Welcome to the Cloud Architecture Components: Part 2 module. By the end of this module, you should be able to describe the management and automation tools in a cloud architecture. Cloud management tools build and manage cloud infrastructure through services, providing a shared pool of compute, storage, and network with automation, resiliency, and security controls. OpenStack is probably one of the most popular open source cloud computing platforms that provides services to build cloud infrastructure. It does not virtualize resources, rather, controls a large pool of virtual resources such as compute, storage, and networking to build public and private clouds. It is mostly deployed as Infrastructure- as-a-Service (or IaaS) but also provides orchestration, fault management, service management, and many more services for the deployed cloud infrastructure. Users can request compute, network, and storage resources on-demand through a self-service portal. OpenStack can create instances of bare metals, virtual machines, or containers as compute; advanced network topologies with services such as firewalls, load balancer, and VPNs; and block object or file storage. OpenStack can integrate with third-party tools such as Kubernetes and Terraform to expand its deployment offerings. Kubernetes (also known as K8s,or Kube) is an open source container orchestration platform that deploys, manages, and scales containerized workloads and services. Kubernetes workloads are portable and extensible. It can orchestrate containers across multiple hosts and self-heal applications with auto restart and auto replication features. Kubernetes clusters can span hosts across on-premise, public, private, and hybrid clouds, thus making it an ideal platform for hosting cloud-native applications. Kubernetes can run on bare metal servers, virtual machines, public, private, and hybrid cloud environments. OpenStack and Kubernetes use network plug-ins for advanced networking, security, and automation requirements of a cloud environment such as: applying policies to restrict traffic between virtual workloads of the same or different application, department, or customer; and provisioning a load balancing service to load balance traffic amongst multiple instances of the virtual workloads running an application. Juniper Networks Contrail Networking provides advanced networking, security, and automation to OpenStack and Kubernetes. A key feature of any cloud deployment is the ability to scale multiple instances to meet the demand in real time. For maximum performance and availability of this huge requirement, you need the steps required to create or destroy instances and other infrastructure components in code. This code can then be automated to help deliver value faster and reliably. Hence, the concept of Infrastructure as Code (or IAC). IAC is infrastructure automation in code using software development principles and practices. You acknowledge your infrastructure as a software and then write, test, and execute code to create, deploy, update, and destroy servers, databases, logs, and applications, and their configurations. Some of the open source IAC tools include: Ansible— An agentless configuration management and orchestration tool that uses configuration modules called playbooks in YAML Ain't Markup Language (or YAML) format to manage users and install software and tools on servers. It supports both declarative and imperative techniques. Terraform—This is a cloud agnostic tool that uses declarative configuration files and state files. It uses HashiCorp configuration language, (or HCL) and supports declaritive technique. One of its distinct features is its ability to plan and predict changes. It creates servers and other components of the infrastructure using API calls. OpenStack Heat— A template-based orchestration using OpenStack-native Representational State Transfer (or REST) API. The template file defines relationships between resources and the order of provisioning and creates servers and other infrastructure components using API calls.
