What is OpenStack?

Want an alternative to AWS and Azure? We look at the open-source alternative

Many organisations are moving to the cloud, but some do not want to support the hegemony that is AWS and Microsoft Azure (and to a lesser extent Google Cloud Platform). A good alternative is OpenStack, but what is it and what is the technology and components behind this cloud?

OpenStack is an open source cloud-based IaaS operating system that manages huge pools of compute, storage, and networking resources across a datacentre. These pools are controlled via a dashboard that gives administrators control while supporting users in the provision of resources via a web interface. It started as a joint project between RackSpace and NASA in 2010.

The cloud technology is supported by a number of software development companies and hosting providers and has a community of thousands of individuals contributing code. OpenStack is operated by the OpenStack Foundation, which looks after the development of the cloud software as well as overseeing the community that has developed around it.

Since its formation in 2010, the cloud technology has been revised roughly every six months. The latest release of OpenStack is known as Train. Ussuri is in the development stage and is set to follow in May this year.

What does it do?

OpenStack is much like AWS and Azure in that it enables users to use virtual machines and instances and create private and public clouds.

The platform contains individual projects and services dedicated to specific functions within the ecosystem.

There are nine core functions:

Related Resource

Understanding your open source risk

Open source libraries can introduce vulnerabilities to your code

Download now

Nova

This manages the computing resources of an OpenStack cloud. With this function, users can create instances, resize them, and manage where they are located within the cloud.

Neutron

This function creates virtual networks in the cloud as well as routers, subnets, firewalls, load balancers, et cetera.

Glance

This maintains and manages server images for a cloud. OpenStack compatible images can also be uploaded using this function with images stored either locally or on object storage.

Keystone

This is the authentication and authorisation component built into each OpenStack cloud. The function is usually the first component to be installed as it looks after project creation.

Cinder

This function provides an OpenStack cloud with Block Storage as a Service. This is done by virtualising pools of block storage devices while providing users with a self-service API to request and consume those resources without them needing to know where storage is actually deployed.

Swift

While Cinder provides Block Storage as a Service, Swift offers Object Storage as a Service to an OpenStack cloud. This is provided as a highly available, distributed, eventually consistent object/blob store.

Horizon 

This is a function that provides a web-based graphical overview of what is happening in an OpenStack cloud as well as a means of managing the cloud via this dashboard.

Ceilometer 

This is the telemetry function which keeps track of what components a user uses in order to make billing easier.

Heat

This orchestration function records prerequisites of a cloud application in a file in order to define what resources are essential for that application.

Beyond these core functions are other components that may be of use to organisations wishing to deploy OpenStack, such as identity management and messaging as a service, to name a few.

Related Resource

Understanding your open source risk

Open source libraries can introduce vulnerabilities to your code

Download now

OpenStack pros and cons

There are no upfront costs with OpenStack as it’s available freely as open source software. Considering its key functions and components, as a platform it’s comprehensive and production-ready for enterprises wishing to build in either the public or private cloud.

OpenStack comes with a great deal of flexibility. However to fully capitalise on all of the moving parts, skilled engineers are required who understand its inner workings. Otherwise, the platform can be a dangerous foundation on which to build. 

It’s also worth bearing in mind that knowledge is required not only for the initial build, but also for long-term maintenance. Organisations need to decide whether building their own applications is something that will provide a strong enough return on investment to justify using OpenStack in the first place. For many organisations, this level of specialisation and the additional cost is brings may be unnecessary.

The security of open source operating systems can also be called into question. Vulnerabilities in code continue to be uncovered by the OpenStack community, but patching projects are in place. The OpenStack Security Project allows the OpenStack community to share and report vulnerabilities, pushing them into the fix-queue. Quick-fixes are a rare occurrence, however.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

AWS Network Firewall provides network protection across all workloads
Amazon Web Services (AWS)

AWS Network Firewall provides network protection across all workloads

18 Nov 2020
Deutsche Telekom’s net-based LAN service aims to transform network management
cloud computing

Deutsche Telekom’s net-based LAN service aims to transform network management

18 Nov 2020
Hackers are increasingly reaping the benefits of the cloud
Security

Hackers are increasingly reaping the benefits of the cloud

16 Nov 2020
Deloitte launches four new industry-specific cloud solutions
Cloud

Deloitte launches four new industry-specific cloud solutions

12 Nov 2020

Most Popular

80% of cyber professionals say the Computer Misuse Act is working against them
Security

80% of cyber professionals say the Computer Misuse Act is working against them

20 Nov 2020
Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
Weekly threat roundup: Cisco, BlueKeep, Apache Unomi
Security

Weekly threat roundup: Cisco, BlueKeep, Apache Unomi

19 Nov 2020