OpenStack has long been the go-to platform for building private clouds, but its architecture, particularly the control plane, has undergone a significant transformation in the 15 years since its inception. The original design, a tightly coupled 3-node control plane, provided a stable foundation but presented challenges in scalability, resilience, and operational complexity. However, the integration of Kubernetes has ushered in a new era for OpenStack, creating a more flexible and robust control plane that allows scale, control and security.
The Traditional 3-Node Control Plane
In its early days, OpenStack’s control plane was typically deployed on three dedicated nodes. These nodes housed a variety of core services, including:
Keystone: The identity service.
Glance: The image service.
Nova: The compute service API.
Neutron: The networking service API.
This architecture relied on a shared database (often MariaDB) and a message queue (like RabbitMQ) to facilitate communication between services. While this setup was a solid starting point, scaling was often a manual and complex process, and a failure in one of the core control plane services could have a cascading effect on the entire cloud.
As this architecture evolved, the way OpenStack services were deployed also evolved. Services that ran as processes on bare-metal hosts where now containerised into LXD/LXC, Docker and Podman containers (to name a few). These complemented new distribution and OpenStack management choices such as Kolla-Ansible, Charms and OpenStack-Ansible.
The Shift to a Kubernetes-Native Control Plane
The advent of Kubernetes as the de facto standard for container orchestration provided a new paradigm for managing complex, distributed applications. The OpenStack community recognized the potential to leverage Kubernetes’s strengths such as self-healing, scaling, and declarative management to address the challenges of the traditional control plane. This led to the development of new distributions that run OpenStack services as containers on a Kubernetes cluster.
OpenStack-Helm and Red Hat OpenStack Services on OpenShift
Two key examples of this evolution are OpenStack-Helm and Red Hat OpenStack Services on OpenShift.
OpenStack-Helm is a community-driven project that uses Helm charts to deploy and manage OpenStack services on Kubernetes. By packaging each OpenStack service as a Helm chart, administrators can leverage the power of Kubernetes for tasks like:
Simplified Deployment: Deploying an entire OpenStack cloud with a few simple commands.
Automated Upgrades: Upgrading services in a rolling fashion, minimizing downtime.
High Availability: Relying on Kubernetes to automatically restart failed containers and ensure service uptime.
Red Hat OpenStack Services on OpenShift (RHOSO) takes this a step further by integrating OpenStack as a workload on Red Hat’s OpenShift platform, which is an enterprise Kubernetes distribution. RHOSO leverages OpenShift’s robust features, such as Operators, to manage the lifecycle of OpenStack services. This approach offers:
Unified Platform: A single, consistent platform for both cloud infrastructure (IaaS) and application workloads.
Enhanced Operations: OpenShift’s tooling and automation simplify the day-to-day management of the OpenStack cloud.
Improved Resiliency: The inherent high-availability features of OpenShift provide a resilient foundation for the entire OpenStack control plane.
By containerizing OpenStack services and running them on a Kubernetes control plane, these new distributions have made OpenStack more agile, scalable, and easier to operate. The declarative nature of Kubernetes allows for a “desired state” configuration, where the system automatically works to maintain the health and state of the OpenStack services, moving away from the more manual, imperative management of the past. This marriage of OpenStack and Kubernetes is a testament to the power of open-source collaboration and innovation.
Automated Kubernetes Data Protection & Intelligent Recovery
Perform secure application-centric backups of containers, VMs, helm & operators
Use pre-staged snapshots to instantly test, transform, and restore during recovery
Scale with fully automated policy-driven backup-and-restore workflows
Trilio for OpenStack and Kubernetes
Trilio provides native backup services integrated into Kubernetes and OpenStack. This hyper-focus on Open Source cloud-native stacks such as Kubernetes and OpenStack makes Trilio the perfect solution for backing up OpenStack workloads as well as the OpenStack Control Plane that is managed as pods, namespaces and services in Kubernetes.
