KubeWHAT!?

KubeWHAT!?Using KubeVirt to bring virtual machines to Kubernetes and what it means for OpenStack

Stephen Gordon (@xsgordon)

October 19th, 2017

KUBEWHAT!? - OPENSTACK DAY CANADA 2017

DISCLAIMER

This is not a product pitch, this is R&D.

There be dragons!


WHAT IS KUBEVIRT?

Add-on that extends Kubernetes to support scheduling of VM workloads alongside container workloads.

https://github.com/kubevirt


WHAT IS KUBEVIRT?

● Drops directly into existing Kubernetes Clusters

○ No additional host setup

○ Simple Install

○ Extends kubernetes so VMs can be scheduled alongside Containers

● Ties VMs into Pod Network

● Integrates with other Kubernetes concepts (like Persistent Volumes)

● Manage VMs like Pods


KUBEVIRT IS NOT A CRI IMPLEMENTATION!

● Hypervisor CRI

○ Pod specification is the API

● KubeVirt:

○ Dedicated API

■ Virtual devices

■ Live migration

■ More VM specific needs in the future...

CRI = Container Runtime Interface


KUBEVIRT IS NOT A CRI IMPLEMENTATION!


WHY?

● Migration Path

○ People invested in VMs can migrate to containers and bring VMs with them

● VM Scheduler Convergence

○ OpenStack, oVirt, others, can potentially converge on a common scheduler

● Container Workload Isolation

○ Running untrusted container workloads in a hypervisor

● Infrastructure convergence

○ Moves towards unified infrastructure capable of scheduling all workloads

LET’S POKE IT


DEMO

Pre-requisites:

● kubectl● minikube

$ minikube start --vm-driver kvm --network-plugin cni

$ git clone https://github.com/kubevirt/demo.git

$ cd demo

$ ./run-demo.sh


DEMO (cont.)

● Review what the demo script does.● Dive into each pod’s contents with focus on:

○ Where our storage comes from.○ Where the VMs run.○ The VM pod!

● Consoles and SPICE● Launch a second VM.


TYPICAL WORKFLOW

kind: VirtualMachinemetadata: name: testvmspec: domain: devices: graphics: - type: spice consoles: - type: pty

In case of ERR_DEMO_NO_WORKIE

Typical Pod commands:● kubectl create -f mypodspec.yaml● kubectl delete mypod● kubectl exec mypod -it /bin/bash

Typical VirtualMachine commands:● kubectl create -f myvmspec.yaml ● kubectl delete testvm● kubectl plugin virt console testvm● kubectl plugin virt spice testvm

WHERE DOES OPENSTACK FIT?


WHERE DOES OPENSTACK FIT?

● Infrastructure provisioning capabilities and back-end ecosystem:○ Bare-metal○ Networking○ Storage

● Standardized APIs and management/operational ecosystem:○ Clients○ Orchestrators○ Cloud Management Platforms


WHAT IS DICOT?

Building a path towards using KubeVirt to manage virtual machines while supporting existing user investments in OpenStack APIs.

https://dicot-project.github.io/about


POTENTIAL APPROACHES

● Nova virt driver for KubeVirt○ Simplest option evaluated.○ Similar to approach of Nova vCenter driver, single Nova instance is in fact a cluster.○ Limits convergence opportunities somewhat.

● OpenStack compatible API for KubeVirt○ Fuller convergence model, esp. in terms of base requirements.○ Potential long “string” of APIs required beyond core to run VMs.○ Potential to still use full OpenStack services as backends where supported (e.g. volumes,

networks, etc.)

● Other approaches considered but discarded incl. via Cell, direct RPC.


DIAGRAM: NOVA VIRT DRIVER FOR KUBEVIRT


DIAGRAM: OPENSTACK COMPATIBLE API


INTERESTED IN COLLABORATING?

Join us in the Virtualized Workloads Saloon at KubeCon NA in Austin TX!

KubeVirt● GitHub:

○ https://github.com/kubevirt/kubevirt● Mailing List:

○ https://groups.google.com/forum/#!forum/kubevirt-dev● IRC:

○ #kubevirt on irc.freenode.net

Dicot● GitHub:

○ https://github.com/dicot-project/

Slides will be posted, look for a link from @xsgordon on Twitter.

THANK YOUplus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHatNews

Technology

KubeWHAT!?