nurul jannah binti mohamad yusoff · network analysis automation in openstack nurul jannah binti...
TRANSCRIPT
NETWORK ANALYSIS AUTOMATION IN OPENSTACK
NURUL JANNAH BINTI MOHAMAD YUSOFF
BACHELOR OF COMPUTER SCIENCE (COMPUTER
NETWORK SECURITY) WITH HONOURS
UNIVERSITI SULTAN ZAINAL ABIDIN
2018
NETWORK ANALYSIS AUTOMATION IN
OPENSTACK
NURUL JANNAH BINTI MOHAMAD YUSOFF
Bachelor of Computer Science (Computer Network Security)
With Honours
Faculty of Informatics and Computing
Universiti Sultan Zainal Abidin, Terengganu, Malaysia
September 2018
i
DECLARATION
I hereby declare that this report is based on my original work except for quotations and
citations, which have been duly acknowledged. I also declare that it has not been
previously or concurrently submitted for any other degree at University Sultan Zainal
Abidin or other institutions.
____________________________________
Name: Nurul Jannah Binti Mohamad Yusoff
Date:
ii
CONFIRMATION
This is to confirm that:
The research conducted and the writing of this report was under my supervision.
_____________________________________
Name: Prof. Madya Dr. Zarina Binti Mohamad
Date:
iii
DEDICATION
First and foremost, praised to Allah, the most Merciful for giving bless and
opportunity to undergo the final year project, Network Analysis Automation in
OpenStack.
Second, I would like to express my gratitude to my caring supervisor, Prof.
Madya Dr. Zarina Binti Mohamad for her full support, expert guidance, kindness, ideas
towards research of this project and gives me this meaningful experience. Next, I would
like to express my appreciation to my panels, Prof. Madya Dr. Mohamad Afendee Bin
Mohamed and Dr. Aznida Hayati Binti Zakaria @ Mohamad for their thoughtful
questions and comments regarding my final year project.
Other than that, I would like to thank my beloved family especially my mother
and my father, Zalina Binti Mohd and Mohamad Yusoff Bin Abd Aziz for their
unconditionally love, encouragement, support either financially, physically or mentally
during this project. Besides, thanks to all my friends especially my OpenStack and
Django members, Wan Nurshuhada Binti Wan Mohd Asri, Nor Ashila Binti Mohd
Rashid and Nur Izzati Sholehah Binti Azlan for their motivation, enthusiasm also
knowledge toward this project.
Last but not least, I would also like to thank all staff of the Faculty of Informatics
and Computing for helping me directly and directly as well as giving me this
opportunity to explore more about my project.
iv
ABSTRAK
Pada dekad terakhir ini dunia telah menyaksikan pertumbuhan pesat paradigma Cloud
Computing (CC) dalam dunia ICT. Ianya menarik banyak perhatian daripada akademik
dan industri. Pengurusan pusat data CC ini boleh digerakkan dan dilaksanakan dengan
baik kerana ianya disokong oleh kos perkakasan komoditi yang rendah seta
kepopularitian sistem operasi awan. OpenStack, platform pengkomputeran awan
terbuka yang agak baru, memberi tumpuan kepada penyampaian Network as a Service
(NaaS) menggunakan teknologi virtualisasi. OpenStack menjanjikan infrastruktur awan
berskala besar. Menjadi yang baru, ia masih akan disiasat mengenai bagaimana ianya
menyampaikan kebolehan tersebut dan apakah kerja yang tepat mengenai butiran
dalamannya. Data pemantauan rangkaian memberikan wawasan ke atas status operasi
rangkaian. Dengan cara yang semakin canggih untuk menyelidik, merangkumi dan
merakam aktiviti rangkaian, banyak data pemantauan membawa kedua-dua peluang dan
cabaran untuk analisis data rangkaian. Tujuan projek ini adalah untuk
mengautomasikan analisis rangkaian dalam platform OpenStack. Dengan menggunakan
pendekatan metodologi dan menjalankan pelbagai eksperimen, kami membentangkan
prestasi analisis rangkaian. Akhirnya, kami dapat membuat kesimpulan mengenai
automasi analisis rangkaian dalam OpenStack.
v
ABSTRACT
The last decade has witnessed the rapid growth of Cloud Computing (CC) paradigm in
the ICT world, drawing much attention from academia and industry. The increasing
popularity of cloud operating systems, supported by the vastly decreased cost of
commodity hardware, makes deploying and managing a CC data center more feasible
than ever. OpenStack, a relatively new open source cloud computing platform, focuses
on delivering Network as a Service (NaaS) using virtualization technology. OpenStack
promises large-scale cloud infrastructures. Being new, it remains to be investigated on
how it delivers those abilities and what the exact working of its internal details are.
Network monitoring data provides insight into the network operation status. With
increasingly sophisticated ways of probing, sampling and recording network activities,
the huge amount of monitoring data brings both an opportunity and a challenge for
network data analysis. The aim of this project is to automate the network analysis in the
OpenStack platform. Using a methodological approach and having carried out
numerous experiments, we present the performance of network analysis. Eventually,
we are able to draw conclusions on the automation of network analysis in OpenStack.
vi
CONTENTS
PAGE
DECLARATION i
CONFIRMATION ii
DEDICATION iii
ABSTRAK iv
ABSTRACT v
CONTENTS vi - viii
LIST OF FIGURES ix - xi
LIST OF ABBREVIATIONS xii - xiii
CHAPTER 1 INTRODUCTION
1.1 Background Project 1 - 3
1.2 Problem Statement 3
1.3 Objectives 3
1.4 Scopes 3
1.5 Limitation 4
1.6 Expected Result 4
vii
CHAPTER 2 LITERATURE REVIEW
2.1 Introduction 5
2.2 Cloud Computing 5 - 6
2.2.1 Cloud Computing Models 6 - 7
2.3 OpenStack 7 - 8
2.3.1 OpenStack Software Components 8 - 9
2.4 OpenStack Networking: Neutron 9 - 10
2.5 Analysis on Existing Research 10 - 11
2.6 Summary 11
CHAPTER 3 METHODOLOGY
3.1 Introduction 12
3.2 Framework 13 - 15
3.3 Proof of Concept 16 - 17
CHAPTER 4 IMPLEMENTATION
4.1 Introduction 18
4.2 Installation OpenStack 19 - 21
4.3 Configuration OpenStack Instance 21 - 37
viii
4.4 Configuration Network Analysis 37 - 38
4.5 Discussion 38
CHAPTER 5 CONCLUSION
5.1 Introduction 39
5.2 Project Contribution 39
5.3 Problems and Limitations 39 - 40
5.4 Future Work 40
5.5 Conclusion 40 - 41
REFERENCES 42 - 43
APPENDIX
A. Gantt Chart 44 - 47
ix
LIST OF FIGURES
FIGURE TITLE PAGE
2.3 OpenStack Conceptual Architecture 9
3.2 Framework of Network Analysis Automation in OpenStack 13
3.2.1 Data Model (Flowchart) in General About Network Analysis 14
3.3 Installation OpenStack 15
3.3.1 Installation Component in OpenStack 16
4.1 Installation OpenStack Progress 20
4.2 Installation OpenStack Completed Successfully 20
4.3 Admin Username and Password 21
4.4 Allocate Floating IP to Public Pool 21
4.5 Confirmation of Adding Floating IP 22
4.6 Create Network 22
4.7 Create Subnet 23
4.8 Confirmation of Creating Network 23
x
4.9 Create Router 24
4.10 Confirmation of Creating Router 24
4.11 Network Topology 25
4.12 Add Interface 25
4.13 Add Interface Successful 26
4.14 Create Security Group 27
4.15 Confirmation of Creating Security Group 27
4.16 Manage Rules for admin-SecurityGroup 27
4.17 Add Rule in admin-SecurityGroup 28
4.18 Add ICMP Rule 28
4.19 Confirmation of Adding ICMP Rule 29
4.20 Create Key Pair 29
4.21 Confirmation of Creating Key Pair 29
4.22 Create Image 30
4.23 Confirmation of Creating Image 30
4.24 Add Hostname to OpenStack Instance 31
4.25 Select OpenStack Instance Boot Source 31
4.26 Add Resources to OpenStack Instance 32
4.27 Add Network to OpenStack Instance 33
xi
4.28 Add Security Group to OpenStack Instance 33
4.29 Add Key Pair to OpenStack Instance 34
4.30 Configuration of OpenStack Instance 34
4.31 Confirmation of Launching Instance 35
4.32 Add Associate Floating IP to OpenStack Instance 35
4.33 Manage Floating IP Associations 36
4.34 Confirmation of Associating Floating IP 36
4.35 Console for Instance 37
4.36 ID of Virtual Machine Instance 37
xii
LIST OF ABBREVIATIONS / TERMS / SYMBOLS
IaaS Infrastructure as a Service
PaaS Platform as a Service
SaaS Software as a Service
VM Virtual Machine
API Application Programming Interface
CC Cloud Computing
NIST National Institute of Standards and Technology
XaaS Anything as a Service
REST API Representational State Transfer API
NAT Network Address Translation
DHCP Dynamic Host Configuration Protocol
FWaas Firewall as a Service
LBaaS LoadBalancer as a Service
VPN Virtual Private Network
xiii
VPNaaS VPN as a Service
CPU Central Processing Unit
VXLAN Virtual Extensible LAN
SSH Secure Shell
IP Internet Protocol
ICMP Internet Control Message Protocol
HTTP HyperText Transfer Protocol
OS Operating System
LAN Local Area Network
VCPU Virtual CPU
1
CHAPTER 1
INTRODUCTION
1.1 BACKGROUND PROJECT
Cloud computing is a model for allowing network access anywhere, convenient,
on-demand network access to a shared pool of configurable computing resources that
can be rapidly provisioned and released with minimal management effort or service
provider interaction [1]. In other words, cloud computing is a major transition from the
traditional way of business to think of IT resources. There are many common reasons
organizations are turning to cloud computing services such as cost, speed, performance,
and security [2]. Cloud computing deployment model can be private, public and hybrid
and cloud computing services can be divided into three categories: infrastructure as a
service (IaaS), platform as a service (PaaS) and software as a service (SaaS). There are
many examples of cloud computing such as Dropbox, Google Drive, Gmail, OpenStack
and more. This project will use one of those examples which are OpenStack.
OpenStack is an open-source platform for creating and managing cloud
infrastructures, originally developed by NASA and Rackspace. OpenStack operates
with large pools of computing, storage, and networking resources. It consisted of
2
Compute (Nova service) module responsible for arranging, managing and providing
virtual machines [3]. Object storage (Swift service) is a scalable redundant storage
system while block storage (Cinder service) manages virtualized block storage pools.
OpenStack dashboard (Horizon service) enables users to access and manage VMs, VNs
and other OpenStack resources via a web-based graphical users’ interface. OpenStack
has several other services that are commonly used by the above core projects, making
it easier to implement and operate on the cloud. These services are keystone (Identity
service), glance (Image service), ceilometer (Telemetry service) and heat (Orchestration
service). This project will emphasize neutron (Networking service) in OpenStack.
Neutron is an OpenStack project to provide “network connectivity as a service”
between interface devices managed by other OpenStack services [4]. It ensures the
network is not a bottleneck or limiting factor in a cloud computing. It is allowing users
to create and manage network objects, such as networks, subnets, and ports, which other
OpenStack services can use through an API. It is also allowing users to control traffic,
connect servers and device to one or more networks.
For the expected result, network analysis in OpenStack will be done
automatedly. It will easier the admin to manage the network and the automation features
can be cover and improve in OpenStack.
In conclusion, the OpenStack project has been on the market for over 5 years,
delivering one of the most successful open-source software platforms to use Cloud
Computing [5]. This software itself has been gradually accommodated with increasing
development efforts from the community to be more stable and to have more features
to meet the growing needs of Cloud providers and users. As OpenStack is a relatively
3
new and still growing cloud computing solution, it is very important to improve the
service in OpenStack and to add the features that will make easier to user and admin.
1.2 PROBLEM STATEMENT
OpenStack is an open source (release in 2010), openly designed, openly developed by
an open community. It is improved from one version to another but there are still many
features that need to be improved to become a complete software. One of the important
features that need to improve is automation that can be cover in the network area in
OpenStack. An automated system is required for performing network analysis,
processing the results and presenting the reports. Automating the network analysis
allows easy identification of lots of problems that network engineers know that they
should be done but never had the time to implement.
1.3 OBJECTIVES
1. To propose the automation of the network analysis in OpenStack.
2. To design the network analysis to be friendlier.
3. To implement the effectiveness automation of the network analysis in
OpenStack.
1.4 SCOPES
The scope of this project are as follows:
1. This project will configure and implement one of the cloud computing platforms
called OpenStack.
2. This project will integrate automation of network analysis in the OpenStack
platform.
4
1.5 LIMITATION
Some technical challenge of this project is described as follows:
1. No references for a similar project from senior’s thesis at Faculty Informatics
and Computing.
2. Time is spent more in the installation process and complicated to configure
OpenStack.
1.6 EXPECTED RESULT
Based on the objectives, an optimal result can be achieved which are:
1. Network analysis can be done automatedly in the OpenStack platform.
2. Easier to admin to monitor the network in OpenStack.
5
CHAPTER 2
LITERATURE REVIEW
2.1 INTRODUCTION
This chapter will discuss the previous articles and research papers that are
related to this project. It is important to gather the information or knowledge to get a
better understanding of the idea of how this project works. The literature review that
will be analyzed and summarize will be between 2011 until 2018.
2.2 CLOUD COMPUTING
Cloud Computing (CC) has been in the market for a while and is praised by
consumers and enterprise for its provision of on-demand access to scalable computing
resources, to meet the need services and applications with the growing complex. Yet
there has not been any standardized definition of what Cloud Computing is and as a
matter of fact, different companies and institutions tend to have their own definitions
for this new technology/business model [6-8].
6
Among many ways in the literature of how the term Cloud Computing is
defined, the one in the published work of the U.S. National Institute of Standards and
Technology (NIST) [8] has been taken as the de-facto definition:
“Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., network, servers,
storage, applications, and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.”
CC introduces a new way of optimally utilizing and computing power (CPU,
memory, storage), in which cloud resources are not only shared among multiple users
but also able to be dynamically supplied (on demand). Provisioned to users on a pay-
for-use basis, CC offers an attractive environment for users and enterprise to develop
and/or run Internet-based applications and services, with little concerns over upfront
costs as well as infrastructure maintenance costs.
2.2.1 CLOUD COMPUTING MODELS
The ICT industry has defined the three main forms of Cloud Computing
including Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure
as a Service (IaaS). These three models are commonly referred to as SPI model.
SaaS, short for Software-as-a-Service, is the most basic form of cloud service
where users are able to run their favourite applications and services (such as emails,
office, or even video games and so on) in the cloud. As such, users use the resources
effectively regardless of constraints on IT implementation problems. This model also
helps to minimize upfront cost in operation as well as maintenance. Typical examples
of SaaS are Google apps, Salesforce, Cisco, WebEx and so on.
7
PaaS, short for Platform-as-a-Service, provides a development platform (i.e.
development kits and a number of supported programming languages, database or other
software components) on which cloud users can leverage to develop, manage and run
their own applications and services. With PaaS, cloud users are given more control over
the environments for managing applications. Typical examples of PaaS include
Window Azure, Heroku, Google App Engine and so on.
IaaS, short for Infrastructure-as-a-Service, provides cloud users with physical
resources or virtual machines in terms of CPU, storage, load balancers or operating
system. Some IaaS service providers also provide disk image library and file-based
storage. Typical examples of IaaS include Amazon EC2, Google Compute Engine and
so on.
SaaS, PaaS, and IaaS as listed above are the most common forms of XaaS with
the provisioned resources being referred to software, platform, and infrastructure,
respectively. Everything-as-a-Service (also known as Anything-as-a-Service), or XaaS,
refers to the growing diversity of services provided over the Internet rather than locally
or non-premise.
2.3 OPENSTACK
OpenStack [9] is a free and open-source cloud computing software platform that
enables rapid deployment, management, and development of cloud infrastructure in a
data center. OpenStack was jointly launched by NASA [10] and Rackspace Hosting
[11] in July 2010 and is managed by the OpenStack Foundation. OpenStack Foundation
is a non-profit organization formed in September 2012 to promote the development,
distribution, and adoption of the software stack. Currently, the OpenStack project is
supported by more than 500 companies.
8
OpenStack platform provides cloud computing services running on standard
commodity hardware and is primarily deployed as an Infrastructure-as-a-Service (IaaS)
model. The software stack consists of a group of interrelated projects that control pools
of processing (Nova), storage (Swift, Cinder) and networking (Neutron) resources
throughout a data center. Management and control over these pools are exposed to users
through a web-based dashboard (Horizon), command-line tools, or a RESTful API. By
utilizing a massive collection of popular enterprises and open-source technologies,
OpenStack becomes an ideal solution for heterogeneous infrastructure.
The OpenStack project currently has a 6-month release cycle. There has been
18 stable release, among which the latest one (code name Rocky), was released in
August 2018 while the soon-to-be-released version (code name Stein) is planned to
come out on 10 April 2019 [12].
2.3.1 OPENSTACK SOFTWARE COMPONENTS
The OpenStack project consists of several interrelated sub-projects that help to
manage different aspects of hardware resources including computing, storage,
networking, and other related services, each of which offers its own set of APIs to
facilitate the integration of the whole software stack. Figure 2.3 illustrates the
OpenStack conceptual architecture with interactions among its software components
[13]. As an IaaS-focused cloud platform, OpenStack has VMs at its center, provisioned
by the Nova module. VMs are surrounded by other services including network
connectivity handled by Neutron; operating system images stored by Glance; storage
services provided by Swift and Cinder. Keystone is responsible for the authentication
of the whole OpenStack system while, at a high level, Horizon provides a web-based
management interface to all the other services.
9
Figure 2.3: OpenStack Conceptual Architecture
2.4 OPENSTACK NETWORKING: NEUTRON
The OpenStack Neutron project, having its premiere in Havana release (October
2013), replaces nova-network to provide OpenStack with a full-featured abstraction of
the Virtual Network Infrastructure as well as basic and advanced network services.
Thanks to Neutron, cloud users have access to essential networking infrastructure and
resources like network, subnet and router objects. The elements simulate functionalities
of real-world corresponding physical components: network consists of subnet
connected to routers, which route traffic between different subnets and networks.
Besides the provision of such basic network services as NAT, DHCP or routing,
Neutron also enables users to create advanced virtual network topologies including
services such as firewalls (Firewall-as-a-Service, or FWaaS), load balancers
10
(LoadBalancer-as-a-Service, or LBaaS) and virtual private networks (VPN-as-a-
Service, or VPNaaS).
2.5 ANALYSIS ON EXISTING RESEARCH
There are many previous kinds of research on network performance analysis and
automation. The first is Cloud Network Performance Analysis: An OpenStack Case
Study by Tuan-Anh BUI (2016) [5]. This thesis works aims to achieve a thorough
understanding of the OpenStack architecture, especially its Networking module and to
study the network performance of an OpenStack based cloud cluster. This stud comes
up with, beyond a high-level understanding of the software architecture, a detailed
deployment strategy along with a properly planned experimental and evaluative
methodology in order to give an insightful observation on OpenStack operation. They
are able to present the traffic patterns and the correspondingly measured network
performance (in terms of throughput and latency) under the Neutron-based architecture.
According to the experiment results, while packet encapsulation guarantees network
isolation in the OpenStack Cloud environment, its bandwidth utilization is limited to
below 30% of the underlying physical channel. Further system analysis based on CPU
profiling indicated that the use of VXLAN encapsulation potentially causes CPUs to
throttle and thus degrade the network performance.
Second is Network Automation and Orchestration by Juniper Network (2015)
[14]. This paper aims the need for network automation. Designed with a flexible and
open standards-based framework, Juniper Network tools and strategies help data center
infrastructures by enabling automation across the full operations lifecycle-from network
provisioning to management to orchestration. By leveraging these technologies,
11
networking professionals are able to reliably streamline processes, eliminate human
errors and maximize uptime.
Last but not least, Analysis Farm: A Cloud-based Scalable Aggregation and
Query Platform for Network Log Analysis by Jianwen WEI, Yusu ZHAO, Kaida
JIANG, Rui XIE and Yaohui JIN (2011) [15]. This paper proposed a scalable platform
for network log analysis, which targets for fast aggregation and agile query. Combining
the scalability of cloud-based infrastructure (OpenStack) and NoSQL data storage
system (MongoDB), they build the Analysis Farm prototype. Analysis Farm’s
scalability lies in the ability of storage expansion, computation upgrade and agile query.
In the evaluation experiments, Analysis Farm successfully finishes aggregation task
within a given time and demonstrates usable ad-hoc queries.
2.6 SUMMARY
Based on this chapter, it can be concluded that previous research is an important
step because it will give more knowledge about the topic and how the previous
researcher does their research. This is also important to not do the same mistake or the
same idea and technique that used.
12
CHAPTER 3
METHODOLOGY
3.1 INTRODUCTION
This chapter reports the approach or model development and application of a
comprehensive framework taken in the development of system, application or
implementation of the study. This chapter contains methods, techniques or approach
that will be used during the design and implementation of the project. The selection of
the most suitable methodology for the development of the project is very important as
the side effect of choosing false methodology is chaotic enough because the project
might not complete on the right schedule or the project might completely fail because
the developer might be lost guidance in order to complete the project development. All
the phases that involved during this project will be detailed.
13
3.2 FRAMEWORK
Figure 3.2: Framework of Network Analysis Automation in OpenStack
Figure 3.2 shows an overall framework of Network Analysis Automation in
OpenStack. The first step is to install CentOS 7 in VirtualBox. Next, install and
configure OpenStack as a platform in CentOS 7. Then, the new program will be added
in file neutron in OpenStack. Finally, the result will be displayed in the admin
dashboard.
Install CentOS 7 in
VirtualBox Install and configure
OpenStack in CentOS
7
Add new program in
file neutron in
OpenStack
Result will be
displayed at the
admin dashboard
14
Figure 3.2.1: Data Model (Flowchart) in General About Network Analysis
Success?
Start
End
User report the
problem
Gather the specific
data
Combine that data
Do program analysis
Admin make the
report of the solution
The solution will be
displayed at admin
dashboard
No
Yes
15
Figure 3.2.1 shows data model (flowchart) in general about network analysis.
First, the user will report the problem that occurs. Then, the data to solve the specific
problem will be gathered and combine. After that, problem analysis will take the job. If
the program analysis is successful, the solution for a specific problem will be displayed
at the admin dashboard and admin can make the report of the solution. If the program
analysis unsuccessful, the program analysis will be redone to get the good and better
solution.
16
3.3 PROOF OF CONCEPT
Figure 3.3: Installation OpenStack
Figure 3.3.1 shows the proof that OpenStack had been installed in CentOS 7.
Linux command is used in this project to locate where the directory of OpenStack in
system’s root. This Linux command is based on the root. First, go to the entire system’s
root directory by using command ‘cd/’. Then by using the command ‘ls’, it will list all
the directory in system’s root. After that, use the command ‘cd etc’ to go to the directory
etc, files in the root and it will list all the files in the directory etc. openstack_dashboard
is in the list which is means OpenStack had been installed.
17
Figure 3.3.1: Installation Component in OpenStack
Figure 3.3.2 shows that not only OpenStack dashboard had been installed but
the other components in OpenStack also had been installed such as glance for image
service, neutron for networking service, cinder for block storage service, keystone for
identity service and nova for compute service. This is all core components in
OpenStack.
18
CHAPTER 4
IMPLEMENTATION
4.1 INTRODUCTION
This chapter contains step by step on configuring OpenStack cloud platform and
automates network analysis in this platform. There are several steps that must be
followed such as configuring and customizing OpenStack dashboard, install OpenStack
components such as ceilometer (Telemetry Service) and automate network analysis.
OpenStack is a cloud operating system that controls large pools of compute,
storage, and networking resources throughout a datacentre, all managed through a
dashboard that gives administrators control while empowering their users to provision
resources through a web interface. It is founded on 2010, joint project between
Rackspace and NASA, manage by OpenStack foundation, non-profit organizations. The
language that OpenStack used is Python.
19
4.2 INSTALLATION OPENSTACK
This project use packstack to install OpenStack. Packstack is a command or tool
which is used interactively or by generating an answer file which contains a set of
OpenStack services configuration variable in order to assist and reduce human error
during the installation of OpenStack services.
First step is to make sure below services has been stop and disabled.
Second step is to change the current selinux protection to disabled.
Third step is to create an environment file /etc/environment and fill it with below
variable.
Fourth step is to install OpenStack repository using below command.
20
Figure 4.1: Installation OpenStack Progress
Figure 4.2: Installation OpenStack Completed Successfully
Figure 4.1 and 4.2 show that the installation of OpenStack by the package.
Packstack is an OpenStack setup utility, it uses Puppet modules to deploy, using SSH.
It will install all the services/components that are related to OpenStack.
21
Figure 4.3: Admin Username and Password
Figure 4.3 shows that the username (by default will be admin) and the password
that can get from the keystonerc_admin. The user can find it at the /root directory.
Keystone is the identity service/component for the OpenStack.
4.3 CONFIGURATION OPENSTACK INSTANCE
Figure 4.4: Allocate Floating IP to Public Pool
Figure 4.4 shows that the allocation of floating IP to allows external access from
outside networks or internet to an OpenStack virtual machine. In order to create floating
IPs for the user project, log in with the user credentials and go to Project -> Compute -
> Network -> Floating IPs tab and click on Allocate IP to Project.
22
Figure 4.5: Confirmation of Adding Floating IP
Figure 4.5 shows that the confirmation of adding floating IP after the user clicks
on Allocate IP button. It is a good idea to allocate a floating IP for each instance the
user run.
Figure 4.6: Create Network
Figure 4.6 shows that the network is created (admin-net) that connect directly to
the VMs or instances.
23
Figure 4.7: Create Subnet
Figure 4.7 shows that the subnet is created to associate with the admin-net. The
user can specify the subnet name (admin-subnet) and network address (192.168.0.0/24).
The gateway IP will be assigned by default if the user does not enter gateway IP.
Figure 4.8: Confirmation of Creating Network
Figure 4.8 shows the confirmation of creating the network after the user clicks
on Create button.
24
Figure 4.9: Create Router
Figure 4.9 shows that the router is created to allow the outside network to access
VMs or instances. Each router has one gateway that is connected to an external network
and one or more interfaces connected to internal networks. The user can specify the
router name (admin-router).
Figure 4.10: Confirmation of Creating Router
Figure 4.10 shows the confirmation of creating the router after the user clicks
on Create Router button.
25
Figure 4.11: Network Topology
Figure 4.11 shows the network topology. The user can mouse hover on the router
and click on + Add Interface to add an internal interface on the router.
Figure 4.12: Add Interface
26
Figure 4.12 shows the add interface tab. The user can select any subnet that they
want to connect to the router, in this case, specify to admin-net: 192.168.0.0/24 (admin-
subnet). The user can specify the IP address to assign to the interface.
Figure 4.13: Add Interface Successful
Figure 4.13 shows that the interface is added successfully. After this, the user
can continue to create a security group, key pair, images, and instance.
27
Figure 4.14: Create Security Group
Figure 4.14 shows that security group is created to define security firewall rules.
Security groups are sets of IP filter rules that are applied to network interfaces of a VM.
The user can specify the security group name (admin-SecurityGroup).
Figure 4.15: Confirmation of Creating Security Group
Figure 4.15 shows the confirmation of creating security group after the user
clicks on Create Security Group button.
Figure 4.16: Manage Rules for admin-SecurityGroup
28
Figure 4.16 shows that the rules must be managed in admin-SecurityGroup. The
user can click on Manage Rules button.
Figure 4.17: Add Rule in admin-SecurityGroup
Figure 4.17 shows that the rules will be added in admin-SecurityGroup.
Figure 4.18: Add ICMP Rule
Figure 4.18 shows that the ICMP rule is added. Choose All ICMP from drop-
down Rule button and click on Add button. Similarly, the user must add a rule for SSH
and HTTP.
29
Figure 4.19: Confirmation of Adding ICMP Rule
Figure 4.19 shows the confirmation of adding ICM rule after the user clicks on
Add button. It is similar to SSH rule and HTTP rule.
Figure 4.20: Create Key Pair
Figure 4.20 shows that the key pair must be created to access the VM. Key pair
is how the user login to their instance after it is launched. The user can specify the key
pair name (admin-KeyPair).
Figure 4.21: Confirmation of Creating Key Pair
Figure 4.21 shows the confirmation of creating a key pair after the user clicks
on + Create Key Pair button.
30
Figure 4.22: Create Image
Figure 4.22 shows that the image must be created to launch an instance. The
user can specify the image name (CentOS 7) and choose the file which is the user can
download OS from the browser. The user must also choose the format and that format
must be the same with the OS that the user download.
Figure 4.23: Confirmation of Creating Image
Figure 4.23 shows the confirmation of creating image after the user clicks on
Create Image button.
31
Figure 4.24: Add Hostname to OpenStack Instance
Figure 4.24 shows the details of the instance. The user can specify the instance
name for the instance (CentOS 7) because this name will be used to form the virtual
machine hostname. The user can leave the Availability Zone to nova, use one instance
count and click on Next button to continue.
Figure 4.25: Select OpenStack Instance Boot Source
32
Figure 4.25 shows that source for the instance. Select Image as a Boot Source,
add CentOS 7 image created earlier by hitting the + button and click on Next to proceed
further.
Figure 4.26: Add Resources to OpenStack Instance
Figure 4.26 shows that the flavor needs for the instance. Allocate the virtual
machine resources by adding a flavor best suited for the user needs and click on Next
button to move on.
33
Figure 4.27: Add Network to OpenStack Instance
Figure 4.27 shows that the network for the instance. Add one of the OpenStack
available networks to the instance using the + button and click on Next to proceed.
Figure 4.28: Add Security Group to OpenStack Instance
Figure 4.28 shows that the security group for the instance. Security groups are
sets of IP filter rules that are applied to network interfaces of a VM. Click on Next
button to go to Key Pair.
34
Figure 4.29: Add Key Pair to OpenStack Instance
Figure 4.29 shows that the key pair for the instance. Key pair must be added to
access the VM. Key pair is how the user login to their instance after it is launched. Click
on Next button to continue.
Figure 4.30: Configuration of OpenStack Instance
35
Figure 4.30 shows the configuration for instance. The user can set the password
for the instance here. Click on Launch Instance to start the virtual machine.
Figure 4.31: Confirmation of Launching Instance
Figure 4.31 shows the confirmation of launching Instance after the user clicks
on Launch Instance button.
Figure 4.32: Add Associate Floating IP to OpenStack Instance
Figure 4.32 shows that the floating IP will be associated with the instance. Once
the instance has been started, click on the right arrow from Create Snapshot menu button
and choose Associate Floating IP.
36
Figure 4.33: Manage Floating IP Associations
Figure 4.33 shows that the associate in order to make the instance reachable
from the user internal LAN. Click on Associate button to associate floating IP to the
instance.
Figure 4.34: Confirmation of Associating Floating IP
Figure 4.34 shows the confirmation of Associating floating IP to the instance.
37
Figure 4.35: Console for Instance
Figure 4.35 shows that the CentOS 7 virtual machine that is completely created.
The user can click on Console button and the interface of CentOS 7 will appear.
4.4 CONFIGURATION NETWORK ANALYSIS
Figure 4.36: ID of Virtual Machine Instance
Figure 4.36 shows that the first step to do network analysis in OpenStack. The
user must use the nova list command to find the ID of the virtual machine instance that
want to be analyzed.
38
The next step for the network analysis cannot be continued and done because
there are many problems occurred during the process such as the database that needs to
be installed are not available and other OpenStack components cannot be installed too.
4.5 DISCUSSION
At the end of this project, the result of network analysis should appear at the
admin dashboard. Admin no longer needs to go to each user account to analyze their
network. This project will be able to simplify the admin work in analyzing each user’s
network by providing a button on the admin dashboard. Admin only needs to click on
the button and the network of each user will appear on the admin dashboard.
Additionally, this project can also help admin to create a network analysis report on
each user.
39
CHAPTER 5
CONCLUSION
5.1 INTRODUCTION
This chapter is discussed about project contribution, future work especially
highlighting the problems and limitations that occurred during the process of
completing the project.
5.2 PROJECT CONTRIBUTION
Network Analysis Automation in OpenStack can help and easier to admin to
monitor or analyze the user’s network. It will make admin work faster and reduce time
to analyze user networks one by one. Admin can allocate the time used to analyze the
user’s network to work that requires more admin’s attention.
5.3 PROBLEMS AND LIMITATIONS
Each project must have some problems that occur throughout the
implementation process. The problems in limitations in conducting this project are:
The time to install and configure OpenStack is taken too long because
OpenStack version does not support by CentOS 7. Variety of ISO CentOS 7 is download
40
and used to try match OpenStack version. Other than that, the installation package of
OpenStack is taken too long too because sometimes the main component in OpenStack
such as controller, network and compute does not completely install as the network is
not stable.
Next, only one instance can be created in OpenStack at one time because VCPU
only limited to one. When other instances are created at that time, the error will be
displayed.
Lastly, this project needs to have a large portion of storage because when
launching the instance, it will take some of the storage from the physical computer. The
cloning of the VM must have the limit because cloning VM also take some of the storage
from the physical computer.
5.4 FUTURE WORK
There are another suggestion and improvement that can be applied in future
work project regarding this network analysis in OpenStack. The user manual needs to
be provided and explanation needs to be brief in details that related in the configuration
of OpenStack and its components as there are limited sources that are available to get
started with.
5.5 CONCLUSION
Network Analysis Automation in OpenStack is a project that will easier for
admin to analyze network for every instance that is created by the users. This project
also can help admin make a report based on network usage such as bandwidth statistics
(minimum, maximum, and average of data for incoming and outgoing packets).
41
However, there are some limitations thus this project cannot be completed within the
expected time.
42
REFERENCES
Basic vi Commands. (n.d.). Retrieved from Colorado State University Computer
Science Department: https://www.cs.colostate.edu/helpdocs/vi.html
BUI, T.-A. (2016). Cloud Network Performance Analysis: An OpenStack Case Study.
6-10, 12-13.
Cezar, M. (2016, May 2). How to Create, Deploy and Launch Virtual Machines in
OpenStack. Retrieved from TechMint: https://www.tecmint.com/create-deploy-
and-launch-virtual-machines-in-openstack/
Inc., J. N. (2015). Network Automation and Orchestration. Building an Agile Data
Center Infrastructure with Juniper Networks, 9.
Kalapatapu, A. &. (2012). Cloud Computing: An Overview. Cloud Computing:
Methodology, Systems and Applications, 1-28.
Kumar, P. (2016, January 3). Launch an Instance from OpenStack Dashboard.
Retrieved from LinuxTechi: https://www.linuxtechi.com/launch-instance-from-
openstack-dashboard/
Mell, P. &. (2009). The NIST definition of cloud computing. National institute of
standards and technology, 53 (6), 50.
43
Mell, P. &. (2011). The NIST definition of cloud computing. 2-3.
Molica, G. (2017, February 1). New release of CentOS Linux 7. Retrieved from
Unixmen: https://www.unixmen.com/new-release-of-centos-linux-7/
OpenStack Release. (2019, May 7). Retrieved from openstack:
https://releases.openstack.org/
Overview. (2016, November 24). Retrieved from openstack:
https://docs.openstack.org/liberty/install-guide-ubuntu/overview.html
Packt. (2015, October 7). Monitoring OpenStack Networks. Retrieved from Packt>:
https://hub.packtpub.com/monitoring-openstack-networks/
Perepa, S. (2013, August 21). What is OpenStack? Retrieved from IBM:
https://www.ibm.com/blogs/cloud-computing/2013/08/21/what-is-openstack/
Vaquero, L. M.-M. (2009). A Break in the Clouds: Towards a Cloud Definition. 52.
Wei, J. Z. (2011). Analysis Farm: A Cloud-based Scalable Aggregation and Query
Platform for Network Log Analysis. 6.
Welcome to Neutron's Documentation! (2018, March 8). Retrieved from openstack:
https://docs.openstack.org/neutron/latest/
What is cloud computing? A beginner's guide. (2019). Retrieved from Microsoft Azure:
https://azure.microsoft.com/en-us/overview/what-is-cloud-computing/
44
APPENDIX
GANTT CHART
45
Week
Activity
1 2 3 4 5 6 7 8 9 1
0
1
1
1
2
1
3
1
4
1
5
1
6
Discuss the title of the final
year project with
supervisor.
Submission of the title and
abstract of the project.
Specification of problem
statement, objectives,
scope, and literature
review.
Preparation for proposal
presentation.
Proposal presentation.
Proposal correction and
proposed solution
methodology.
Research of literature
review.
Documentation of
proposal.
46
Report submission to the
supervisor (Chapter 1 &
Chapter 2).
Report submission to the
supervisor (Chapter 3).
Prepare slide for final
proposal presentation.
Final presentation for FYP
1.
Final report submission to
supervisor.
Final report & log book
submission.
Gantt Chart (FYP 1)
47
Week
Activity
1 2 3 4 5 6 7 8 9 1
0
1
1
1
2
1
3
1
4
1
5
1
6
Project meeting with
supervisor.
Project development.
Project meeting with
supervisor.
Project progress
presentation.
Project development and
project testing.
Online submission of
poster link.
Final presentation for FYP
2.
Final thesis submission &
log book to supervisor.
Submission hardcover to
Faculty.
Gantt Chart (FYP 2)