More Related Content Similar to Kolla - containerizing the cloud itself (20) Kolla - containerizing the cloud itself1. Copyright © 2015 Mirantis, Inc. All rights reserved
www.mirantis.com
Kolla
Containerizing the cloud itself
Michał Rostecki | OpenStack Software Engineer
mrostecki@mirantis.com
2. Copyright © 2015 Mirantis, Inc. All rights reserved
What is LXC (Linux Containers)?
LXC is isolation of Linux systems which separates resources,
filesystem, network namespace, but shares the common
kernel.
It’s based on cgroups which is kernel’s feature to limit
resources for processes.
It’s much more lightweight than virtualization.
3. Copyright © 2015 Mirantis, Inc. All rights reserved
What is Docker?
Docker is a RESTful API for containerization technologies.
One of them (and the main one) is LXC.
It provides layers for containers to utilize disk space when
different containers have a common base.
4. Copyright © 2015 Mirantis, Inc. All rights reserved
Problems that Docker solves
● Separation of applications which share common libraries
in different versions
● Upgradability of software
● “It worked on my machine”
● Possible differences in deployments due to i.e. packages
installation in different time
5. Copyright © 2015 Mirantis, Inc. All rights reserved
Typical Docker application
Cloud
Developer’s machine
Application
Database
Application
Message
queue
Database
Other app
Message
queue
6. Copyright © 2015 Mirantis, Inc. All rights reserved
But… what’s the cloud?
Cloud consists of a lot of hardware and a complicated
software which manages:
● Virtual machines
● Block or objective storage
● Networking
● Bare metal hardware
● Containers (running both on VM-s and bare metal)
8. Copyright © 2015 Mirantis, Inc. All rights reserved
Problems of OpenStack
● Separation of OpenStack components which share
common libraries in different versions
● Upgradability of OpenStack
● “It worked on my devstack”, “It worked on my test env”
● Possible differences in deployments due to i.e. packages
installation in different time
Almost the same like for “usual” applications, but in much
bigger scale!
9. Copyright © 2015 Mirantis, Inc. All rights reserved
Docker solves them too!
That’s why Kolla project was created.
It provides Docker images with different OpenStack services.
10. Copyright © 2015 Mirantis, Inc. All rights reserved
What we containerized
● MariaDB
● RabbitMQ
● Ceph
● Openvswitch
● Memcached
● Keystone
● Glance
● Nova
● Cinder
● Swift
● Heat
● Horizon
11. Copyright © 2015 Mirantis, Inc. All rights reserved
Components of Kolla
● Docker images templates and builder - which supports
different Linux distributions (RH family and Debian
family) and types of OpenStack installation (from binary
packages or source)
● Ansible playbooks and modules, which generate config
files and deploy containers
12. Copyright © 2015 Mirantis, Inc. All rights reserved
Development in progress
● “Docker in Docker” - for testing multinode Kolla
deployments using only Docker, without VM-s
● Running OpenStack on Mesos - orchestration/scheduling
service for containers
● Storing OpenStack services configuration in ZooKeeper
13. Copyright © 2015 Mirantis, Inc. All rights reserved
Technologies
● Docker
● Python
● docker-py
● Jinja2
● Ansible modules
● Ansible
● ZooKeeper
● Mesos
● Pecan
14. Copyright © 2015 Mirantis, Inc. All rights reserved
docker-py
Docker-py is a Python client for Docker API.
Used by us for building Docker images.
15. Copyright © 2015 Mirantis, Inc. All rights reserved
Jinja2
Jinja2 is a templating engine for Python, which provides
environment (variables), forloops, “if” conditionals, blocks,
inheritance etc. into text files.
Mostly known by Flask (it’s a integrated part of it).
Commonly used in the other lightweight frameworks (often
as a standalone lib).
16. Copyright © 2015 Mirantis, Inc. All rights reserved
Ansible
Ansible is a configuration and orchestration system which
can deploy any kind of software. It uses SSH to connect to
the servers (it’s agentless).
It has module to run Docker containers on deployed hosts.
It’s written in Python and supports Python-based modules.
17. Copyright © 2015 Mirantis, Inc. All rights reserved
ZooKeeper
ZooKeeper is a key-value store used for keeping the
configuration of high-available services.
18. Copyright © 2015 Mirantis, Inc. All rights reserved
Mesos
Mesos is the container orchestration and scheduling service.
It can isolate applications by Docker or “vanilla” cgroups.
Exposes its API to users by frameworks. The main one is
Marathon, but Kubernetes is also supported as a framework.
19. Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan
Pecan is a lightweight web framework. Based on WebOb.
Provides Mako templates.
Mostly used framework in OpenStack API-s. OpenStack doesn’
t use Pecan’s (Mako) templating - there are only JSON views.
20. Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flask
● you have to use “app”
object in every view or
plugin - risk of circular
imports
● you have to define
routing “by hand”, with
string
Pecan
● you define “app” with
config once on server
running and don’t use it
anymore
● routing is discovered
dynamically
21. Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flask
app.py
import flask
app = flask.Flask(__name__)
views.py
import flask
import app
@app.route(“/foo”):
flask.jsonify(foo=’bar’)
Pecan
app.py
import pecan
app = pecan.make_app(
‘controllers.RootController’)
controllers.py
class RootController(object):
foo = FooController()
[...]
22. Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Pecan has an app object with root controller defined. App
object is not needed to be called anywhere. Other controllers
are defined as attributes of the root one.
app
RootController
/
FooController
/foo
23. Copyright © 2015 Mirantis, Inc. All rights reserved
Pecan vs Flask
Flask has an app object which has to be used as a decorator
of every view and plugin.
app
root_view
/
foo_view
/foo
24. Copyright © 2015 Mirantis, Inc. All rights reserved
Contributors
Kolla is one of the most diverse OpenStack project in terms
of companies.
26. Copyright © 2015 Mirantis, Inc. All rights reserved
Why OpenStack is needed here?
Why cannot be use Mesos without OpenStack? We need just
containers!
27. Copyright © 2015 Mirantis, Inc. All rights reserved
Why OpenStack is needed here?
The answer is networking and its isolation, which is not
present in Mesos and Docker itself, but is in OpenStack:
● Currently - OpenStack can separate containers by putting
them into different VM-s or bare metal servers, which
have different networks.
● In near future - OpenStack’s project Kuryr will bring
virtualized networking directly to Docker containers.
28. Copyright © 2015 Mirantis, Inc. All rights reserved
Q&A
Thank you for your attention