View
12
Download
0
Category
Preview:
Citation preview
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
OpenStack ContainedUsing Docker containers to deploy OpenStack
Wiekus Beukes Software Development Senior Director Oracle OpenStack for Oracle Linux August 2015
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
3
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Agenda
Docker
Dockerizing OpenStack
Kolla
Kolla CLI
Putting it all together
3
4
2
5
1
4
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted
DockerWhy?
• Run everywhere – Regardless of host distro – Physical or virtual – Container architecture must match host
• Run anything – If it can run on the host, it can run in the container – If it can run on a Linux kernel, it can run in the container
5
What? • High Level—It’s a lightweight VM –Own process space – Can have own network interface – Can run stuff as root – Can have its own /sbin/init (different from host)
• Low Level—It’s chroot on steroids – Shares kernel with host – No device emulation (not HVM or PV)
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
DockerPros
• Immutable • Portable • Fast • App focused experience • Massive community • Branding • Growth
6
Cons • Green • Dockerizing OpenStack is even greener • Additional complexity • Difficult to audit
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
DockerDocker System
7
Dockerfile
Docker
Host 1 (Linux OS)
Container A
Docker Images Registry
Docker
Build
Push Pull
Container B
Container A
Host 2 (Linux OS)
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Agenda
Docker
Dockerizing OpenStack
Kolla
Kolla CLI
Putting it all together
3
8
5
2
4
1
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Dockerizing OpenStack
• Create Docker images for all OpenStack components –OpenStack has many services • Keystone, Nova, Swift, Cinder, Glance, Neutron, Heat….
– Each service can have one or more components • For example Nova: API, Scheduler, Conductor etc.
– Docker best practices calls for one function/process per container • All of this boils down to having to create a significant number of docker images (around 45 for the base services)
– This now presents us with a new problem, managing a large amount of Docker containers over many hosts
What does it mean?
9
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Dockerizing OpenStack
• Simplify deployments and ongoing operations – Breaking up the OpenStack services up into the micro services (Docker containers), each micro service becomes an atomic unit of management such as deployment, upgrading, scaling, etc.
• Repeatable, reliable and fast – As long as the Docker containers are idempotent • Patching, upgrading the docker containers are atomic • The patches are applied upstream to the docker image – Tags are then used for rolling forward and backward
What does it buy you?
10
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Agenda
Docker
Dockerizing OpenStack
Kolla
Kolla CLI
Putting it all together
2
11
5
3
4
1
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla
• OpenSource project is hosted on StackForge (soon to change) – The project has already obtained approval to move into the big tent and is in the process of moving
• Kolla’s manifest – Kolla provides production-‐ready containers and deployment tools for operating OpenStack clouds
• Goal – Scalable, fast, reliable, and upgradable OpenStack clouds using community best practices
• Prebuilt Docker images -‐ not currently intended for production use – https://registry.hub.docker.com/repos/kollaglue
• Deployment tools – Ansible playbooks
What exactly is it?
12
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
KollaWho is contributing?
13
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla
• Provide all the Dockerfiles to build the OpenStack services Docker container images – A simple Python script to build all the images using the Dockerfiles and optionally push them to a private registry – Can build from both source (pull from github) or binary (RPMs/Debs -‐ for example RDO) – Source builds allow the build to pick up patches/releases that have not yet made it into the distros yet
• Provide start/config scripts that live inside the images to start/config the specific OpenStack service – Currently support three modes for configuration – CONFIG_INTERNAL – Use environment variables to create the OpenStack config file in the container -‐ Deprecated
– CONFIG_EXTERNAL_COPY_ALWAYS – Copy the Ansible generated config file into the container every time at startup
– CONFIG_EXTERNAL_COPY_ONCE – Copy the Ansible generated config file into the container only at initial startup -‐ Default
What does it do?
14
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
KollaHow does it work -‐ an example
15
base
glance-‐api
glance-‐base
FROM oraclelinux
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base:%%KOLLA_TAG%%
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%glance-base:%%KOLLA_TAG%%
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla -‐ Dockerfiles
16
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base:%%KOLLA_TAG%%MAINTAINER Kolla Project (https://launchpad.net/kolla)
ADD ./glance.tar /RUN ln -s /glance-* /glance
RUN cd /glance \ && pip install -r requirements.txt \ && pip install /glance \ && mkdir /etc/glance /var/log/glance \ && cp -r /glance/etc/* /etc/glance/ \ && rm -rf /root/.cache
COPY config-glance.sh /opt/kolla/CMD ["/start.sh"]
123456789
101112131415
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%glance-base:%%KOLLA_TAG%%MAINTAINER Kolla Project (https://launchpad.net/kolla)
COPY start.sh check.sh /
COPY config-internal.sh config-external.sh /opt/kolla/CMD ["/start.sh"]
12345678
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla
17
#!/bin/bashset -o errexit
CMD="/usr/bin/glance-api"ARGS=""
# Loading common functions.source /opt/kolla/kolla-common.sh
# Config-internal script exec out of this function, it does not return here.set_configs
# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases# of the KOLLA_BOOTSTRAP variable being set, including empty.if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then su -s /bin/sh -c "glance-manage db_sync" glance exit 0fi
exec $CMD $ARGS
123456789
1011121314151617181920
glance-‐api start script
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla
This example just scratched the surface of what is available
For more information visit
https://github.com/stackforge/kolla
18
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Agenda
Docker
Dockerizing OpenStack
Kolla
Kolla CLI
Putting it all together
1
3
19
4
2
5
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla CLI
• Possible to use the Ansible playbook directly – But who wants to use vi to configure inventory files etc.
• Kolla expect hosts to be pre-‐configured – Although it is technically possible to do using Ansible, it is not part of Kolla
• Docker private registry –Most deployments will not allow the controller domains of the hypervisors to access the internet directly
• Ansible configuration HA – Replicating the Ansible config over multiple hosts to ensure operation when the primary Ansible config goes offline
Using Kolla to deploy OpenStack is awesome, but how do you actually use it?
20
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Kolla CLISimple syntax
21
kollacli host [list] [add 'host name' 'host address’] [remove 'host name’] [check 'host name’] [install 'host name' ‘password’] [addservice 'host name' 'service name’] [removeservice 'host name' 'service name’] [setzone 'host name' 'zone name'] [clearzone 'zone name’] kollacli zone [list] [add 'zone name’] [remove 'zone name’]
kollacli service [list] [activate 'service name’] [deactivate 'service name’] [autodeploy 'on/off' 'service name’]
kollacli property [list] [set 'key' ‘value']
kollacli startkollacli stopkollacli upgrade
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Agenda
Docker
Dockerizing OpenStack
Kolla
Kolla CLI
Putting it all together
1
3
22
2
5
4
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted
Putting it all together
• Use Kolla to build the required Docker container images – Kolla package up master only, most deployments cannot use master and would need a stable tree version
• Use the Kolla CLI as a configuration tool – The CLI fills in the gaps to make the Kolla provided Ansible playbook etc. easier to work with
How does all this translate to deploying a real OpenStack environment?
23
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Putting it all together -‐ deployment architecture overview
24
Nova Compute Neutron ML2 agent Neutron OvS agent
Docker Containers
Hypervisor (KVM/Hyper-‐V/LXC/Xen)
Compute Node(s)
Swift Account Swift Container Swift Object
Cinder VolumeDocker Containers
Storage Node(s)
NeutronNeutron ML2 agent Neutron L3 agent Neutron OvS agent
Docker Containers
Network Node(s)
MySQL Cluster RabbitMQ Keepalived Nova Neutron Memcached HAProxy
Cinder Swift Keystone Glance Heat Horizon
Docker Containers
Controller Node(s)
Docker Registry MySQL Cluster RabbitMQ Keepalived Nova Neutron Memcached
HAProxy Cinder Swift Keystone Glance Heat Horizon
Docker Containers
Container life cycle management (Ansible)
Management Controller Nodes(Up to 4 nodes)
Deploy, Upgrade and Configure containers
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |25
http://www.oracle.com/openstack
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |26
Recommended