 Okay Okay, welcome everyone My name is Jonathan, and I'm going to talk about open stack or aws or both so this is the agenda and Note it's not a technical deep dive So for anyone who wants to know how many IOPS in an Amazon instance How does that compare to open stack and does an M1 large in aws? Give me the same performance in open stack or anything like that. This is not that session So it's going to be higher level. I'm going to discuss first comparing Amazon and Open stack some technical comparisons and then I will discuss some of the use cases and business decisions you need to do and Whether to do aws or open stack and then I'll end on how to can do both I'm going to do two brave things. I'm going to do live product demos and I'm speaking before lunch So there's an old saying is never make a long speech before between people and food so if your blood sugar is getting low and You're getting fidgety. I'll understand. So let's dive in So open stack a quick review. What is it? It's pools of compute networking and storage that you manage through a dashboard or a command line So what is aws? It's a way to access servers storage and networking For you provision what you use and what you need now You'll notice the pictures between the two are a bit different. So yes, Amazon has more services than open stack But we'll see We'll take that further So this is what I'm going to discuss Basically the ones in blue I will go through today The ones in black beneath know that they are available on both and take questions on those So let's dive into let's compare these services so compute so what is compute compute is a virtual machine it's a store its root disk a network and a boot volume That you boot up a virtual server and it's determined by something called a template or a flavor is how big it is The size means how much CPU how much memory and how much disk do you get and you can often run packaged applications as well So in Amazon they're typically called a VM in open stack. They're called an instance and What guest OSes do you get so Amazon certifies guest OSes and In open stack it would be a good idea to run a certified guest OS because that gives you some level of assurance and some level of support when you if you run into an issue as Was announced at the keynote this week Open stack now has apps that open stack org Which is a marketplace of apps and that compares somewhat to the AMI marketplace that you get in Amazon So let's switch over and take a look see so In compute in AWS where there is something called an instance I have running instances here and I can launch a new instance such as red hats or other Linux's or windows and Similarly in open stack. I have an overview. I get an overview dashboard like I had in AWS. I Have in this case, it's a demo system. So I have a running instance and I can launch new running instances From the images that I have pre loaded so in this case we see that there are Some Linux and windows images that I've pre loaded and I can run those if I want to You can also do it at the command line so in Open stack you see here that I did a nova list and that told me that I'm running a rel seven instance which is This one here and if I do it at the command line in Amazon I Do a minute ago. You see this is really live wrong window, sorry It's Sorry, but that's you have the easy to describe instances come on I lost the wind about I'll bring it up for the next one and that would also give you EC2 dash described as instances would give you the same output as you got here Cinder image list is a list of the images that I have in open stack and I can do the same in AWS So moving on that was compute networking So why do you need networking? so you want to connect instances to one another and you want your users to be able to access your virtual machines and to get on to the internet and You can manage Things like what we call elastic IP addresses, which is a floating IP address IP address rages DHCP things like that. So comparing the two in open stack. It's called neutron used to be called quantum in AWS It's called networking. They both have pretty much the same services IP addressing load balancing in AWS. It's called ELB You can firewall off your individual instances, which is control. What's called egress or ingress which is incoming Traffic or outgoing traffic one thing that AWS does have that are highlighted. They're called VPC Which is virtual private cloud and that allows you to carve out a Section of the AWS cloud for your exclusive use Looking at storage. So there's two kinds of storage. There's block storage and object storage So block storage typically is for used for creating a volume. So in the Windows world This would be like drive e f g h that you add to your running Windows server in the Linux world This would be typically under slash mnt and You can and the second part is object storage and object storage is for storing objects So if you want a repository for storing files for restoring Simple images Photographs Excel files PDFs just a place to store objects So if we switch over and take a look at those So in open stack, there is this concept of volumes And you see here that this one volume is attached to that real instance I showed you on dev already be and I can create a new volume Whatever size and Similarly in AWS I Can go back to my console and I have volumes here as well I have running volumes as well. It could also be attached to instances and And if I look at my open stack So I have those three volumes there and earlier I had run that thing called cinder list So that showed me the command line equivalent of doing it in the GUI, which is those three Volumes the one you see in use is attached to that Instance and if you look you're either probably better than mine, but that's zero a 9c instance ID is This rel 7 instance ID there so oh didn't do object storage so object storage in open stack is this concept of containers here and I see here that I have this one container called C1 and was it is having it. It's got a PDF on CIF It's got an Excel file on compute TCO it's got a JPEG and Similarly if I went to what's known in Amazon. It's called S3 I have a bucket there called Jonathan and bucket and there's a PDF. So you have the both functionality in both sides So so just to compare how storage is It opens that gets called cinder in AWS. It's called EBS That's the block storage the object storage as you saw in AWS. It's S3 in open stack. It's called Swift So obviously in AWS you can only use the storage that they offer in open stack You can add your own storage you can buy from a proprietary vendor Netapp emc veritas you can use a new thing called software defined storage which is CIF which is software based storage on commodity hardware Identity and security so when you run your cloud you want to authenticate and authorize users control how people log in Things like key pairs how they access their the VMs and on the security side as well you want to firewall of your instances So you only want to let certain traffic in or out and you also want to control who can access both Who can actually access the VM? So it opens that it's called Keystone in AWS. It's called IAM identity access management. They both offer pretty much a Virtual firewall and take a quick look So in AWS I see here. I'm logged in as myself and Security I've got this idea of credentials so I can So I have this idea of my access key, which is what I used at the command line to access the instances and the password and then similarly on the open stack side I have the identity here where I can look I'm logged in as the demo so I would switch over And log in as admin But you love cached passwords So here if I went over to identity I'd get a list of the users One of which I was running earlier was demo and I can do things to that demo I can create a user. I could look at the demo user and get his credentials etc and looking at the firewalling So in my I'll go back to my other user So if I look at the instance here access and security There is the I can set up groups the security groups as to who can get to the various instances and I can do the same on EC2 I can get security groups here as to who can get to the instances orchestration so orchestration is The idea that you want to automate so the cloud is not about doing single clicks like I was doing here with a nice Scooby it's maybe easy to do simple Steps, but you really want to orchestrate and automate and how do you do that? So you think of the conductor in the orchestra he brings in the violins and Symbols and the drums and cello at various points to create the music that we all hear and love We so you want to create that cloud? Application that should be as near perfect as the music that you're getting out of the orchestra So you need to bring in the storage the networking the security add an image add an instance kill it as needed so You want to have an automated method so in open stack. It's called heat in AWS it's called cloud formation AWS use something called templates Open stack uses something called text files So we can just take a quick look so here is cloud formation, so you create a stack of what you want to do in EC2 and in Open stack you have a stack as well So you can go ahead and create a stack which would be again networking storage VM security Applications as you need the user interface, so You have three kinds you have the CLI the command line interface that you saw me run some of the Cinder commands You have the graphical user interface that you've seen in the Firefox browser and you have the API for programmatic automation So it serves two purposes the administrators administer the cloud using those tools and the end users provision what they need Using those tools as well So let's compare so it's called easy to API for Amazon Open stack has the open stack API and there's a link there to a workable subset of APIs that are compatible with EC2 They both have a CLI they have a GUI in AWS. It's called the console in Open stack. It's called horizon so we've seen pretty much the The command line and the GUI as I've shown in the demos So that was a brief overview of some of the common Technical services offered by both now. Let's jump into some of the business characteristics so an SLA a SLA is a service level agreement. It's a guarantee of availability of the cloud So why do you need it? Well if you're running mission critical apps you want to know that the cloud is there and How do you account for downtime? What do you what happens when your users complain? How do you you're providing a service to the users? It should be up So AWS in their SLA advertised ninety nine point nine five percent Open stack you obviously are deploying yourself in your data center. So you negotiate that SLA with your IT team Note that red hat can certainly help you achieve a high SLA and Then in order to have that the idea of availability you have you have what's known as availability zones which is groups of Cloud services in different geographies. So you may run a cloud data center for open stack in Well, you want to California. You don't do that. There's earthquakes. So you'll run it in Nevada It land is cheap and And no earthquakes. So you'll there's lots of data centers in Nevada You may run another one in Virginia on the east coast You may and then you duplicate so you can run services in both So if there's one data center has any kind of failure or a rack there and failure you can fail over to the other zone And AWS has that as well one thing to talk about the SLA while Advertise their SLA. They also have what's known as the liability agreement. It's not linked here But I can discuss that afterwards and that is They do have certain disclaimers as to what happens if there is an outage and Where their responsibility lies for your services and your data and that will come up soon So who owns the data? Okay, you storing data in the cloud who owns it and who can access it Right. So users want to know who can access it Certain industries have legal regulations. There's HIPAA There's socks. There's GLBA. There is FSMA lots of legal regulations as to Who has access to data in the cloud and there are some overseas countries that have concerns that the United States security agencies can demand access to public cloud data so in open stack and In AWS you pretty much own your data and you are responsible for it okay, so Amazon is say again, they advertise at SLA. They also have the liability agreement that I can Will bring up on the screen as to if there is an outage What are they liable for and if you read the fine print they are liable for a refund pretty much Open stack on the other side on the other hand you're controlling the data Your IT group is keeping the servers running. You're putting the data there you control it So you need to have best practices security and policies for the data that you're putting out there in both instances So ecosystem what's an ecosystem are you're not in the cloud on your own? Okay, you are there and you want and need a group of Peers and people that will support you so open stack has this great community of hundreds of Companies and thousands of developers that are contributing to the code and running Message boards and email lists where people are posting and answering questions and Amazon has the same They also have variety of Posting boards and places where you can get help from your peers for assistance Why is it important? So your cloud needs to be reliable secure and supported Right, so Amazon will tell you all the various vendors and all the precautions that they run to keep the cloud running and All the people vendors that they partner with when you do open stack inside your data center You want to also have a group of vendors that you partner with That help you keep that cloud running. So you'll want consultants you'll want to run your open stack on Certified hardware so that if there is a problem with a driver if there's a problem with any kind of failure you can go to that hardware vendor and Get support from them if you get open stack from a Distro from a certified vendor then that vendor like red hat will work together with that Hardware vendor and support the issue and help you resolve those issues. So having that certified hardware ecosystem is really important So the ecosystem is pretty much Compare side-by-side with the difference as I said in open stack is that high hardware community The There is no hardware that you know of on the AWS side, you have no idea really what it's running on It's not really your business You just want to know from Amazon through their SLA and through their Liability agreement that they are providing you with a service on the when you're running the cloud in your own data center You want to really have that hardware certification available so that You can go to that vendor when you have a problem The cost everybody wants to know how the cost compares So I try to find as many currencies as I could I've dollar yen pound euro apologies to anyone that I have omitted So there's operational cost and there is capex cost, okay? So Amazon when you go off to Amazon, let's switch back to the browser wake everyone up if I want to go off to Amazon and launch an instance or sign up Sign out, okay, so when I go to Amazon and I Want to use their services they have different kinds of pricing models pays you go and other pricing so So page so opex versus capex so operational expense is an expense that you usually write off every month against a different kind of budget and that is Certain a set amount that is written off every month against a predetermined amount for some number of months or years capital expense is money that you lay out upfront so And you need to write a large check in the beginning So one con one idea to think about the two is when you buy a car if you go into the dealership and you pay cash That's a capital expense You're writing a $20,000 check on the spot and if you lease the car That's a bit more of an operational expense because you're paying $250 a month for the next 48 months So that's an illustrating allergy of capex versus optics So when when Amazon does what they saw there as pay as you go that is opex So you sign up with a credit card and you use their services and at the end of the month You get a bill and you put that on your expense report Send it into your boss. He approves it and that's pay as you go operational expense So the other the other way of capital expense they have is what's known as reserved instances. Let's jump into the slide so You can do opex Prayer card billing by the hour or you can pre-purchase blocks of usage Which is called reserved instances in that case you go off and you buy X number of hours and Use them or you don't use them Open stack you have two kinds of Expenses you need to buy the hardware. So that's usually a capital expense and Then you need to get the software and the people to run it So you can get the software from a distributor and you can license that or you can do The red-at model which is subscription and that typically goes against Opex where you pay a fixed amount every month for services support and the right to use the software Or you can go the route of doing it yourself and doing it yourself Means you buy the hardware you download open stack from the foundation and then you have to hire people to Run it install it and maintain it Python engineers are not cheap and not so easy to find so there's a certain risk that one can say taking that path versus using a supported vendor one thing to bear in mind when one looks at the Amazon pricing is There are certain costs that are not always apparent and this applies to both open stack and Amazon so in Amazon it may you Sign up for a service and you it advertises as so much sense per hour or per minute and Then you may need to use other services and one example that I was discussing with someone yesterday is a Certain IOPS so IOPS is a certain performance that you want to get out of a disk volume and if you go into the Amazon model of doing that there are different grades of performance you can get a fast a Fast volume for a higher price or you can get a slower volume for a cheaper price And how does that compare if I do it in open stack? Do I use SSDs? Do I use a raid? How do you know how does one compare these two options? So? There that's another example of two different kinds of cost models You're buying discs for your open stack or you're using the the Amazon pricing for their different speeds of volume So which do you use? So we saw here that we have certain compute storage and networking security services that are quite similar between Amazon and AWS There are certain different risks and things to consider in terms of SLA data ownership Consulting services, so which do you use? So cost can escalate in the public cloud it looks very attractive when you swipe the credit card and you Start using services, but when you leave the servers running there 24 by 7 and Forget about them you get that bill at the end of the month And that's not really a predictable cost because you started off what? That's a credit card expense and now you've been adding services And you don't really know at ahead of time how much you were expecting to spend On the flip side when you build it in inside you need to buy the hardware And you need to have personnel or to pay a vendor for the help And as we discussed there are security and regulatory acquire requirements between industries and countries I Think it boils down to use cases, right? What are the use cases for AWS versus open stack? So if you have users that are scattered around the world Amazon already has data centers that are worldwide So you may want to consider maybe at least front-ending Amazon at the data centers that are close to your customers to reduce that latency and then putting maybe more customers Customers sensitive data back in your data center on open stack under your control Are you doing a development? So both Amazon and open stack can add platform as a service to that Elastic workload so both platforms are very good at Demand growing and shrinking so that's what elasticity means is your Expanding your cloud horizontally scaling adding servers as you need them and reducing servers as you don't need them high performance computing so When you want to do very data intensive CPU intensive work It may work better to do that in your own data center Where you have a lot more control over the hardware and you can add things like I discussed earlier as high performance SSD drives for some of that Specialized work where as an Amazon you have to go with their pricing model over a higher performing volume Not quite sure because it's a very shared infrastructure. You're not really sure of the level of service you're getting So that may be a use case for doing it inside When you do open stack inside you can really do dedicated resources and segregate your users so I There's this idea multi-tenancy that I had in parentheses right in the original slide And I can go back to the demo briefly so in open stack Multi-tenancy or shared services Means So here projects so an open stack you can create a project Right that you can set How much of the resources that project is allowed to use and you have this more control over multi-tenancy over so you can have a You can have a demo project Yeah, so I have a demo project. I can create another project called engineering. I can create one called Marketing create one called sales. I can put the members into them and I can set the quarters to how much resources they get So that is what I meant by segregation and multi-tenancy so That would be a very good use case for open stack where you really want to segregate users into defined groups into By organization sales marketing engineering by your customers Maybe retail customers wholesale customers by your partners you give them each a project You can define their quota how much CPU disk and memory out of your open-stack cloud that you get in AWS you don't really have that level of segregation all you can really do is create a VPC a virtual private cloud where you go into Amazon carve out a section of their shared resources and give it to your different users So doing that segregation and dedicated resources is a better use case for open stack Finally we'll get to what's called hybrid cloud which is using both So how do you manage both open stack and AWS? If you have applications running in both so you get something called a cloud management platform which is the ability to use both the private and the public cloud and I'll end here with our open hybrid cloud Which has your physical servers your Linux the open-stack and the cloud forms cloud management And go back to our demo Where we see here, I'm logged into my cloud for management engine and I have a view here into my private cloud of VMware Open stack micro Red Hat Microsoft So I have my private cloud By vendor I have public cloud of AWS Get a global view Lots of information that you can get but a tool to manage both the hybrid and the Public the hybrid cloud meaning both your public and your private cloud You can configure you can optimize you can do automation you can do control Lots of options. I can't go into further. This is being run downstairs in the booth. So I was told not to Mess with their demo just show the front screen. What mess up anything they're doing. There is a Manage IQ which is the open-source version of cloud forms running this afternoon in East building I can direct you there if you there's a half-day workshop where you can get to play on Manage IQ run a lab and really learn how to manage both private and public cloud So I will end here We have seven minutes extra lunchtime or questions if anyone has Yeah, so you can do the you can move the m's between the two Yeah, or what all the autumn all the automate I Can't do it here because it's a I'm a read-only user But if you go to the booth downstairs, they can tell you more about that or to the session this afternoon Yeah, it's how it you however you define your Connection to either cloud So you set up the connection and it's you it is typically an SSL connection. Yeah Well, no you use your AWS credentials like I logged into the into AWS Just like I logged into the console use that those similar type of credentials to Authenticate your secret on your access key. No, no Yes, yes Yes, yes, yes service catalog. Yes. Yes, I've got the room I can bring it up It's this afternoon now it's at 150 I'll find the session I Think I put it down. Yes. Yeah, East I knew it was East side East room one Yes, no, no application data. Yeah, not yet. Okay Thanks