State of Containers in OpenStack
Download as PPTX, PDF5 likes2,958 views
The document discusses various OpenStack projects that are focused on containers. It describes projects like Nova-docker and Heat-docker that allow managing containers alongside virtual machines in OpenStack. It also covers container orchestration engines (COEs) running on infrastructure provided by Magnum, and application catalogs for containers provided by projects like Murano and Solum. Overall, the document provides an overview of the different ways containers are integrated and managed within the OpenStack cloud platform.
![Solum Practice
• solum languagepack create <NAME> <GIT_REPO>
• solum app create --app-file <app_file> [--param-file param_file]
• solum app deploy <UUID>](https://image.slidesharecdn.com/stateofcontainers-160713073420/85/State-of-Containers-in-OpenStack-21-320.jpg)
State of Containers in OpenStack
- 1. State of Containers in Openstack Madhuri Kumari Intel
- 2. Agenda • Containers vs VMs • Why Containers? • Containers on Openstack • Openstack Components – Nova-docker – Heat Docker – Magnum – Murano – Zun – Solum • Other Container Focused Components – Kolla – Kuryr
- 4. Containers vs VMs Containers VMs Principle Lightweight, high packing density, with fewer resources to achieve rapid deployment, migrate easily. Isolated, Hardware virtualization, large, performance overhead, migrate easily. Resource Usage Efficient sharing of resources. Take up more resources. Flexibility & Security Less appropriate for multi-tenant environments, because of potential security risks. Fully isolated from one another and malware, application crashes and other problems impact only the affected VM. Use cases Web servers, micro-services VMs may contain other enterprise workloads such as database, ERP, CRM, email server, media server, web server or other business applications.
- 6. Containers in Openstack • OpenStack is above all an integration engine, bringing various technologies together through common APIs. Therefore, containers have naturally been plugged into several existing projects and will find their way into other areas as well.
- 7. Openstack Containers Project Nova-docker A Docker hypervisor driver for Nova Compute to treat containers and images as the same type of resource as virtual machines. Heat Docker A plugin template for orchestrating Docker resources on top of OpenStack resources. Allows access to full Docker API. Murano Provides an application catalog of containerized applications that can be deployed to an OpenStack cloud. Magnum Provides an API to manage multitenant containers infrastructure leveraging Heat, Nova, and Neutron. Zun Container service for OpenStack. Provides API(s) for launching and managing containers backed by different container technologies. Solum An OpenStack project designed to make cloud services easier to consume and integrate into your application development process.
- 8. Nova-docker • Drivers for OpenStack Nova • Use Nova API to access containers • Interface with container backend (i.e. Docker daemon, libvirt-lxc) • Fetch container images from Glance
- 9. Nova-docker Practice • nova.conf: compute_driver=novadocker.virt.docker.DockerDriver • glance-api.conf: container_formats=ami,ari,aki,bare,ovf,ova,docker • docker save busybox | openstack image create busybox --public -- container-format docker --disk-format raw • nova boot --flavor m1.small --image busybox --key-name mykey test1
- 10. Heat Docker • Provide a Heat resource type for Docker. • Need to specify docker endpoint • Can orchestrate docker containers with other Heat resources
- 11. Heat Practice • Install heat-docker plugin • Docker.yml heat_template_version: 2013-05-23 description: Test template resources: apache: type: DockerInc::Docker::Container properties: image: marouen/apache port_specs: - 80 docker_endpoint: http://host:2375 • heat stack-create -f docker.yaml docker-stack
- 12. Magnum • Founded at the end of 2014 • Integrates various container orchestration engine (COE). • Leverage other Openstack components lie Heat, Nova, Neutron, Cinder etc • Manages infrastructure for running containers on Openstack. • Runs containers under VM/baremetal • COE: Swarm, kubernetes, Mesos
- 14. Magnum Practice • magnum baymodel-create --name k8sbaymodel --image-id fedora- atomic-latest --keypair-id testkey --external-network-id public --flavor-id m1.small --docker-volume-size 5 --network-driver flannel --coe kubernetes • magnum bay-create --name k8sbay --baymodel k8sbaymodel • magnum ca-sign --bay k8sbay --csr client.csr > client.crt • magnum ca-show --bay k8sbay > ca.crt
- 15. Murano • Application catalog to Openstack. • Provide a variety of applications and services, publishing and lifecycle management , and provide UI and API. The application is defined as anything YAQL language templates defined application.
- 16. Murano UI
- 17. Zun • Zun (Higgins) is a Container service for OpenStack. • Aim to provide OpenStack API(s) for launching and managing containers backed by different container technologies. • Container runtimes: Docker, Rkt, Clear Conainer, etc. • COEs: Kubernetes, Docker Swarm, etc.
- 18. Zun • One platform for containers/VMs/baremetals • Neutron • Cinder • Glance • Horizon • Nova • ... Images Container/ VM/ Baremetal Glance Neutron Cinder HorizonNova Networks Volumes UI Provisions
- 19. Solum • Solum is an application lifecycle management system which allows you to deploy your applications starting from the source code onto Openstack cloud. • For developers, Solum provides an easy-to-use platform for building, testing, and deploying applications on OpenStack clouds • For operators, Solum provides ability to make their OpenStack cloud more useful to their application developers by enabling CI/CD capabilities for applications to OpenStack clouds
- 20. Solum Architecture Solum API Solum Worker Solum Deployer Queue Queue Queue Solum Conductor Heat Database Glance/Swift Builds LP; run unit tests; Build DU Deploys DU
- 21. Solum Practice • solum languagepack create <NAME> <GIT_REPO> • solum app create --app-file <app_file> [--param-file param_file] • solum app deploy <UUID>
- 22. Other Openstack Container Focused Projects Kolla Kolla provides production- ready containers and deployment tools for operating OpenStack clouds. Kuryr A Docker network plugin that uses Neutron to provide networking services to Docker containers. It provides containerised images for the common Neutron plugins.
- 23. Kolla • Established in September 14. • Allows packaging and deployment using Docker and Ansible • Provides production ready Openstack service. • Ease of deployment , simplified operation, upgrade and maintenance to enhance devops and operators experience. • Faster than devstack(comparison devstack 14mins ~ 9 mins)
- 24. Kuryr • Its objective is to enable Neutron as the production ready networking abstraction containers need! • Map container networking abstractions to the Neutron API • Bring your container and VM networking together under one API • Implement all the common code for Neutron vendors allowing them to get to container networking by just having a binding script • Leverage Neutron advanced networking like LBaaS, FWaaS, VPNaaS, Security Groups / NAT • Aims to support different Container Orchestration Engines like Kubernetes, Mesos, Docker Swarm
- 25. Summary • OpenStack virtual machine management / physical and running on the container (Magnum, Murano, Solum) Advantage: • Resource sharing, unified management by the OpenStack Nova Disadvantages: • Performance loss running VM container • Network performance
- 26. Summary • COEs run on a variety of hosts managed container OpenStack services (k8s, mesos) Advantage: • Container performance guarantees • More efficient use of resources Disadvantages: • Container isolation • VM network storage • Complexity OpenStack services
- 27. Summary • Manage containers and virtual machines (Nova-docker, heat-docker, Nova-lxc / lxd, Nova + Zun) Advantage: • simple • Integration of existing resources, such as network, storage Disadvantages: • Not production ready