Remove unecessary files
Ostro version 2.0.2 Installation and Usage Guide
Author: Gueyoung Jung
You can download the latest Ostro python code from repository (CodeCloud).
1. Configure Ostro
Set authentication in "ostro_server/ostro.auth" file. User must have the permission to access OpenStack Nova to let Ostro extract underlying cloud infrastructure information.
You must check “ostro_server/ostro.cfg” to correctly run Ostro. Here, explain the configuration parameters found in “ostro.cfg”.
Configuration consists of 1) system, 2) logging, and 3) management parts.
1.1 System configuration
- first, you define the base directory in “root_loc”, where Ostro is installed.
- “mode” can be either “live” or “sim”. “live” means Ostro runs over the real OpenStack site, while “sim” means Ostro can be tested over a simulated datacenter. To configure the simulated datacenter, you should check “ostro_server/ostro_sim.cfg”.
- “control_loc” is to set URL where OpenStack controller is deployed. From the URL, Ostro will get some data from Nova and Keystone (Cinder will be in the next version).
- currently, Ostro communicates with Keystone and Nova via REST APIs. Those APIs are set in “keystone_*” and “nova_*”.
- “db_*” indicates parameters to be used for handling Music database such as Cassandra keyspace and table names. "replication_factor" means how many Music instances run. "db_hosts" includes the ips where Music instances run.
- “ip” indicates the IP address of VM, where this Ostro instance runs. If Ostro instances are installed in multiple VMs, you should set “ip” in each configuration.
1.2 Logging configuration
You can set up the logging configuration including logger name, logging level, and directory. If you set the logging level as “debug”, Ostro will leave detailed record. Ostro also records two time-series data as text files (i.e., resource_log and app_log). Due to the large size of these logs, we limit the number of log files and the maximum size of each log file in “max_num_of_logs” and “max_log_size”. When “max_num_of_logs” is 20 and once it reaches the 21st log file, Ostro over-writes in the 1st file (i.e., rotate the logging).
"max_main_log_size" means the max size of the main Ostro log defined in "logger_name" in the location "logging_loc".
1.3 Management configuration
- “datacenter_name” indicates the name of site (region), where Ostro takes care of. This will be used as key value when getting site topology data from AIC Formation.
- “num_of_region_chars”, “rack_code_list”, and “node_code_list” are used to define the machine naming convention. In current version, Ostro parses each hosting server machine name to figure out the region code and rack name, where each hosting machine is located. This is based on the current naming convention document. Current naming convention is as follow,
3 chars of CLLI + region number + 'r' + rack id number + 1 char of node type + node id number. For example, “pdk15r05c001” indicates the first KVM compute server (i.e., 'c001') in the fifth rack (i.e., 'r05') in the fifteenth DeKalb-Peachtree Airport Region (i.e., 'pdk15').
In “num_of_region_chars”, set the number of chars that indicates the region code. In the above example, 'pdk' is the region code.
In “rack_code_list”, set 1 char of rack indicator. This should be 'r'.
In “node_code_list”, set all of chars, each of which indicates the node type. Currently, 'a': network, 'c': KVM compute, 'u': ESXi compute, 'f': ?, 'o': operation, 'p': power, 's': storage.
- “compute_trigger_time” and “compute_trigger_frequency” are for setting when Nova is called to set information that is used for decision making such as a list of hosting servers and their resource capacities, host aggregates, and availability zone etc. The value of “compute_trigger_time” is based on 24-hour (e.g., “13:00” means 1pm). The value of “compute_trigger_frequency” is seconds (e.g., “3” means every 3 seconds). Ostro checks first “compute_trigger_frequency”. If this value is “0”, then uses “compute_trigger_time”.
- “topology_trigger_time” and “topology_trigger_frequency” are similar with the above, but these are for setting the site layout/topology. Note that currently, Nova must be called first and then, topology next. So, “compute_trigger_time” must be earlier than “topology_trigger_time”.
- “default_*” is for setting default overcommit ratios.
- “static_*” is for setting standby resource amount as percentage. Standby means Ostro will set aside certain amount resources (CPU, memory, and disk) as unused for load spikes of tenant applications. This will be changed more dynamically in the future version.
- “auth_loc” indicates the directory of the authentication file. Admin must have the permission to access OpenStack Nova to let Ostro extract underlying cloud infrastructure information.
2. Start/Stop Ostro daemon
Ostro will run as a daemon process. Go to “ostro_server” directory, then start Ostro daemon as follow,
python start
To stop this daemon process:
python stop
# Valet
Valet gives OpenStack the ability to optimize cloud resources while simultaneously meeting a cloud application's QoS requirements. Valet provides an api service, a placement optimizer (Ostro), a high availability data storage and persistence layer (Music), and a set of OpenStack plugins.
**IMPORTANT**: [Overall AT&T AIC Installation of Valet is covered in a separate document](
Learn more about Valet:
* [OpenStack Newton Summit Presentation]( (Austin, TX, 27 April 2016)
* [Presentation Slides]( (PDF)
Valet consists of the following components:
* [valet-openstack]( a set of OpenStack plugins used to interact with Valet
* [valet-api]( an API engine used to interact with Valet
* [Ostro]( a placement optimization engine
* [Music]( a data storage and persistence service
* [ostro-listener]( a message bus listener used in conjunction with Ostro and Music
* [havalet]( a service that assists in providing high availability for Valet
Additional documents:
* [OpenStack Heat Resource Plugins]( Heat resources
* [Placement API]( API requests/responses
* [Using Postman with valet-api]( Postman support
## Thank You
Alicia Abella, Saar Alaluf, Bharath Balasubramanian, Roy Ben Hai, Shimon Benattar, Yael Ben Shalom, Benny Bustan, Rachel Cohen, Joe D'Andrea, Harel Dorfman, Boaz Elitzur, P.K. Esrawan, Inbal Harduf, Matti Hiltunen, Doron Honigsberg, Kaustubh Joshi, Gueyoung Jung, Gerald Karam, David Khanin, Israel Kliger, Erez Korn, Max Osipov, Chris Rice, Amnon Sagiv, Gideon Shafran, Galit Shemesh, Anna Yefimov; AT&T Advanced Technology and Architecture, AT&T Technology Development - AIC, Additional partners in AT&T Domain 2.0. Apologies if we missed anyone (please advise via email!).
## Contact
Joe D'Andrea <>
Valet1.0/Ostro features
- Optimal VM placement
Use the decent algorithm, compute the holistic optimal placement for all VMs of given application. Working on NUMAAffinityFilter and PCIPassthroughFilter.
- Constraint solving (filtering)
Current constraints (i.e., filters) include CoreFilter, RamFilter, DiskFilter, host aggregates, availability zones. Possibly, the decision making of Ostro is different from Nova when tenant attempts to use other filters available in Nova. In this case, Ostro yields its decision to Nova scheduler unless the tenant uses affinity, diversity, and exclusivity in Heat template. However, we will restrict some Nova filters if it affects cloud security, reliability, and efficiency.
- Affinity, Diversity, and Exclusivity in either host or rack level
In addition of the above filters, support affinity, diversity (anti-affinity), and exclusivity. The rack level can be supported when the topology/layout information of site is available. Currently, use the host machine naming convention. If a site does not follow the naming convention, the rack level request will be rejected. Note that you can use the mix of these special filters and the basic filters.
- Resource standby
When allocating resources (CPU, memory, disk, and later network bandwidth), Ostro intentionally leaves a certain percentage of resources as unused. This is because of the concern of load spikes of tenant applications. Later, we will deploy more dynamic mechanism in the future version of Ostro.
- High availability
Ostro replicas run as active-passive way. When active Ostro fails, automatically the passive one is activated via HAValet. All data is updated in MUSIC database at runtime whenever it is changed. When the passive Ostro is activated, it gets data from MUSIC to initialize its status rather than from OpenStack. Ostro also takes ping messages to show if it is alive or not.
- Runtime update via the Oslo message bus or RO
Working on this.
- Migration tip
Working on this.
oslotest>=1.10.0 # Apache-2.0
# Copyright 2014-2017 AT&T Intellectual Property
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
'''Identity helper library'''
from datetime import datetime
import iso8601
# master/keystoneclient/v2_0/
import keystoneauth1.exceptions
from keystoneauth1.identity import v2
from keystoneauth1 import session
from keystoneclient.v2_0 import client
from pecan import conf
import pytz
def utcnow():
'''Returns the time (UTC)'''
class Identity(object):
'''Convenience library for all identity service-related queries.'''
_args = None
_client = None
_interface = None
_session = None
def is_token_admin(cls, token):
'''Returns true if decoded token has an admin role'''
for role in token.user.get('roles', []):
if role.get('name') == 'admin':
return True
return False
def tenant_from_token(cls, token):
'''Returns tenant id from decoded token'''
return token.tenant.get('id', None)
def user_from_token(cls, token):
'''Returns user id from decoded token'''
return token.user.get('id', None)
def __init__(self, interface='admin', **kwargs):
self._interface = interface
self._args = kwargs
self._client = None
self._session = None
def _client_expired(self):
'''Returns True if cached client's token is expired.'''
# NOTE: Keystone may auto-regen the client now (v2? v3?)
# If so, this trip may no longer be necessary. Doesn't
# hurt to keep it around for the time being.
if not self._client or not self._client.auth_ref:
return True
token = self._client.auth_ref.get('token')
if not token:
return True
timestamp = token.get('expires')
if not timestamp:
return True
return iso8601.parse_date(timestamp) <= utcnow()
def client(self):
'''Returns an identity client.'''
if not self._client or self._client_expired:
auth = v2.Password(**self._args)
self._session = session.Session(auth=auth)
self._client = client.Client(session=self._session,
return self._client
def session(self):
'''Read-only access to the session.'''
return self._session
def validate_token(self, auth_token):
'''Returns validated token or None if invalid'''
kwargs = {
'token': auth_token,
return self.client.tokens.validate(**kwargs)
except keystoneauth1.exceptions.http.NotFound:
# FIXME: Return a 404 or at least an auth required?
return None
'''Returns true if tenant list contains valid tenant IDs'''
tenants = self.client.tenants.list()
if isinstance(tenant_list, list):
for tenant_id in tenant_list:
found = False
for tenant in tenants:
if tenant_id ==
found = True
if not found:
return False
return True
return False
def _identity_engine_from_config(config):
'''Initialize the identity engine based on supplied config.'''
# Using tenant_name instead of project name due to keystone v2
kwargs = {
'username': config.get('username'),
'password': config.get('password'),
'tenant_name': config.get('project_name'),
'auth_url': config.get('auth_url'),
interface = config.get('interface')
engine = Identity(interface, **kwargs)
return engine
def init_identity():
'''Initialize the identity engine and place in the config.'''
config = conf.identity.config
engine = _identity_engine_from_config(config)
conf.identity.engine = engine
