Area51 Declassified

Welcome to the Rapid Access Cloud Experimental Region

Cybera's Rapid Access Cloud provides a stable and reliable platform for non-production, demonstrative, or development purposes, using tried and well-tested OpenStack services like OpenStack Compute (nova) and OpenStack Object Storage (swift). Introducing new services to the Rapid Access Cloud is not something we take lightly, as we want to keep the platform stable and reliable for our users. That being said, exploring new technologies and approaches is an important part of Cybera’s mandate. We have therefore decided to create an experimental region of our cloud to roll out new-but-not-as-well-tested services. This permits us to be a little more relaxed in what services we roll out, and gives our users the ability to show us how they may use the service, perhaps in ways we did not anticipate!

Taking its name from the classified United States Air Force testing facility, "Area51" is a semi-autonomous region within the existing Rapid Access Cloud platform that provides most of the functionality of the Calgary and Edmonton cloud regions, but at a smaller scale. Here, both users and administrators of the Rapid Access Cloud can explore and evolve new features. If these features are proven viable, they will be moved into the “production” regions.

Project Neutron

Area51, like many inventions, was borne of necessity. The original OpenStack networking project, nova-network, has been in use in the Rapid Access Cloud since it was first built in 2012, and continues to be in use long after its deprecation in OpenStack Icehouse (April 2014). While we felt it was time to deploy OpenStack Network (neutron), we needed an environment that would allow us to introduce a core OpenStack service to the existing platform that could be played around with first, before deciding how to implement it (and avoid disrupting users). Thus the first new service to debut in Area51 is Neutron, a software defined networking (SDN) solution built on OpenVswitch. Neutron provides users with the ability to create virtual routers and networks that are segmented from other user-created (tenant) networks, permitting the creation of more complex virtual environments. Tenant networks can be created and connected to other tenant networks, meaning two tenants can better interoperate. Instances can be deployed as virtual network appliances, allowing the creation of edge devices for routing, load-balancing, IDP/IDS/firewall or a simple proxy server.

Access Granted

Users access Area51 (a51) a little differently than they do the Calgary (yyc) and Edmonton (yeg) regions. Instead of going to http://cloud.cybera.ca and choosing a region, the Area51 login is: http://a51.cloud.cybera.ca. All existing Rapid Access Cloud accounts are valid, as each region shares a single Keystone database. The dashboard in Area51 may look different from the dashboard for the other regions, with additional options and UI tweaks, but it will (basically) function the same as the dashboard for the "production" regions.

Resource Availability

Given the smaller scale of Area51, some services from our "production" regions are not available. At the time of writing this post, OpenStack Block Storage (cinder), OpenStack Object Storage (swift) and OpenStack Nova-network are unavailable, along with GPU-enabled images and compute nodes. Further, existing services may not work in Area51 the same way they do in the other regions; for example, there are no IPv4 addresses available (see below)!

Technical Details

At its current stage of deployment, Neutron has some eccentricities to be addressed. These quirks are artifacts of some Neutron design realities and the nature of the existing Rapid Access Cloud platform:

  1. There are no publicly routable IPv4 addresses available for use in Area51! Because there are so few public IPv4 addresses available world-wide, we had to make the decision to only allow IPv6 access to instances from the public internet. If you are unable to use IPv6 addresses, you can use an existing instance in the Calgary or Edmonton region as a proxy. This IPv4 limitation also means users are unable to connect routers to the external (default) network, and can only connect to tenant networks.
  2. In order to access an instance from the internet, it must be given an interface on the default network. That interface must be the first interface (eth0 in Ubuntu). If you have created multiple tenant networks, you will need to specify the default network.
  3. It is recommended that all network configuration and instance creation be performed through the command-line interface. Currently, the dashboard does not allow the full range of options needed to create fully operational networks and instances .

For more information, see the Area51 documentation here.

Just the Beginning

Where Area51 goes from here has yet to be determined, though we are excited about the possibilities. Cybera certainly welcomes suggestions for interesting and experimental features that we can test in Area51, so please contact us with ideas or thoughts. Area51 is open to all Rapid Access Cloud users who want to experiment with virtual networking, and we look forward to seeing what our users can do!