Kolla - containerizing the cloud itself
-
Upload
michal-rostecki -
Category
Technology
-
view
421 -
download
1
Transcript of Kolla - containerizing the cloud itself
Copyright © 2015 Mirantis, Inc. All rights reserved
www.mirantis.com
Kolla Containerizing the cloud itself
Michał Rostecki | OpenStack Software [email protected]
Copyright © 2015 Mirantis, Inc. All rights reserved
What is LXC (Linux Containers)?
LXC is isolation of Linux systems which separates resources, filesystem, network namespace, but shares the common kernel.It’s based on cgroups which is kernel’s feature to limit resources for processes.It’s much more lightweight than virtualization.
Copyright © 2015 Mirantis, Inc. All rights reserved
What is Docker?
Docker is a RESTful API for containerization technologies. One of them (and the main one) is LXC.It provides layers for containers to utilize disk space when different containers have a common base.
Copyright © 2015 Mirantis, Inc. All rights reserved
Problems that Docker solves
● Separation of applications which share common libraries in different versions
● Upgradability of software● “It worked on my machine”● Possible differences in deployments due to i.e. packages
installation in different time
Copyright © 2015 Mirantis, Inc. All rights reserved
Typical Docker application
Cloud
Developer’s machine
Application
Database
Application
Message queue
Database
Other app
Message queue
Copyright © 2015 Mirantis, Inc. All rights reserved
But… what’s the cloud?
Cloud consists of a lot of hardware and a complicated software which manages:● Virtual machines● Block or objective storage● Networking● Bare metal hardware● Containers (running both on VM-s and bare metal)
Copyright © 2015 Mirantis, Inc. All rights reserved
OpenStack architecture
Copyright © 2015 Mirantis, Inc. All rights reserved
Problems of OpenStack
● Separation of OpenStack components which share common libraries in different versions
● Upgradability of OpenStack● “It worked on my devstack”, “It worked on my test env”● Possible differences in deployments due to i.e. packages
installation in different timeAlmost the same like for “usual” applications, but in much bigger scale!
Copyright © 2015 Mirantis, Inc. All rights reserved
Docker solves them too!
That’s why Kolla project was created.It provides Docker images with different OpenStack services.
Copyright © 2015 Mirantis, Inc. All rights reserved
What we containerized
● MariaDB● RabbitMQ● Ceph● Openvswitch● Memcached
● Keystone● Glance● Nova● Cinder● Swift● Heat● Horizon
Copyright © 2015 Mirantis, Inc. All rights reserved
Components of Kolla
● Docker images templates and builder - which supports different Linux distributions (RH family and Debian family) and types of OpenStack installation (from binary packages or source)
● Ansible playbooks and modules, which generate config files and deploy containers
Copyright © 2015 Mirantis, Inc. All rights reserved
Development in progress
● “Docker in Docker” - for testing multinode Kolla deployments using only Docker, without VM-s
● Running OpenStack on Mesos - orchestration/scheduling service for containers
● Storing OpenStack services configuration in ZooKeeper
Copyright © 2015 Mirantis, Inc. All rights reserved
Technologies
● Docker● Python
● docker-py● Jinja2● Ansible modules
● Ansible● ZooKeeper● Mesos● Pecan
Copyright © 2015 Mirantis, Inc. All rights reserved
docker-py
Docker-py is a Python client for Docker API.Used by us for building Docker images.
Copyright © 2015 Mirantis, Inc. All rights reserved
Jinja2
Jinja2 is a templating engine for Python, which provides environment (variables), forloops, “if” conditionals, blocks, inheritance etc. into text files.Mostly known by Flask (it’s a integrated part of it).Commonly used in the other lightweight frameworks (often as a standalone lib).
Copyright © 2015 Mirantis, Inc. All rights reserved
Ansible
Ansible is a configuration and orchestration system which can deploy any kind of software. It uses SSH to connect to the servers (it’s agentless).It has module to run Docker containers on deployed hosts.It’s written in Python and supports Python-based modules.
Copyright © 2015 Mirantis, Inc. All rights reserved
ZooKeeper
ZooKeeper is a key-value store used for keeping the configuration of high-available services.
Copyright © 2015 Mirantis, Inc. All rights reserved
Mesos
Mesos is the container orchestration and scheduling service.It can isolate applications by Docker or “vanilla” cgroups.Exposes its API to users by frameworks. The main one is Marathon, but Kubernetes is also supported as a framework.
Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan
Pecan is a lightweight web framework. Based on WebOb. Provides Mako templates.Mostly used framework in OpenStack API-s. OpenStack doesn’t use Pecan’s (Mako) templating - there are only JSON views.
Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flask● you have to use “app”
object in every view or plugin - risk of circular imports
● you have to define routing “by hand”, with string
Pecan● you define “app” with
config once on server running and don’t use it anymore
● routing is discovered dynamically
Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flaskapp.py
import flask
app = flask.Flask(__name__)
views.py
import flask
import app
@app.route(“/foo”):
flask.jsonify(foo=’bar’)
Pecanapp.py
import pecan
app = pecan.make_app(
‘controllers.RootController’)
controllers.py
class RootController(object):
foo = FooController()
[...]
Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Pecan has an app object with root controller defined. App object is not needed to be called anywhere. Other controllers are defined as attributes of the root one.
app RootController/
FooController/foo
Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flask has an app object which has to be used as a decorator of every view and plugin.
app
root_view/
foo_view/foo
Copyright © 2015 Mirantis, Inc. All rights reserved
Contributors
Kolla is one of the most diverse OpenStack project in terms of companies.
Copyright © 2015 Mirantis, Inc. All rights reserved
Contributors
Copyright © 2015 Mirantis, Inc. All rights reserved
Why OpenStack is needed here?
Why cannot be use Mesos without OpenStack? We need just containers!
Copyright © 2015 Mirantis, Inc. All rights reserved
Why OpenStack is needed here?
The answer is networking and its isolation, which is not present in Mesos and Docker itself, but is in OpenStack:● Currently - OpenStack can separate containers by putting
them into different VM-s or bare metal servers, which have different networks.
● In near future - OpenStack’s project Kuryr will bring virtualized networking directly to Docker containers.
Copyright © 2015 Mirantis, Inc. All rights reserved
Q&A
Thank you for your attention