Working with the Compute Service

Metacloud Compute allows you to control an Infrastructure-as-a-Service (IaaS) cloud computing platform. Compute interacts with Metacloud Identity for authentication; Image service for disk and server images; and the Metacloud Dashboard for the user and administrator interface. Image access is limited by projects, and by users; quotas are limited per project (the number of instances, for example). Compute can scale horizontally on standard hardware, and download images to launch instances.

Compute does not include virtualization software. Instead, it defines drivers that interact with underlying virtualization mechanisms that run on your host operating system, and exposes functionality over a web-based API.

Compute consists of the following areas and their components:

  • openstack-api service—Accepts and responds to end user compute API calls. The service supports the OpenStack Compute API, the Amazon EC2 API, and a special Admin API for privileged users to perform administrator actions. It enforces some policies and initiates most orchestration activities, such as running an instance.
  • nova-api-metadata service—Accepts metadata requests from instances. The nova-api-metadata service is generally used when you run in multi-host mode with nova-network installations.
  • nova-compute service—A worker daemon that creates and terminates virtual machine instances through hypervisor APIs for libvirt for KVM or QEMU.
  • Processing is fairly complex. Basically, the daemon accepts actions from the queue and performs a series of system commands such as launching a KVM instance and updating its state in the database.
  • nova-scheduler service—Takes a virtual machine instance request from the queue and determines on which compute server host it runs.
  • nova-conductor module—Mediates interactions between the nova-compute service and the database. It eliminates direct accesses to the cloud database made by the nova-compute service. The nova-conductor module scales horizontally. However, do not deploy it on nodes where the nova-compute service runs.
  • nova-cert module—A server daemon that serves the Nova Cert service for X509 certificates. Used to generate certificates for euca-bundle-image. Only needed for the EC2 API.
  • nova-network worker daemon—Similar to the nova-compute service, accepts networking tasks from the queue and manipulates the network. Performs tasks such as setting up bridging interfaces or changing IPtables rules.
  • nova-consoleauth daemon—Authorizes tokens for users that console proxies provide. See nova-novncproxy and nova-xvpvncproxy. This service must be running for console proxies to work. You can run proxies of either type against a single nova-consoleauth service in a cluster configuration. For information, see Configuring Remote Console Access.
  • nova-novncproxy daemon—Provides a proxy for accessing running instances through a VNC connection. Supports browser-based novnc clients.
  • nova-spicehtml5proxy daemon—Provides a proxy for accessing running instances through a SPICE connection. Supports browser-based HTML5 client.
  • nova-xvpvncproxy daemon—Provides a proxy for accessing running instances through a VNC connection. Supports an OpenStack-specific Java client.
  • nova-cert daemon—x509 certificates.
  • nova client—Enables users to submit commands as a tenant administrator or end user.
  • The queue—A central hub for passing messages between daemons. Implemented with RabbitMQ on Metacloud, but can be implemented with an AMQP message queue, such as Zero MQ.
  • SQL database—Stores most build-time and run-time states for a cloud infrastructure, including:

    • Available instance types

    • Instances in use

    • Available networks

    • Projects