Skip to main content

Overview

Updated Sep 15, 2023 ·

OpenStack

OpenStack is an open-source cloud platform that lets you build and manage your own cloud using standard building blocks. It orchestrates pools of compute, storage, and networking resources through APIs and a web dashboard.

OpenStack exposes infrastructure through simple, consistent abstractions so users do not need to care about the underlying technology.

  • Compute resources such as virtual machines and bare metal servers
  • Storage resources such as block storage, object storage, and file shares
  • Network resources such as networks, subnets, routers, and load balancers

These abstractions keep the user experience the same while allowing the backend to change freely. OpenStack turns different hypervisors, storage systems, and network devices into shared resource pools.

  • Compute (Nova) orchestrates hypervisors
  • Block storage (Cinder) provides persistent disks
  • Object storage (Swift) provides scalable object storage
  • Networking (Neutron) manages virtual networks

This approach reduces complexity while keeping infrastructure flexible and consistent.

How Users Interact with OpenStack

Users manage their cloud resources through self-service tools provided by OpenStack.

  • Web dashboard (Horizon) for graphical access
  • Command line tools for scripting and automation
  • APIs for integration with other platforms

All of these tools talk to OpenStack services using the same APIs, which keeps behavior consistent and predictable. Additionally, all three access methods rely on Keystone for authentication.

Modular Design

OpenStack is not a single application. It is a collection of many independent projects. It is modular, with core and optional projects. Core projects are commonly deployed, while optional projects depend on the use case.

  • Core projects handle essential cloud services
  • Optional projects provide additional features if needed

Using the Project Navigator website, you can see all OpenStack projects, their status, maturity, and sample configurations for real-world scenarios like web hosting, e-commerce, or big data.

Core OpenStack Services

There are several core services that most deployments include.

  • Identity service for authentication and authorization
  • Compute service for virtual machines
  • Networking service for virtual networks
  • Block storage service for persistent disks
  • Image service for VM images
  • Object storage service for scalable storage

These services provide the basic functionality needed to run a cloud.

Optional OpenStack Services

Many deployments also use optional services to extend functionality.

  • Data processing services
  • Workflow and automation services
  • Container and application platforms

These services are added only when needed, which keeps the cloud flexible and customizable.

Control and Data Planes

OpenStack separates control and data planes to manage resources efficiently.

  • Control plane handles requests and scheduling
  • Data plane executes tasks on compute and storage hosts

Separating these planes ensures workloads keep running even when controllers are restarted. It also allows network traffic to be segmented for security and performance.

For more information, please see OpenStack Architecture.

Regions and Availability Zones

OpenStack supports multiple Regions and Availability Zones for scale, isolation, and resilience.

  • Regions

    • Independent OpenStack deployments sharing a Keystone catalog
    • Users choose regions for latency or disaster recovery

  • Availability Zones (AZs)

    • User-visible fault domains within a region
    • Spread redundant instances across AZs to survive hardware failures

Regions and AZs allow admins to upgrade independently, meet data laws, and provide high SLAs without complex clustering.

Host Aggregates and Cells

OpenStack uses host aggregates and cells to organize resources, scale efficiently, and enforce policies automatically.

Host Aggregates

Host aggregates group hosts by metadata such as GPU, SSD, or maintenance windows. The scheduler uses these tags to place VMs on hosts that match requested traits.

Example metadata:

gpu=true
ssd=true
maintenance=windows-approved

Host aggregates make it easy to manage special hardware, such as GPUs or SSDs, while keeping VM placement automatic and consistent.

Cells v2

Cells partition OpenStack deployments into smaller, manageable units to improve scalability and avoid database bottlenecks.

  • Each cell has its own database and message queue
  • The top-level API cell manages global requests and authentication
  • Child cells manage local resources and compute nodes

The API cell and child cells work together to make this structure effective:

  • API Cell

    • Authenticates incoming requests via Keystone
    • Routes requests to the correct child cell
    • Keeps tenants unaware of internal cell structure

  • Child Cells

    • Manage a subset of compute nodes, databases, and message queues
    • Handle local scheduling, networking, and storage operations
    • Failures in one child cell do not affect others
    • Operate independently but follow global policies from the API cell

Example Workflow

A user in Region West deploys a three-tier app with Heat:

  1. Nova API authenticates through Keystone and forwards requests to the right cell
  2. Scheduler picks hosts in the chosen AZs and combines resources
  3. Neutron and Cinder agents manage networking and storage within each cell

Typical flow:

Region -> AZ -> Cell -> Host

Outcome: The app runs resiliently and efficiently, following placement policies automatically.

Node Roles

OpenStack runs on Linux servers that assume one or more roles depending on the deployment size.

Node TypePurposeTypical Services
Controller
  • Host APIs, schedulers, databases, and message queues
  • Manage orchestration and user authentication
  • Coordinate control plane operations
  • Keystone
  • Placement
  • Nova API
  • Nova Scheduler
  • Glance API
  • Cinder API
  • Cinder Scheduler
  • Heat
  • Horizon / Skyline
Compute
  • Run nova-compute and hypervisors like KVM
  • Execute VM operations and tenant workloads
  • nova-compute
  • Neutron OVS agent
  • Optional Glance image cache
Storage
  • Manage block and object storage
  • Provide persistent storage for VMs and images
  • cinder-volume
  • Object storage daemons
  • Optional Glance image cache
Network
  • Handle routing, DHCP, and load balancing
  • Move tenant traffic efficiently
  • Neutron L3 agent
  • DHCP agent
  • Load balancer agent
info

Small labs may combine roles on a single host, while production clouds scale each role horizontally for performance and compliance.

OpenStack Distributions

Community releases

Community OpenStack is developed and released openly.

  • New versions are available as soon as they are released
  • Documentation includes installation guides
  • Some features may be marked as not production-ready

This option is ideal for learning, testing, and environments that need the latest features.

Vendor-supported releases

Vendor distributions package OpenStack with additional tooling and support.

  • Tested and supported configurations
  • Deployment and architecture assistance
  • Easier path to production environments

The trade-off is higher cost and sometimes fewer available services.