docker openstack - 3/27/2014

24
Docker & March 27th, 2014

Upload: eric-windisch

Post on 07-May-2015

947 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: Docker OpenStack - 3/27/2014

Docker &

March 27th, 2014

Page 2: Docker OpenStack - 3/27/2014

What?

Compute

Page 3: Docker OpenStack - 3/27/2014

Why Docker?!(an incomplete list)

• Compatibility with Docker images (if standardizing or desiring cross-cloud compat.)

• Dockerfiles provide flexible, repeatable image building

• Global, multi-cloud image registry

• Layered images / builds

• Completeness of vision

Page 4: Docker OpenStack - 3/27/2014

Five major use cases

• Alternative form of virtualization for multi-tenant services!• Continuous Integration/Continuous Delivery:!

• Go from developer’s laptop, through automated test, to production, and through scaling without modification!

• Scale-out/Big Data:!• Rapidly scale same application across hundreds or thousands of servers…and scale

down as rapidly!

• Cross Cloud Deployment!• Move the same application across multiple clouds (public, private, or hybrid) without

modification or noticeable delay!

• Resource and Security Isolation:!• Docker simplifies the separation of security concerns. Multiple processes of the same

“application” may run on a host, linked together, sharing resources but within separate security contexts (SeLinux labels, Linux capabilities, Cgroups, etc)

Page 5: Docker OpenStack - 3/27/2014

Demo at OpenStack Summit HK

• Application Containerized from Source!• Application Goes Through Development Testing!• Push from laptop to Rackspace Cloud!

• No downtime or modification required!

• Push from Rackspace to Digital Ocean!• No downtime or modification required!

• Push from Digital Ocean to OpenStack Cluster!• No downtime or modification require!• Provision via Horizon – Native Havana Nova Integration

http://bit.ly/KQyIZC

Watch: Write Once and REALLY Run Anywhere with OpenStack and Docker

Page 6: Docker OpenStack - 3/27/2014

3URV��&RQV1RYD�GULYHU +HDW�SOXJLQ

,QWHJUDWLRQ�ZLWK�RWKHU�VHUYLFHV

1RYD�IHDWXUHV��TXRWD��DXWK��HWF����

$EVWUDFWLRQ�OD\HU�IRU�RWKHU�K\SHUYLVRU

&ORVHU�WR�WKH�'RFNHU�ZRUNIORZ

(DVLHU�PDLQWHQDQFH�RYHU�WLPH

(DVLHU�GHSOR\PHQW

䚉 %RWK�DSSURDFKHV�DUH�VLPSO\�GLIIHUHQW

䚉 2QH�GRHV�QRW�UHSODFH�WKH�RWKHU�

Closer to the Docker workflow

Hybrid-cloud compatible

Scheduled by backing cloud

Integration with other services

Nova features (quota, auth, etc…)

Abstraction layer for other hypervisors

Integrated scheduling

Heat vs Nova!Comparison

Page 7: Docker OpenStack - 3/27/2014

Project

SOLUM“Convert code into a managed application running

on an OpenStack cloud at the push of a button.”

FROM CODE TO MANAGED APP

Page 8: Docker OpenStack - 3/27/2014

Docker Docker

Key element of the Solum data plane

Page 9: Docker OpenStack - 3/27/2014

Compute IntegrationDocker plugin for Nova

Page 10: Docker OpenStack - 3/27/2014

What?Enables control of Docker via OpenStack:

• Nova API • Horizon UI

Supports: • launch • terminate • reboot • serial console • snapshot • glance

https://wiki.openstack.org/wiki/HypervisorSupportMatrix

Page 11: Docker OpenStack - 3/27/2014

Not supported.!(yet)

Neutron

Cinder Volumes

Suspend/resume

Pause/unpause

(patches welcome!)

Page 12: Docker OpenStack - 3/27/2014

Image Management

docker-registry is a proxy !

users can upload through docker-registry or to glance directly

!docker pulls images through the

docker-registry proxy

Page 13: Docker OpenStack - 3/27/2014

Nova+Docker!Architecture Overview

Page 14: Docker OpenStack - 3/27/2014

Testing

Page 15: Docker OpenStack - 3/27/2014

Applying HeatOrchestration for Docker API

Page 16: Docker OpenStack - 3/27/2014

7KH�'RFNHU�SOXJLQ�IRU�+HDW%\�XVLQJ�WKH�SOXJLQ��+HDW�FDQ�WDON�GLUHFWO\�WR�'RFNHU

Heat Resource

Page 17: Docker OpenStack - 3/27/2014

Heat Workflow

Heat API

VM

Docker

NovaNova resource

Docker resource

Container1

Container2

Container3

HOT

Page 18: Docker OpenStack - 3/27/2014

Heat Templateheat_template_version: 2013-05-23 description: Single compute instance running cirros in a Docker container. resources: my_instance: type: OS::Nova::Server properties: key_name: ewindisch_key image: ubuntu-precise flavor: m1.large user_data: #include https://get.docker.io my_docker_container: type: OS::Heat::Docker docker_endpoint: { get_attr: [my_instance, first_address] } image: cirros

Page 19: Docker OpenStack - 3/27/2014

dockenstackan alternative to vagrant/vms for devstack

Page 20: Docker OpenStack - 3/27/2014

! nested

Page 21: Docker OpenStack - 3/27/2014

Where container == host; for all practical purposes

Host

VM

Linux

VM

Host

Container

Linux

VM

Vagrant(or other VM devstack environment) Dockenstack

Page 22: Docker OpenStack - 3/27/2014

Pre-cached resources• Pre-installed all ‘pip’ requirements

• Checkout of all git repositories

• All required ubuntu packages installed, or downloaded (in the case of non-prime packages)

• Each are ‘freshened’ on boot with updates so the pre-caching has no negative effect.

The image arrives prepared…

Page 23: Docker OpenStack - 3/27/2014

Negatives of dockenstack…

• No RHEL / SuSe / Fedora support (yet)

• Only tested with LXC and Docker virt drivers, but shouldn’t have problems with other drivers.

Page 24: Docker OpenStack - 3/27/2014

Q & A