We spoke to Edgar Magana, senior principal engineer for cloud operations at Workday and current chair of the OpenStack user committee about how his organisation is utilising the platform.
- Tell us a bit about your role at Workday and the board/user committee at OpenStack?
I’ve been at Workday for over three years, and in my current role I serve as lead architect responsible for driving cloud operations. I’ve been part of the OpenStack community since 2011, so I guess that makes me a bit of an old timer. I’ve completed successful OpenStack deployments at Workday and at other companies I’ve worked for. I think having spent time in the roles of both OpenStack user and board member has given me a deep and wide view of the project and its value.
- What led you to OpenStack?
Well, I’ve been involved in technology ever since I was a little kid. I broke every toy I ever got to see how it worked. I got involved with computers when my school principal bribed me with computer time to get better grades. I was attracted to OpenStack because of my work, but also because it’s built on a solid foundation with a true open-source strategy and really smart people contributing to it.
Workday was engaged with OpenStack before my time there and the engagement has grown ever since. Early on, Workday realised that the best path to business growth was to boost infrastructure ability and reduce complexity. The best way to achieve this was through a cloud-based infrastructure, but Workday wanted to avoid the cost and vendor-lock issues associated with proprietary cloud.
None of that has changed, and today we are also keen to maximise resource consumption of all data center resources and have a single delivery for all artifacts such as images, containers, rpms, etc.
We also want an automated, repeatable approach to managing all of our data centers. OpenStack has given us all this and more.
- Can you describe the process you went through to deploy and now manage OpenStack?
We’ve deployed OpenStack in multiple data centres across dispersed geographical zones in the US, Ireland and the Netherlands. It’s been a staged process, involving a fair amount of operational complexity, tools and training, not to mention the need to ensure endpoint connections. OpenStack has helped to streamline the process by automating the onboarding and validation process. All this has been possible because OpenStack exposes APIs that enable the platform to be connected with other tools and solutions.
Upcoming migration plans include applications related to document security and system authentication, as well as memory optimization and big data analysis. This migration wave requires that we segment applications into more virtual machines to increase scalability and performance.
- How is OpenStack being used by Workday?
OpenStack is being used extensively–for both internal development and to run production applications and services. For example, we’re using the OpenStack platform to create private clouds in every data centre, encompassing virtual machines and bare metal. Our services owners delivers their code in a virtual machine image than later is published to all data centers via OpenStack glance replication. The same process is apply for all the services running on OpenStack.
- Can you discuss the Workday team’s contribution back to the open source community, and how do you work with the OpenStack community?
We have been deeply involved in the OpenStack community. In fact, we’re a major contributor, with more than 1,000 reviews and commits. We have an internal team entirely dedicated to OpenStack deployment, and the team has been working to harden the platform for the enterprise. Today, in fact, a large number of Workday customers are deployed on OpenStack.
- What operational benefits are you seeing since implementing OpenStack?
We’ve seen improvements in many different areas–development, deployment, scalability, usability, onboarding, network isolation, security and automated continuous improvement.
All of this has translated into significant business benefits, faster time-to-production, and the ability to scale services without new physical infrastructure – all contributing to Workday’s continued growth.
For example, we’ve been able to consolidate few existing application deployment systems into just one. We’ve cut time and complexity, all while improving reliability and increasing developer satisfaction.
OpenStack also provides a platform for building and testing applications, which has helped us build a strong Continuous Integration / Continuous Delivery pipeline with OpenStack and OpenContrail. Building on OpenStack APIs, new application services are enabled in their pre-production environment in minutes as opposed to days. This has resulted in a 90 percent improvement in speed-to-market for new applications.
OpenStack also reduces the costs associated with scalability testing. So, more people are performing scalability tests, which means more services are more reliable. We’re starting to see this change the culture around testing–and the scope of testing.
- What is the scale of your OpenStack deployment?
By the end of 2016, we had over 650 servers running OpenStack services and more than 50,000 cores of total capacity with a CPU overall location ration of 1:2 and 1:1 for memory. By the end of 2018, we will have tripled our total capacity.
Currently, including both production and development clouds, we create over 1,000 workload instances per day and monitor over 100 metrics reporting health, state and performance of our clusters. More than 1,200 deployed virtual networks with over 80 security policies per virtual port are utilised. This results in over 3,500 security rules on average for each cluster.
We also automatically deploy multi-node clusters using OpenStack functional test, OpenStack Benchmark Service and customized scripts to validate, test performance and benchmark new OpenStack instances at scale.
- What advice do you have for companies wanting to deploy on OpenStack?
Get involved. Don’t just use OpenStack; become part of the OpenStack community. Share the improvements you make back with the community. I think of it a little like I think of those toys I broke to see how they worked–the deeper you get into the project, the more you will learn.