PMO Architecture

PMO Architecture

This article describes the architecture and design of Platform9 Managed OpenStack (PMO).

For a quick overview of PMO and to understand key benefits of PMO, refer to What is PMO

For help with getting started with PMO, refer to Pre-install Checklist For PMO

PMO is a SaaS-managed virtualization offering that’s designed to help you make use of all the benefits of OpenStack, while ensuring you can run large scale, production ready, multi-cluster deployments of virtualization that meet your business SLA.

When we create a new deployment of PMO for you or your organization, it consists of following key components:

  • A cloud-hosted management plane is deployed and configured to include key components of your PMO control plane. This management plane maintains connectivity to your on-premise infrastructure via a software agents or gateway virtual appliance installed in your on-premise environment.
  • Any additional necessary components - such as Platform9 host agents and / or Platform9 gateway virtual appliance - installed by Platform9 on your infrastructure. These enable our SaaS hosted management plane to access and manage your infrastructure remotely.

platform9-openstack

PMO employs a unique SaaS - managed deployment model where you OpenStack control plane along with all the OpenStack components are deployed in infrastructure of your choice, while there is a cloud-hosted management plane that maintains connectivity to your hypervisors via agents that are installed on them.

This architecture has several benefits:

  • It allows the cloud hosted management plane to easily prepare your on-premise environment with the required pre-requisites
  • It enables automated deployment and configuration of Software-Defined Networking for your virtualized enviroment
  • Once PMO cloud is setup, the cloud hosted management plane can then monitor your on-premise infrastructure 24x7 and detect any issues
  • Depending on the issue, the management plane can detect anomalies quickly and compare them with known database of issues. It can also perform an auto repair of the problems, when possible.
  • When the issues are not auto repairable, the management plane can send alerts to your cloud administration team as well as the Platform9 support team. Our support team can then either take immediate action on your behalf - or inform you about a problem with your infrastructure and advice you on how to correct it.
  • The management plane also rolls out fully automated upgrades for your virtualized environment. It can auto-patch hosts with critical security vulnerabilities immediately after they are released by the community.

As a result of this architecture, PMO can provide a very high uptime SLA for your virtualized private cloud environment.

Communication between management plane and hosts

Part of the onboarding process with PMO is to install the Platform9 host and communications agents on your hosts. The agents, once installed, establish a secure outbound https tunnel with the management plane. All the traffic between the management plane and the hosts is routed via this tunnel. PMO controls and configures what data gets sent from each host to the management plane, to ensure that only metadata information about your environment is sent to the management plane. All your data lives securely in your data center behind your firewall, and is not transferred over to the management plane.

Communication with management plane

You can communicate with the management plane either using the PMO User Interface, or via PMO REST APIs.

PMO Services

PMO is based on open source OpenStack and utilizes the following OpenStack services:

OpenStack Project Service Offered Description
Keystone Identity service Authenticates clients and authorizes clients for all OpenStack-related operations
Cinder Block Storage Provides on-demand access to block storage resources
Glance Image service Manages bootable disk images and metadata definitions
Neutron Networking Manages networking resources through abstraction
Nova Compute service Provides on-demand access to compute resources such as bare metal, virtual machines, and containers
Telemetry Metrics service Provides metrics collection and viewing / querying via API for important metrics collected for all other services
Murano Application Catalog Facilitates management of environment for application deployment
Heat Orchestration Orchestrates composite cloud applications by using YAML-based templates to invoke OpenStack APIs

Important Files

Each PMO host stores log files for the various PMO components (except for the image service) at /var/log/pf9.

Logs for the PMO image service are located at /var/log/glance/