Apache CloudStack Generic Key-Value Storage Plug-in

We implement an applications deployment subsystem for Apache CloudStack. Today CloudStack is an IaaS orchestration product which enables administrators to provision and manage public and private clouds, the reliable solution used by cloud market leaders. Customers use virtual machines to provide various applications on top of deployed IaaS topologies. Modern delivery approaches such as DevOps, CI/CD, IaC evolved as a reflection of customers’ demands on reliable, predictable, fast and reproducible applications deployments and lifecycle management. In Bitworks we think that IaaS orchestration systems should move toward those customers’ demands by implementing such applications management subsystems.

Despite providing basic functions for passing bootstrap parameters into virtual machines like initial passwords, PKI public keys, networking information and basic user data, modern virtualization platforms don’t go beyond those basic features. On the other hand, there are sophisticated IaC management platforms which professional system engineers can use, like Ansible, Chef, Puppet, SaltStack, etc. Sad to say, but most of them are used only by those engineers, who manage quite big infrastructures, and have to deploy them often. It’s hard to confirm that users of public clouds have access to those tools out of the box because most of the cloud providers offer only preconfigured templates for bare operating systems.

As a solution for the observed problem, we have developed an extension for CloudStack, which is basically a key-value storage for CloudStack, accessible through its API and anonymously, using URIs and private keys which enables communication between a user interface and virtual machines in both ways. The extension supports three kinds of storages:

  • VM storage, which is automatically created when a machine is created and removed upon VM expunge;
  • temporary storage created through CloudStack API and is accessible from virtual machines which “know” secret UUID, it’s automatically expunged after a configured delay;
  • persistent storage created through API and expunged by requesting explicit removal.

An account can create an arbitrary number of temporary and persistent storages. Persistent storages and VM storages support history memory keeping all changes.

All those storages permit implementing a broad number of scenarios for two-way communications between a user and virtual machines, including those which assumes private information passing into virtual machines, deploying applications on multiple nodes, application state update and monitoring. These API, being integrated with IaC tools implement complete application CMDB management.

The extension uses Elasticsearch, which is optimal and proven tool for operating of large key-value databases supports horizontal scalability and easy to manage. The extension is implemented in two separate components - the first is a CloudStack plug-in, the second is a separate service delivered as a Docker container. The plug-in provides the access to the stores for the account through CloudStack API, the standalone application implements secure-URI access to KV storages from the virtual machines.

The extension is granted to the community under Apache License 2. Plug-in source code is implemented in Java and uploaded on GitHub/cloud-plugin-kv-storage, the standalone service is implemented in Scala and uploaded on GitHub/cs-kv-storage.

We granted it to the community under Apache License 2. Source code in Java is uploaded on GitHub. If you find the plug-in useful, please give us a feedback and suggest improvements.