May 15th, 2014Practical Docker for OpenStack

Better! Faster! Stronger! Better! Faster! Stronger!

How are we using it? I Image iteration Integration

All the things. Compute

Docker Docker Key element of the Solum data plane

Applying Heat Orchestration for Docker API

Heat Resource DockerInc::Docker ::Container

Heat Workow Heat API VM Docker NovaNova resource Docker resource Container1 Container2 Container3 HOT

Installing the plugin git clone https://github.com/openstack/heat ln -sf $PWD/heat/heat/contrib/docker/plugin; /usr/lib/heat/docker" echo plugin_dirs=$PWD/heat/heat/contrib/docker/ plugin >> /etc/heat/heat.conf

Heat: Cirros heat_template_version: 2013-05-23 description: Single compute instance running cirros in a Docker container. resources: my_instance: type: OS::Nova::Server properties: key_name: ewindisch_key image: ubuntu-precise flavor: m1.large user_data: #include https://get.docker.io my_docker_container: type: DockerInc::Docker::Container docker_endpoint: { get_attr: [my_instance, first_address] } image: cirros

Heat: Dockenstack heat_template_version: 2013-05-23 description: Single compute instance running Tempest resources: my_instance: type: OS::Nova::Server properties: key_name: ewindisch_key image: ubuntu-precise flavor: m1.large user_data: #include https://get.docker.io my_docker_container: type: DockerInc::Docker::Container properties: docker_endpoint: { get_attr: [my_instance, first_address] } image: dockenstack privileged: true cmd: /opt/dockenstack/bin/tempest

heat_template_version: 2013-05-23 description: Two containers, one host with shared volumes resources: my_instance: type: OS::Nova::Server properties: key_name: ewindisch_key image: ubuntu-precise flavor: m1.large user_data: #include https://get.docker.io ftp_container: type: DockerInc::Docker::Container properties: docker_endpoint: { get_attr: [my_instance, first_address] } image: mikz/vsftpd ports: [ 21:21 ] volumes: [ /ftp ] name: FTP apache_container: type: DockerInc::Docker::Container properties: docker_endpoint: { get_attr: [my_instance, first_address] } image: fedora/apache ports: [ 80:80 ] volumes-from: FTP cmd: rm -rf /var/www; ln -s /ftp /var/www; /run-apache.sh

Docker plugin for Nova Compute Integration

Awesome People Derek Higgins (RedHat) Ian Main (RedHat) Paul Czarkowski (Rackspace) Daniel Kuner Julien Vey (Numergy) Aaron Rosen (Nicera) Pedro R Marques (Juniper) Sam Alba (Docker)

What? Enables control of Docker via OpenStack: Nova API Horizon UI Supports: launch terminate reboot serial console snapshot glance Neutron! https://wiki.openstack.org/wiki/ HypervisorSupportMatrix

Networking Nova Network

Not supported.! (yet) Cinder Volumes Suspend/resume Pause/unpause Live-migration (patches welcome!)

Nova+Docker! Architecture Overview

Image Management docker-registry is a proxy ! users can upload through docker- registry or to glance directly ! docker pulls images through the docker-registry proxy

Glance isnt really needed (or desirable?) But its def-core

Nova doesnt Link container networks Pass environment variables Specify working directories Create docker-volumes Share docker-volumes between containers Arbitrary commands Arbitrary command-arguments We need container extensions!

$ nova boot --avor 1 --image cedef40a-ed67-4d10-800e-17455edce175 --hint same_host=a0cf03a5-d921-4877-bb5c-86d26cf818e1 Anity

Should you be using Heat?

Closer to the Docker workow Hybrid-cloud compatible Scheduled by backing cloud Microservices-friendly Integration with other services Nova features (quota, auth, etc) Abstraction layer for other hypervisors Integrated scheduling Heat vs Nova! Comparison

dockenstack a solution for OpenStack development & testing

Testing

Host VM Linux VM Vagrant (or other VM devstack environment)

! nested

Where container == host; for all practical purposes Host VM Linux VM Host Container Linux VM Vagrant (or other VM devstack environment) Dockenstack

Using Docker with the OpenStack Compute plugin

Install the plugin mkdir git-co; cd git-co" git clone https://github.com/stackforge/nova-docker" cd nova-driver" python setup.py install

Congure Nova Set in nova.conf:" compute_driver=novadocker.virt.docker.DockerDriver"

Run a registry docker run -d -p ${DOCKER_REGISTRY_PORT}:5000 -e SETTINGS_FLAVOR=openstack -e OS_USERNAME=${OS_USERNAME} -e OS_PASSWORD=${OS_PASSWORD} -e OS_TENANT_NAME=${OS_TENANT_NAME} -e OS_GLANCE_URL="${SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}" -e OS_AUTH_URL=${OS_AUTH_URL} registry ./docker-registry/run.sh

docker pull cirros" docker tag cirros 10.0.0.1:5000/cirros" docker push 10.0.0.1:5000/cirros Putting an image into your repository

nova boot

Q & A http://youtu.be/GQiQMJe6G2g vBrownBag on using Dockenstack for testing the Nova driver: