Microsoft product and something in that you would expect from any hypervisor in general. So it's pretty, I think it's ready for prime time and ready for use in your Fulsome OpenStack Cloud. So Hyper-V in general, well, there's a lot of, I guess to start, what does OpenStack run on from a Windows perspective? We run on Hyper-V Server which is the free edition of Microsoft's virtualization platform. Hyper-V Server allows you to run virtual machines, Linux virtual machines, FreeBSD virtual machines for free. The licensing model's such that you can use it for free. You start sort of purchasing CALs once you run Windows workloads on top of it or include it in sort of your management platform like System Center. And I'm sure there's other individuals in the room that will gladly or more versed than I am at the licensing that could add some value to that discussion. But in general, it runs on Hyper-V Server. It also runs on Windows Server 2012 which is sort of the more full-blown operating system version of the hypervisor where you get additional features. So Hyper-V Server itself has a limited feature set that is a subset of the larger core server platform. So, and also it will run on Windows 8 as well with the virtualization enabled. So just to introduce you to some of the people who were key contributors to the Hyper-V movement with an open stack, obviously Alexander Pallotti here. He committed the code for pause on pause, snapshot, suspend, resume. He did the final push for our Folsom integration as well as develop the testing framework that we currently use for Nova Compute unit testing. Pedro, so I'm over here somewhere in the corner over here. He actually wrote all our volume attach, detach code boot from volume and he's been doing some current work on Cinder. And also Jordan Rinkie did the initial Essex integration for us, getting us reintegrated into the code base. All right, so what is open stack on Hyper-V? You know, there's a lot of misconceptions. A lot of people think we take a similar approach as to sort of Zen server and XEP, which we don't. We actually run as an application, a Python application on top of the Windows hypervisor. So it gets installed on top of your Hyper-V node, okay? It requires Python and all the same dependencies that Nova Compute requires. We don't have any other need for any Windows clustering service, so live migration doesn't require clusters or shared storage or anything of the such. And it literally, we utilize a lot of the key features that are already baked into server 2012. Now, some of the key things that we added coming into Folsom, which are very noticeable for anybody who's ever used open stack on Hyper-V before, is the ability to actually utilize the command line clients from the Hyper-V node itself. And one of the great things you can do from that is actually finally upload images from your Hyper-V server directly into Glance. So that is obviously makes the workflow for provisioning VMs or getting VM instances, or images into your Glance repository a lot easier and cuts out some steps as to what it used to be. We also plan on supporting DHDX for the Grizzly timeframe. All right, so now volume attach and detach. So once again, because we utilize native things in the operating system, we're strictly, we need to enable the iSCSI initiator service that all this configuration can be easily and minimally scripted in either PowerShell or simple CMD files. The volume, it allows us to attach and detach iSCSI volumes directly to the virtual machine instances running on top of Hyper-V in the same sort of user experience that you would experience with KVM or the other hypervisors. In the case of boot for volume, we actually, you have to install, previously install the operating system onto that Nova volume or Cinder volume prior to actually deploying it into the cloud. Live migration at a high level. Each compute node has to have active directory domain membership because of the security implications of passing the virtual machine between the nodes. We have to have a common authentication layer for those services. So the service also has to run as a domain level service account. Sure, nothing live migration can be easily enabled within like three, was it three lines of PowerShell or a couple of mouse clicks. And it's same user experience that you would have with Nova today for initiating those live migration commands. So all the same command sets, everything's sort of native open stack. One of the things that, and I'll actually let Alessandro sort of address some of this, but I guess I'll start. The, his team created an MSI installer, which basically makes it extremely easy for you to deploy open stack compute on top of Hyper-V. And it actually handles a lot of the tweaking and setting of bits that need to be done prior to that deployment. So for example, it will register, install the necessary Python components, install all the Python dependencies, generate your nova.com on the fly for you based on user supplied variables or settings. So, and then it will also start the service once it's complete. So basically if you wanna plug this into Puppet or Chef, you can easily roll out your Hyper-V compute deployment very rapidly. Now some additional things that he's added to the actual installer is a, basically included free RDP build that will allow you to connect directly to the virtual machine instance console running on Hyper-V. So no need to put VNC on your instance and use the VNC console. You could still do that and use the, sort of the dashboard scenario that exists today. Right now we don't have that user experience in, but that's one of the key sort of features we're looking to bring along through Grizzly is actually RDP access. So right now here's sort of a side step that'll allow you to get some level of functionality that Alexander and his team has actually added to that. As you can see, they also added a Nifty, or let's say an administrative command prompt that already has your paths and whatnot preset. So you can use the nova commands natively and easily without having to go through the extra hoops of configuring. So I'll let the man step up and. Okay, thank you. So first I have a question for you. How many of you guys already use Hyper-V? That's good, that's good. You, Pedro, you don't. Ha ha ha ha ha ha ha ha. And how many of you guys use the 2008 R2 version? 2012, hey, 2008. I missed some numbers actually because there were more hands there versions of Hyper-V available actually. Ha ha ha ha ha. Kidding. So actually Hyper-V is a product which is developed very, very fast actually. The new version that came out on the 4th of September in has a lot of new features that were not available previously. And it's also including a lot of compatibility with open source, like Linux VMs, like FreeBSD and so on. So it's great what you can do with it. So that's why I wanted to see what you guys were already doing. We had actually a kind of a big challenge in, okay, in implementing what we did. Why? For the simple reason that one thing is the Microsoft board and one thing is actually the open source world from which OpenStack comes from, I mean where the roots are, okay. So and at the same time, we wanted also to be sure that people with strong Microsoft experience had a perfectly seamless and easy experience working with the product, okay. So we didn't want to have a situation which we were saying, okay, here are the bits, you have to first install Python, then you have to have to install this package, that other one, then be sure to make a bit be freeze and that only that version is installed and all that other one, blah, blah, blah, okay. Wanted to have something in which the user could simply start it, go on by pressing next, next, next, next and configuring only what they had to do. Also, we wanted to have a tool which was automatically generating all the configuration files, actually talking about Nova Compute, the Nova Conf file, okay. And beside that, we wanted also to be sure that all the, let's say advanced features like for example, live migration or volume management, okay, were actually enabled out of the box, okay. So, in order to do that, the only thing that you guys need is to have a Hyper-V host installed. It can be, of course, they had the free one or it can be also the full Windows server with the Hyper-V role enabled, okay. It can even be Windows 8 if you just want to use it for testing, okay. Okay, let's go on. So, what do we have here? Okay, here it is. So, we have a virtual machine here running on top of Fusion which is running a Hyper-V server, okay, freshly installed. It's, of course, not a production scenario, it is just a thing that we use for testing, okay. So, on this machine, we have two Hyper-V, so we simulate the immigration. We have a DevStack installation on Ubuntu Linux and we have a domain controller, okay. All squeezed in 16 gigabytes of RAM. Okay. So, the installer that we are talking about. So, this is Cloud-based Solutions, our company, and you can find here the installer. It's available for free for download. You just have to do here, open stack installer and here you go, here we have a distinction. You click on download and you just download an MSI file, okay. That's everything you need. And if you want to follow what I'm going to do step by step, here is a blog post which is showing you all the stuff that you have to do. So, cloud-based.it is the website, okay. Putting the screenshots. Maybe I have to disable the Wi-Fi. Yeah, that was it. Okay, so you have a guide step by step telling you exactly what you have to do, what actually you are doing, just to know exactly what's going on, and so on. And some troubleshooting issues and whatever. If you have any questions about it, feel free to write me or contact me on my Twitter handle, whatever you prefer. So, let's go back to our demo. So, here it is. It's starting. Welcome screen. Next. You have to accept the license agreement which is in the moment is just the Apache 2.0 license, okay. And here you have the first screen in which you can choose what to do. You have, I'm reading for you because maybe the resolution is not the best. Okay, the first option is the open stack in our compute itself. Of course, that's the core of it, so you cannot just disable it as an option. And you can choose a lot of sub-features. For example, you can choose if you want to enable live migration. In order to do that, you have to be, the host needs to be member of a domain, okay. Ascas initiator service, this is used in order to manage the volume at touch, at the touch, okay. Whatever else, you have an open stack command prompt which might be useful in order for you to launch all the Nova, Cinder, and so on commands. And this is also something very new. We just added it like last week. This is free RDP. You guys know that in order to connect to Hyper-V, you have to use the RDP protocol, okay. So normally for all the other hypervisor, you use BNC and for Microsoft, you use RDP. So we had the challenge in deciding how to make sure that from the Hyper-V box itself, you were able to connect to the hypervisor to the single virtual machines, okay. Linux, Windows, whatever you have there, FreeBSD, et cetera, et cetera. And in order to do that, you connect to the hypervisor itself and then this one is redirecting you to the host. Sorry, to the guest. And this is the feature which is part of a VM connect, okay, when you use the Hyper-V manager on top of a Windows server or Windows 8 with the R-Sat and so on. We wanted to be sure that you didn't need to have a separate machine to do that, okay. And by the way, free RDP and the way in which we are using it here will be also the base of the feature that we are developing for Grizzly in order to enable you to connect directly through Horizon, so from the dashboard directly to your Hyper-V host. Okay, it's working free RDP. We managed to compile it and make it work on Windows, on Mac OS X and on Linux, okay. So you can connect now to your Hyper-V virtual machines for any operating system. Here we are bundling, of course, the version for Windows. Okay, let's go on. That's how the basics set up for now. First thing, in order to use Nova Compute, you need to create a virtual switch, which is called the bridge, you know, in terms of Nova. So we wanted absolutely to avoid for you the hassle of opening a PowerShell, understanding the command, how to do it and so on, or having a separate machine in order to use Hyper-V Manager and so on, okay. So this part is simply handled by installer. So the installer will just make some WMI magic behind it for you. So you can choose between an existent virtual switch in case you should have it, or you can just create a new one. In this case, I'm going to choose the only network adapter that I have on this virtual machine, okay, or if you have multiple one, you can choose which one to use. You give it a name and you decide if you want to share it for management or not, okay. On production environment, I suggest, of course, to have a non-shared one. If you want, suppose that you want just to install the service and configure it later, okay, or deploy your configuration a different way, you can just click here on Skip Nova Configuration and it will just bring you to the end of this dollar, okay. In this case, we want to do everything inside of the setup. So next step is gonna ask you a few questions related of what's going inside of your NovaCon file. So all you need here is simply your Glance API host, which is, by the way, in this case, for this demo, the dev stack VM that I'm running. Password, here is the Nova database. You put the full URL. By the way, we support also SQL Server, so MySQL and also SQLite, but then we prefer very secure password with a very secure user. That's dev stack, so it's fine. Next step, some advanced configuration steps, which are simply limit CPU features, which is not a masochistic feature, is simply required in the case in which you want live migration and you have different CPU architectures. So this way, by constraining the features used by the very virtual CPUs, you can make sure that those machine can be live migrated. Of course, the best option is to use the same architectures in all the hosts inside of your live migration cluster. Enable logging and enable verbose logging. I do this only now for testing, of course, in a live scenario, I will just enable regular logging. And of course, you have the log file folder, which is actually where your Nova compute log is going to go, since we don't have slash var slash log and so on here. Here we go, that was it. Okay, what's going on now? We are, I'm speaking, so I hope to distract the demo gods in the meantime, you know. So the idea is that, you know, you require Python. So there is Python, of course, for Windows, but we didn't want you to install Python and then coming here. So what we do here is to install a completely isolated Python environment, including all the dependencies. So even if you have your C Python to seven directory, we are not messing up with it. We create a separate one. So we are sure that you can actually use our environment together with anything, any other application that you might run instead of this box, okay? And for us, it's also better because you don't have to download anything from the internet, okay? You're just installing everything there and in a completely independent way. Afterwards, it's installing all the Microsoft binaries that you might need. So for example, the visa C plus plus run time and everything, okay? Then it's installing whatever you ask. You ask, for example, free RDP or whatever else, okay? So it's over. That was it. Pretty easy, no? Thank you. Yeah. Yeah. I said pretty easy. Yeah. Yeah. Okay, service has already been started. The service name is simply Nova minus compute, okay? So that's it. If you wanna stop it to restart it and everything is just Nova start, sorry. Net start and net stop and the service name, okay? Okay, here is the configuration. I'm doing everything on the common line for the simple reason that we don't have a user interface here. This is the free edition of Hyper-V. So it's telling us that it's running with all that common line. As you can see, there is a configuration file which is pointing to a specific directory since we don't have slash ATC here. And it's running with the local system account. So we need administrative privileges on the machine itself. If you run on live migration, then you will need a domain account. But, of course, the installer will take care of everything when I will demo the live migration part. So let's go now on, okay, here we are on your DevStack machine. Okay, not the best font, probably for a demo. But it's pretty easy to spot that here there is the name of the name of the machine and here there is a smiley face, okay? Which means that the demo gods are kind with us so far. So actually, DevStack recognized that we have a new Nova Compute running and that is working. Which means that we can move to the dashboard which is indeed here. I have some stuff left on some previous demo. Here I have a Ubuntu server. I call it demo one. I call it a lot of fantasy and imagination. And okay, a tiny image. I don't think it's good to waste too much memory here. Key one, whatever. Launch, go. Networking, spawning. Okay, what's happening here? We have a glance image. This image is copied over to the Hyper-V host, okay? And then based if you decided to use a COV instances or not, it's happening in the following. So with COV, the COW, sorry, the image remains there and we're creating a difference in disk on the fly, okay? And we fire it up. So here, the machine itself or the image was like three, four gigabytes. We didn't need to copy it because it was already there, okay? And all we had to do is just create a difference in disk and start it. So the spawning itself was really fast. Yeah, that was in VHD. We are going to enable also VHDX very soon. If it's applying a copyright, yeah, definitely, yes. Yeah, the only difference, but maybe we can continue this conversation later because it gets a little bit too technical. Yeah, using a different WMI provider for VHDX, that's the only thing, but the same APIs are applying. Okay, it's upper running, basically. So if I move here as I'm starting my PowerShell, get VM, here is our machine running. Okay, here we have the free RDP implementation. And together with free RDP, we implemented also a PowerShell commandlet, which will do some magic for you. It is, we have to enable first the set execution policy. As I told you, this is a brand new machine. Of course, yes. Okay, we import the module. Now we say, okay, get VM and we pipe it straight through. Get VM console, which is get VM console is the PowerShell commandlet that we created. Et voilà. You have your Linux instance showed inside of the free RDP window. Okay. That was easy, no? Thank you. You can use get VM console, also passing the name of the virtual machine, the ID, and so on, okay? You can also go directly and use free RDP, which is called the WR, free RDP on Windows, okay? But you have to pass the ID of the virtual machine, which is a GUID, okay? So it's a little bit trickier to remember it and so on. But that's what you can do, for example, on Linux or on the Mac and so on. All right, so that was it so far. Now it's time to talk about live migration. For live migration, we need to separate a second machine. Here it is. So we're starting the Nova compute license. Okay. This time, we want to enable also live migration. We go through the user stuff. So in this case, we are just saying create a new virtual switch. Pay attention, of course, that in order to enable live migration, what you do is just you move on the fly in all machine from one server to another. So it has back to find the same resources. So for example, if you have a virtual switch, which is called external one, you have to have the same one on the other one, okay? It's all pretty common to cross pretty much every compute hypervisor. Okay, I'm going to do the same configuration. So this is actually the same stuff that I did before. All right. Once again, all these steps that he's doing here can be provided directly to the MSI at install time. To offer it completely unattended mode. So once again, for things like Puppet and Chef that would really take advantage of sort of this model of deployment, it does a lot of the steps that you would normally have to do sort of outside of the actual just installation of the package. So it's a pretty key bunch of things that are occurring to enable the technology at this point. Okay, here, we are going to enable live migration on the Hyper-V level, okay? So once again, you don't have to connect to a separate machine running Hyper-V managers on or trying to remember all the PowerShell comalets and so on. Okay, what we did here is hide all the WMI, let's say low level stuff behind. We have some C++ models running here behind. And you can choose the authentication type, Kerberos or NTLM and so on. Suggest Kerberos, of course. The number of maximum active live migration that you want to enable, okay? Based on the throughput that you plan to have on your memory and so on. Same stuff for the storage and the networks from which you are accepting live migrations, okay? So in this case, just for the day when I put any network or you can specify specific networks only and say, okay, I am accepting live migration only from hosts coming with that given IP and blah, blah, blah, okay? That's actually, we are mirroring here the Microsoft configuration that you can find, for example, in Hyper-V Manager and so on. One important part here is that when Nova compute is running, in this case, it needs to connect to another computer and it has to do it also via Kerberos delegation, okay? Meaning that the service itself needs to run with domain credentials, okay? What are we doing here? We create, okay, we join simply the hypervisor to the domain. I already did it to save some time during the demo and I have only to specify here the name of the domain account. For the OS demo, another very secure user, just for the demo. I suggest you here to create a domain account and to put him as a member of the local administrators of the machine so you don't have an administrator at the domain level, okay? So that's it and of course the password for the service. Again, all we have to do is just for it to wait and finish his work. One of the tricky part, the reason why, for example, we decided to put the username and password there and not left in the user, changing them at the service level is because it's pretty tricky to do it without having a user interface. The user running the service needs a special logon right called logon as a service, okay? Which you can enable it also via command line but it's a little bit complicated, okay? So that's why we decided to put everything inside of the package. Once again, this limited GUI infrastructure is specific to Hyper-V server. If you're running in server core 2012, you can actually run the Microsoft native management GUIs on top of a core environment, okay? Which will basically allow you to have the full MMC experience with all the typical Hyper-V manager and all that stuff on a server core environment. So for those of you that still feel more comfortable utilizing those tools, you can, however, you cannot do it on Hyper-V server. It has to be done on server core, server 2012 core. So once again, that's one of the limited, with Hyper-V server, it's very similar to ESX and the standpoint of it's there, it's our Microsoft's free hypervisor for you to use and build your environments and infrastructure on top of. Okay, actually the reason why we are working always here in the demos with them, Hyper-V server itself, is that we believe that it's better to have an hypervisor with the possible minimal installation because this way you limit the number of security updates that you have to run. You limit the surface attack and actually the hypervisor part here, the domains error part, it's absolutely just a management thing. So the smaller, the better from the perspective. Yeah, from a security standpoint, running in server core as Hyper-V server gives you roughly, I think it's like a 40% reduced attack surface in terms of operating system footprint. So here we go. As you can see, the service is now running with OSD, Mod Administrator, okay? In order to have the migration, we need of course to have both of them configured in this way, so I have to go back to my first server and I have to change the configuration because now he's not expecting to work with live migration, okay? So I'm just stopping the service, okay? Which once again is them turning down the Python environment and then just running again the installer. This time I'm clicking on change, okay? You can use the same one also to remove but we believe that you will never need to remove it so it's a fake button. Kidding, it's working but it will automatically put a min minus one on your website or something. Okay, live migration. Again, here since this was changed by default it's telling you we skip the Nova configuration, okay? Because I guess you don't want to put again all the details and again we are here with Kerberos and blah, blah, blah. All we have to do is specifying what's the new user. Voila, change, okay, finished. Let me see if it's started. Okay, yeah, because it's a change, it didn't. Let's also check, okay, so maybe local system, that's not good. Just a second, I'm doing one additional step. In the meantime, while we are waiting for the configuration to go and just switching here. In the meantime, you've got a question back here. Yeah, what's the question? Sure. Go ahead. No, no, we require no clustering whatsoever. These are standalone Hyper-B instances. There is no clustering technology needed or required for any of this. What's that? No, with 2008 R2 you can't use, there's no live migration functionality. Basically that's pretty much the only feature that won't work, but once again, it's still a standalone hypervisor. We're not requiring any clustering whatsoever. This is literally we take Hyper-V server, put OpenStack Compute on top of it, and plug it in. Yeah, 2008 R2 will actually support all the volume work that was done. It's strictly the live migration because there was no shared nothing live migration supported in 2008 R2. That's one of the key features specific to 2012. So for us, pretty much our active development, going forward, we're sort of suggesting everybody who wants to participate or get involved to do their work on 2012, strictly because that's obviously where everything's going, but just for sort of some level of backward compatibility, we've made sure that it still works with 2008 R2 as well. That's standalone Hyper-V server. But it runs still on core, and anything with a Hyper-V, any of Microsoft's virtualization platforms will in theory run OpenStack. But in realistic deployments, you would be using a combination of probably either core or Hyper-V server. Yeah, and by the way, it based also on customer requests. We are planning also to add a feature of the full live migration, let's say with a cluster. That's depending on basically on customer requirements. It's not much different. I mean, the implementation of Microsoft did an excellent work actually in the way in which live migration is managed. So you can choose between the shared and nothing one, which are doing here. You can have with a shared storage or you can have it with a full cluster, okay? You know, basically one of the approaches that we were thinking about this work was done was trying to keep it as close to the KVM use cases possible. So we didn't try to deviate sort of that far from it. So we felt that shared nothing migration, the shared nothing live migration feature adds a lot of value to this scenario because it sort of maintains that sort of the open stack architectural model of sharding and shared nothing. Okay, I'm starting up the service now, checking that everything is going okay. Okay, service started. All right, we have two happy faces. So both of our computer nodes are now working inside of DevStick. Okay, we still have the same instance running, okay? So what we can do now is say novel list. So live migration is not integrating in horizon yet, so I have to do it here. So novel list is telling me that I have this ID here. So I'm running inside of the standard DevStick, okay Ubuntu virtual machine now. Okay, now I'll show the VM, which is telling me that it's running on the Hyper-V demo one machine, okay? So now I'm doing novel live migration and pasting in the ID that I got and of course I have to tell him where to go. This is absolutely standard novel code. I mean, we didn't change anything here, okay? We are just providing the computer driver behind. So to number two, we go and here I'm expecting him to telling migrating. So it's moving it now to the other host, okay? Now what's happening is that Hyper-V got the communication say, hey, please move it to the other side. There are a lot of checks before. I mean, hey, are you sure that it's enabled about host, okay? Can I migrate it? The CPUs are compatible, yes, okay? Let's go. And then the cool part in using COW images is that you have the base disk on both sides, okay? So you don't have to move between servers like five gigabytes of data, okay? You move only the difference in this case, okay? Which might be as pretty small stuff and voila, it's running on the other one. Thank you. I didn't say that it was easy. Well, it works. If I click on show here, now it's telling me that it's running on the other one. Okay, that was it for this demo. We have more stuff to show you, like volume attachment, boot from volume, and so on. But I mean, we had only a 40 minutes demo here. We have a boot there to the far left. And I would like to invite you to our booth to come and discuss and ask any possible questions and everything. Do we have time for some Q and A? Yeah. Are we gonna have time for questions or? Okay, so please come to the booth. Thanks everybody. Thank you.