Upload
others
View
15
Download
0
Embed Size (px)
Citation preview
Docker All The ThingsOpenStack Services
and Kubernetes and Atomic
OpenStack Summit Paris, November 2014@brentholden
@jameslabocki
AgendaThe Problem
Current Solutions
Tomorrow’s Improvements
Demonstration
A Thing of Beauty
The Reality
All Infrastructure Platforms Face This Problem
!=
All Infrastructure Platforms Face This Problem
Reproducible Environment
Separation between Operating System and Application
Description of Deployment Pattern w/o lots of code
And Developers Lives Aren’t Easy Either
Current Solutions
Present Solutions - Build Based + Config Management
Lifecycle Management Tools
Workflow State Machine
Decision EngineConfiguration Management
Content Repository
OpenStack Service A
Bare Metal
Operating System
OpenStack Service B
Bare Metal
Operating SystemInefficient
Lifecycle Management Tools
Workflow State Machine
Decision EngineConfiguration Management
Content Repository
OpenStack Service A
Bare Metal
Operating SystemDifficult
Lifecycle Management Tools
Workflow State Machine
Decision EngineConfiguration Management
Content Repository
SlowDeployment
OpenStack Service B
OpenStack Service A
Bare Metal
Operating System
OpenStack Service B
Packages
Present Solutions - Image Based + Declarative
Repository Bare Metal
Image Builder
Deployer
StillDifficult
Image
Operating System
OpenStack Service
OpenStack Service
Image
Operating System
OpenStack Service
OpenStack Service
Repository Bare Metal
Image Builder
Deployer
Expensive(updates)
Image
Operating System
OpenStack Service
OpenStack Service
Image
Operating System
OpenStack Service
OpenStack Service
Tomorrow’s Improvements
Isolated, lightweight, and portable
Pre-integrated
Easily describe run-time relationships
Run on something thin and easy to update
What If …
Isolated, lightweight, and portable
Pre-integrated
Easily describe run-time relationships
Run on something thin and easy to update
What If …
Isolated, lightweight, and portable
Pre-integrated
Easily describe run-time relationships
Run on something thin and easy to update
What If …
Isolated, lightweight, and portable
Pre-integrated
Easily describe run-time relationships
Run on something thin and easy to update
What If …
Isolated, lightweight, and portable
Pre-integrated
Easily describe run-time relationships
Run on something thin and easy to update
What If … Develop locally and run in production with less friction
DockerIsolated, Lightweight, and Portable
Server Server
Linux
Libvirt/KVM
Linux Guest
BinariesLibraries
Application
Linux
Linux Guest
BinariesLibraries
Application
BinariesLibraries
API(Docker)
Application
Application
Application
Application
Virtual Machines Containers
● Develop
● Build
● Push
● Enjoy!
KubernetesContainer Scheduling
Master Components
SchedulerScheduler
kubectl (user commands)
APIs
AuthorizationAuthentication
REST(pods, services, rep
controllers)
Minion
Docker
Kubelet cAdvisor Proxy
Pod
ContainerContainer
Pod Pod
ContainerContainer
ContainerContainer
Schedulingactuator
Replication Controller
Kubeletinfo service
DistributedWatchable
Storage
Minion
Docker
Kubelet cAdvisor Proxy
Pod
ContainerContainer
Pod Pod
ContainerContainer
ContainerContainer
Traffic
KubernetesContainer Scheduling + Easily describe run-time relationships
{ "id": "mongodb", "desiredState": {
"manifest": { "version": "v1", "id": "mongodb", "containers": [{ "name": "mongodb", "image": "dockerfile/mongodb", "ports": [{ "containerPort": 6379, "hostPort": 6379 }] }]
} }, "labels": {
"name": "mongodb" }}
service mongod start
chkconfig mongod on
mongo --host controller --eval '
db = db.getSiblingDB("ceilometer");
db.addUser({user: "ceilometer",
pwd: "mypassword",
roles: [ "readWrite", "dbAdmin" ]})'
….
Imperative Declarative
AtomicRun on a thin and easy to update OS
Docker + Host
Logging
SELinux
Libraries
Application
Network
`rpm-ostree upgrade`
`rpm-ostree rollback`
How does it change your life?
Developer Workstation(s)
Commodity Hardware
Linux
Libvirt/KVM
Linux Box
Puppet
Docker
Vagrant
Apple Hardware
OSX
Virtual Box
Linux Box
Chef
Docker
Vagrant
GitKubernetes Kubernetes
From Development to Operations
Commodity Hardware
Linux
Libvirt/KVM
Linux Box
Puppet
Docker
Vagrant
Atomic Atomic
Docker Docker Docker DockerO
penStack
Service
OpenS
tackS
ervice
OpenS
tackS
ervice
OpenS
tackS
ervice
Kubernetes
Registry
GitHub
OpenStack
Test/UAT/Prod
Demonstration Time!
Pod
Kubernetes C
luster
Demonstration - Operate
OpenStack
Fedora(Master)
Fedora(Minion)
Docker
kube-scheduler
Glance-A
PI
Registry1. Quick Tour of Kubernetes
2. Deploying a Pod/Service for an OpenStack service
3. Deploying all the OpenStack services
kubectl
Kolla Images
Kolla Images
FedoraWorkstation
kolla.git clone# ./tools/start
kube-api-server
kubelet
kube-proxy
cadvisor
DockerDocker
Glance-
Registry
Keystone
External Connectivity
Multi-Host Networking
Privileged Containers
Run-Time Configuration
Persistent Storage (for Services and Exposing Cinder)
Monitoring
Early Days for Kubernetes
Challenges
https://github.com/docker/docker
https://github.com/GoogleCloudPlatform/kubernetes
https://github.com/projectatomic/
https://github.com/openshift/origin-server
https://blueprints.launchpad.net/kolla/
https://github.com/larsks/heat-kubernetes
Communities
Tuesday November 4 17:30 - 18:10Duffy (Le Meridien)
Read the notes :)
Design Summit Session for Kolla
Slides @ www.allthingsopen.com
Source: http://docs.openstack.org/havana/config-reference/content/under_the_hood_openvswitch.html
Neutron L3 Networking Review
Container A
PID NS
Container B
PID NS
Stock Docker Configuration
NET NS
NET NS
Host
PID NS
NET NS
Container Networking Difficulties
Container
Stock Docker Configuration
Host
tap (eth0)
Linu
x br
idge
(doc
ker0
)veth
vetheth0
/bin/bash
Container Networking Difficulties (2)
Stock Docker Configuration
Host
tap (eth0)
Linu
x br
idge
(doc
ker0
)veth
vetheth0
Container Networking Difficulties (3)
Stock Docker Configuration
Host
tap (eth0)Linu
x br
idge
(doc
ker0
)veth
veth
eth0
tap (eth0)
vethveth
L2 Agent
L3 Agent
Container Networking Difficulties (4)
Stock Docker Configuration
Host
tap (eth0)Linu
x br
idge
(doc
ker0
)veth
veth
eth0
tap (eth0)
vethveth
L2 Agent
L3 Agent
Container Networking Difficulties (4)
Container A
PID NS
Container B
PID NS
Kubernetes Docker Configuration
Host
PID NS
NET NS
Shared Network NS
Kub
erne
tes
Pod
Container Networking Difficulties (5)
Container A
PID NS
Container B
PID NS
Kubernetes Docker Configuration
Host
PID NS
Shared Network NS
Kub
erne
tes
Pod
Linu
x br
idge
(doc
ker0
)tap (eth1)eth0
vethtap (eth0)
veth
veth
veth
Container Networking Difficulties (6)
L2 AgentContainer
neutronl2-agent
L3 AgentContainer(Privileged)
neutronl3-agent
Kubernetes Docker Configuration
Host
PID NS
Shared Network NS
Kub
erne
tes
Net
wor
ker P
od
Linu
x br
idge
(doc
ker0
)tap (eth1)veth
veth
eth0
veth
veth
tap (eth0)
Container Networking Difficulties (7)
“If I had an hour to solve a problem and my life depended on the solution, I would spend the first 55 minutes determining the proper question to ask, for once I know the proper question, I could solve the problem in less than five minutes.”
Albert Einstein