Virtualization Overview

SCM builds on top of the OpenStack Infrastructure-as-a-Service (IaaS) framework. OpenStack may be configured in many different ways, but SCM configures OpenStack for its needs.

OpenStack is configured to use the kernel-based virtual machine (KVM) hypervisor for virtualization. Each VM has its physical compute properties of boot disk size, number of CPU cores, and amount of random-access memory (RAM) set based on an OpenStack flavor, which are exposed via SCM as server-instance types.

Ceph storage is used to store disk images for OpenStack Glance. These images are raw format disk images that an administrator has uploaded into Glance, and contain a full operating system (OS) installation and potentially additional packages pre-installed. When a new VM is created, its boot disk is created by cloning the disk image from Glance into Cinder, OpenStack’s block storage service. Since both Cinder and Glance are configured to use Ceph, this disk cloning can take place using space-efficient copy-on-write (COW) techniques, meaning that new VM disks take up very little space. It is only as files are written and the disk contents diverge from the clone parent, that new storage space is consumed.

Each VM gets its private IP address via dynamic host configuration protocol (DHCP). The IP addresses visible within a VM are private networks only. Access to the Internet is achieved via gateway node(s), depending on whether one or two SCM controllers have been deployed. For external users to access the VMs (i.e. via SSH), an IP address is checked out from a pool of public IP addresses. This IP address is bound to the node running nova-network (the SCM controller node for single-node deployments, the VM host running the VM for dual-node HA controller deployments). The nova-network node then uses NAT via iptables rules, to accept incoming traffic for the public IP address and forward it to the VM’s private IP address.