Learn about OpenStack services and their functions

Before you get started!

Welcome to OpenStack!

In this series of tutorials, we will walk you through all the necessary steps to install, configure and get started with OpenStack. Using just a single machine, you will learn how to use OpenStack for cloud infrastructure implementation purposes, from a single-node installation to large-scale clusters.

This tutorial is the third in the “Phase 1 - Learn OpenStack” series.

Explore other tutorials >

What is OpenStack?

OpenStack is a collection of open source projects designed to work together to form the basis of a cloud. OpenStack can be used for both private and public cloud implementation.

What is Sunbeam?

Sunbeam is an upstream project under the governance of the OpenInfra Foundation (OIF), which was created to lower the barrier to entry for OpenStack, simplify its adoption process, and set the foundation for an autonomous private cloud. Sunbeam uses cloud-native architecture and total bottom-up automation to make OpenStack more accessible to newcomers and to help users get to grips with the platform immediately.

What is MicroStack?

MicroStack (based on Sunbeam) is an OpenStack distribution designed for small-scale cloud environments. While it is available with full commercial support from Canonical, it can also be self-deployed with no friction, effectively eliminating the need for a paid consulting engagement. MicroStack currently includes core OpenStack services only, but is expected to evolve quickly to ensure full feature parity with Canonical’s Charmed OpenStack soon.

In this tutorial, you will learn how to:

• Distinguish between the various OpenStack services
• Distinguish between the various OpenStack service endpoints
• Distinguish between the various OpenStack service components
• Use the OpenStack client to communicate with OpenStack services

You will only need:

One fresh physical or virtual machine with:

• Ubuntu 22.04 LTS installed,
• Static IP address assigned to its primary network interface,
• OpenSSH server installed and configured,
• 4+ core amd64 CPU,
• 16 GB of RAM,
• 50 GB of SSD storage.
• OpenStack cloud bootstrapped, configured and sample instance launched,
• OpenStack client set up.

OpenStack uses a modular architecture. It consists of multiple services that run in isolation and perform basic functions, such as mage catalogue maintenance, instance provisioning, etc.

To list all registered OpenStack services, execute the following command:

$ openstack catalog list

Sample output excerpt:

+-----------+-----------+--------------------------------------------------------------------------+
| Name      | Type      | Endpoints                                                                |
+-----------+-----------+--------------------------------------------------------------------------+
...
| keystone  | identity  | RegionOne                                                                              |
|           |           |   internal: http://10.20.21.10:80/openstack-keystone                                   |
|           |           | RegionOne                                                                              |
|           |           |   public: http://10.20.21.10:80/openstack-keystone                                     |
|           |           | RegionOne                                                                              |
|           |           |   admin: http://10.152.183.247:5000                                                    |
...
+-----------+-----------+--------------------------------------------------------------------------+

OpenStack services expose API endpoints, which are used to communicate with other services and to provide access for tenants through the OpenStack client and the OpenStack dashboard. Each service exposes three endpoints:

• internal provides access for other OpenStack services.
• admin provides access for the admin project.
• public provides access for other projects.
  For security reasons, those might be bound to different IP addresses, subnets or even physical networks in more advanced scenarios.

Each OpenStack service consists of multiple components that run as separate processes, usually across different nodes in the cluster. Individual components of a single OpenStack service communicate with each other through the Message Queue.

Keystone is the OpenStack identity service. It manages domains, projects (which can be used to enable multi-tenancy in OpenStack) and user accounts. Moreover, Keystone provides authentication and authorisation functions.

To communicate with Keystone, you can use the OpenStack client. For example, to list all users created by Keystone, execute the following command:

$ openstack user list

Sample output:

+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| d02e579597fa4e95bcff800dfba5e63e | admin |
+----------------------------------+-------+

As you can see, Keystone created the admin user. Remaining default user accounts are created in other Keystone domains.

To learn more about Keystone, refer to the tutorial “6. Identities”.

Glance is the OpenStack image service. It manages the catalogue of cloud images that are used as templates for instance provisioning purposes.

To communicate with Glance, you can use the OpenStack client. For example, to list all images uploaded to Glance, execute the following command:

$ openstack image list

Sample output:

+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 4c4fbf96-c5e5-49de-be6d-31bea2ea0ac8 | ubuntu | active |
+--------------------------------------+--------+--------+

As you can see, the Ubuntu image has already been uploaded to Glance.

To learn more about Glance, refer to the tutorial “5. Templates”.

Neutron is the OpenStack network service. It manages virtual networks, subnets, and routers, as well as security groups and other resources. Neutron provides a programmable layer above common software-defined networking (SDN) solutions, seamlessly integrating with other OpenStack services.

To communicate with Neutron, you can use the OpenStack client. For example, to list all virtual networks created by Neutron, execute the following command:

$ openstack network list

Sample output:

+--------------------------------------+------------------+--------------------------------------+
| ID                                   | Name             | Subnets                              |
+--------------------------------------+------------------+--------------------------------------+
| 1e492e7c-b072-4eca-a51c-bede3e5e76ab | demo-network     | d79b85a4-7318-48af-b6d9-0ae4111f65f6 |
| 7b9e59ce-3195-4b4a-b9e7-e95130958bc7 | external-network | cf565a21-a002-47ae-b817-3dc29cd332cd |
+--------------------------------------+------------------+--------------------------------------+

As you can see, Neutron created two virtual networks: one for inter-project communication and another one for communication with the external world.

To learn more about Neutron, refer to the tutorial “8. Network”.

Nova is the OpenStack compute service. It is responsible for instance scheduling, provisioning and termination. Nova provides a programmable layer above common hypervisors, seamlessly integrating with other OpenStack services.

To communicate with Nova, you can use the OpenStack client. For example, to list all hypervisors managed by Nova, execute the following command:

$ openstack hypervisor list

Sample output:

+--------------------------------------+------------------------------+-----------------+--------------+-------+
| ID                                   | Hypervisor Hostname          | Hypervisor Type | Host IP      | State |
+--------------------------------------+------------------------------+-----------------+--------------+-------+
| 7f738a7e-9f93-49ba-b9cc-ab32b2abd065 | ip-172-31-8-117.ec2.internal | QEMU            | 172.31.8.117 | up    |
+--------------------------------------+------------------------------+-----------------+--------------+-------+

As you can see, Nova currently manages one hypervisor, which is the machine we installed Sunbeam on.

To learn more about Nova, refer to the tutorials “5. Templates” and “9. Instances”.

Cinder is the OpenStack storage service. It is responsible for scheduling, creating and terminating persistent block storage volumes. Cinder provides a programmable layer above common software-defined storage (SDS) solutions, seamlessly integrating with other OpenStack services.

To learn more about Cinder, refer to the tutorial “10. Storage”.

Congratulations! You have reached the end of this tutorial.

You can now move to the next tutorial - “4. Dashboard” - or explore other tutorials.

In this tutorial, you have learnt how to:

• Distinguish between the various OpenStack services
• Distinguish between the various OpenStack service endpoints
• Distinguish between the various OpenStack service components
• Use the OpenStack client to communicate with OpenStack services

Where to go from here?

• Refer to Sunbeam documentation
• Join the community and ask questions
• Report a bug in Sunbeam
• Explore Charmed OpenStack