Learn about OpenStack services and their functions

1. Overview

Before you get started!

Welcome to OpenStack!

In this series of tutorials, we will walk you through all the necessary steps to install, configure and get started with OpenStack. Using just your workstation, you will learn how to use OpenStack for cloud infrastructure implementation purposes, from a single-node installation to large-scale clusters.

This tutorial is the third in the “Phase I - Single-node OpenStack on your workstation” series.

Explore other tutorials >

What is OpenStack?

OpenStack is a collection of open-source projects designed to work together to form the basis of a cloud. OpenStack can be used for both private and public cloud implementation.

What is Sunbeam?

Sunbeam is an OpenStack project created to set the foundation for zero-ops OpenStack. By using highly opinionated architecture and native Kubernetes principles, Sunbeam delivers distilled OpenStack excellence on top of K8s.

What is MicroStack?

MicroStack (based on Sunbeam) is an OpenStack flavour designed for small-scale cloud environments, edge deployments, testing and development, with full commercial support available from Canonical.

In this tutorial, you will learn how to:

Distinguish between the various OpenStack services
Distinguish between the various OpenStack service endpoints
Distinguish between the various OpenStack service components
Use the OpenStack client to communicate with OpenStack services

You will only need:

One fresh physical or virtual machine with:

The latest Ubuntu LTS installed,
Static IP address assigned to its primary network interface,
OpenSSH server installed and configured,
4+ core amd64 CPU,
16 GB of RAM,
50 GB of storage.
OpenStack cloud bootstrapped, configured and sample instance launched,
OpenStack client set up.

2. List OpenStack services

OpenStack uses a modular architecture. It consists of multiple services that run in isolation and perform basic functions, such as mage catalogue maintenance, instance provisioning, etc.

To list all registered OpenStack services, execute the following command:


$ openstack catalog list

Sample output excerpt:


+-----------+-----------+--------------------------------------------------------------------------+
| Name      | Type      | Endpoints                                                                |
+-----------+-----------+--------------------------------------------------------------------------+
...
| keystone  | identity  | RegionOne                                                                              |
|           |           |   internal: http://10.20.21.10:80/openstack-keystone                                   |
|           |           | RegionOne                                                                              |
|           |           |   public: http://10.20.21.10:80/openstack-keystone                                     |
|           |           | RegionOne                                                                              |
|           |           |   admin: http://10.152.183.247:5000                                                    |
...
+-----------+-----------+--------------------------------------------------------------------------+

OpenStack services expose API endpoints, which are used to communicate with other services and to provide access for tenants through the OpenStack client and the OpenStack dashboard. Each service exposes three endpoints:

internal provides access for other OpenStack services.
admin provides access for the admin project.
public provides access for other projects.
For security reasons, those might be bound to different IP addresses, subnets or even physical networks in more advanced scenarios.

Each OpenStack service consists of multiple components that run as separate processes, usually across different nodes in the cluster. Individual components of a single OpenStack service communicate with each other through the Message Queue.

3. Explore the Keystone service

Keystone is the OpenStack identity service. It manages domains, projects (which can be used to enable multi-tenancy in OpenStack) and user accounts. Moreover, Keystone provides authentication and authorisation functions.

To communicate with Keystone, you can use the OpenStack client. For example, to list all users created by Keystone, execute the following command:


$ openstack user list

Sample output:


+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| d02e579597fa4e95bcff800dfba5e63e | admin |
+----------------------------------+-------+

As you can see, Keystone created the admin user. Remaining default user accounts are created in other Keystone domains.

To learn more about Keystone, refer to the tutorial “6. Identities”.

4. Explore the Glance service

Glance is the OpenStack image service. It manages the catalogue of cloud images that are used as templates for instance provisioning purposes.

To communicate with Glance, you can use the OpenStack client. For example, to list all images uploaded to Glance, execute the following command:


$ openstack image list

Sample output:


+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 4c4fbf96-c5e5-49de-be6d-31bea2ea0ac8 | ubuntu | active |
+--------------------------------------+--------+--------+

As you can see, the Ubuntu image has already been uploaded to Glance.

To learn more about Glance, refer to the tutorial “5. Templates”.

5. Explore the Neutron service

Neutron is the OpenStack network service. It manages virtual networks, subnets, and routers, as well as security groups and other resources. Neutron provides a programmable layer above common software-defined networking (SDN) solutions, seamlessly integrating with other OpenStack services.

To communicate with Neutron, you can use the OpenStack client. For example, to list all virtual networks created by Neutron, execute the following command:


$ openstack network list

Sample output:


+--------------------------------------+------------------+--------------------------------------+
| ID                                   | Name             | Subnets                              |
+--------------------------------------+------------------+--------------------------------------+
| 1e492e7c-b072-4eca-a51c-bede3e5e76ab | demo-network     | d79b85a4-7318-48af-b6d9-0ae4111f65f6 |
| 7b9e59ce-3195-4b4a-b9e7-e95130958bc7 | external-network | cf565a21-a002-47ae-b817-3dc29cd332cd |
+--------------------------------------+------------------+--------------------------------------+

As you can see, Neutron created two virtual networks: one for inter-project communication and another one for communication with the external world.

To learn more about Neutron, refer to the tutorial “8. Network”.

6. Explore the Nova service

Nova is the OpenStack compute service. It is responsible for instance scheduling, provisioning and termination. Nova provides a programmable layer above common hypervisors, seamlessly integrating with other OpenStack services.

To communicate with Nova, you can use the OpenStack client. For example, to list all hypervisors managed by Nova, execute the following command:


$ openstack hypervisor list

Sample output:


+--------------------------------------+------------------------------+-----------------+--------------+-------+
| ID                                   | Hypervisor Hostname          | Hypervisor Type | Host IP      | State |
+--------------------------------------+------------------------------+-----------------+--------------+-------+
| 7f738a7e-9f93-49ba-b9cc-ab32b2abd065 | ip-172-31-8-117.ec2.internal | QEMU            | 172.31.8.117 | up    |
+--------------------------------------+------------------------------+-----------------+--------------+-------+

As you can see, Nova currently manages one hypervisor, which is the workstation we installed Sunbeam on.

To learn more about Nova, refer to the tutorials “5. Templates” and “9. Instances”.

7. Explore the Cinder service

Cinder is the OpenStack storage service. It is responsible for scheduling, creating and terminating persistent block storage volumes. Cinder provides a programmable layer above common software-defined storage (SDS) solutions, seamlessly integrating with other OpenStack services.

To learn more about Cinder, refer to the tutorial “10. Storage”.