SlideShare a Scribd company logo

Joint OpenStack Kubernetes Environment (preview)

rhirschfeld
rhirschfeld

CHECK OUT THE MARCH 17 UPDATE > https://www.slideshare.net/rhirschfeld/joint-openstack-kubernetes-environment-march-17-update/ Presented as a preview of my OpenStack BCN presentation of the same title at the Bay Area Meetup (https://www.meetup.com/openstack/events/234490087/) See the updated version at the OpenStack summit here: http://www.slideshare.net/rhirschfeld/joint-openstack-kubernetes-environment-openstack-summit

Software
1 of 17
Download to read offline
Will it blend? A Joint OpenStack Kubernetes Environment A pragmatic operational assessment of if and when Kubernetes can become an underlay for OpenStack.
TL;DR: Not today. In the future, yes.
Rob Hirschfeld (aka Zehicle online) In Community: OpenStack Board Member (4 years) Co-Chair of Kubernetes Cluster Ops SIG Founder of Digital Rebar & Crowbar Projects Professional: CEO of RackN - hybrid automation software Executive at Dell - scale data center ops Cloud Data Center Ops going back to 1999
What is Kubernetes? Container Orchestration / Container Scheduler API driven to provide restart, placement, network routing and life-cycle For Applications designed for Kubernetes Key Design Elements: Immutable Infrastructure (stateless ops) 12 Factor Configuration Service Oriented
Platform: Three Tier Application Client 0 Ready 1 Prereq 2 Control 3 Nodes etcd (cluster) etcd (cluster) etcd (cluster) API (cluster) API (cluster) API (cluster) Kubelet KubeCtl Container Manager 5 Apps Network CNI Host Network Host Storage Host Init Pod Pod Pod Pod 4 Add-Ons Certificate Authority Scheduler (leader) Heapster Infrastructure APIs Routers, Storage, LBs... Proxy ... Controller (leader) DNS Watcher ...
Together 4ever: API server + Kubelet Client 0 Ready 1 Prereq 2 Control 3 Nodes etcd (cluster) etcd (cluster) etcd (cluster) API (cluster) API (cluster) API (cluster) Kubelet KubeCtl Container Manager 5 Apps Network CNI Host Network Host Storage Host Init Pod Pod Pod Pod 4 Add-Ons Certificate Authority Scheduler (leader) Heapster Infrastructure APIs Routers, Storage, LBs... Proxy ... Controller (leader) DNS Watcher ...
Who Cares? Operators! Operational Success is Essential to Project Success Operators are not developers! Simple, Transparent and Stable are key concerns Becoming a super-user of the platform should not be required to run it Scale & Upgradability has both internal and external drivers Generally, Kubernetes has good operational fundamentals
First: We’re Confusing Technical and Marketing Marketing around Kubernetes under OpenStack is a “hot mess” ● People heard “Kubernetes is stable, OpenStack is not” ● Further confuses “OpenStack one platform message” Who is promoting doing this? Mirantis / CoreOS / Intel / Google Confusion with the Plain Old Container Install (“POCI”) message ● Canonical (Ubuntu Cloud Install), ● Rackspace (OpenStack Ansible) ● Cisco (Kolla)
We’re Talking Underlay, not Overlay We’re talking about installing Kubernetes first (aka underlay) and using it to manage the OpenStack control plane. This approach is not a win if we ● Disable Kubernetes management ● Still need outside management tooling For now, we’ll ignore that our user may actually want to use Kubernetes as the overlay. IMHO, a bad assumption. Physical Infrastructure Kubernetes Underlay OpenStack Kubernetes Overlay Here! Simplest conception of the K8s OpenStack Sandwich
Second: Why I’m scared This discussion keep kicking the operations & install problems down the field Kubernetes is much newer than OpenStack, so even less understood Yet more complexity and some very basic questions: ● Now we have a both a Kubernetes and OpenStack upgrade problem ● We still need tooling to manage OpenStack in Kubernetes ● We still need someone to package the containers ● Relies on Docker to keep systems running ● Storage and Networking are still being worked out
But, it’s going to happen anyway...
Key Principle: Containerization vs Kubernetes Containers can be treated as a) lightweight vms or 2) packaged daemon sets. ● Canonical builds their containers like persistent vms and configures with Juju ● Kolla & OSA treats containers as packaging and configures with Ansible Kubernetes accepts neither approach – they expect containers to be immutable and 12 factor configured ● Kubernetes manages the full container life-cycle ● Containers need to be able to handle being added, removed ● Services need to be able to handle IP address changes (or use DNS names)
Specific Technical Barriers Host / Pinned vs Managed Containers ● It is possible to disable Kubernetes management and pin containers ● This eliminates the desired benefit of using Kubernetes How to handle Layered SDN integrations? Who wins? How to handle expectations of container persistence? Assumptions of Exclusive Ownership / Administrative Control
General Challenges to Overcome Complexity ● Overall Complexity of More Components ● Need to Control Kubernetes & Kubernetes Stability ● Need for Multiple Tiers of Load Balancer ● IP Mobility in Service Registration & Message Bus ● Mixed Networking Models ● Utility Upgrades and maintenance of the Underlay ● Mixing Kubernetes workloads Networking Utility
There are REAL Potential Benefits Part of Kubernetes Ecosystem (which is likely bigger than OpenStack’s) Leverage Docker packaging efforts and reduce Python & O/S dependencies Upgrades would benefit from Kubernetes built-in processes Use of the Kubernetes job scheduler for maintenance “Free” fault tolerance of key components Easier install if Kubernetes already running on-site More constrained options for configuration and operation
How could this actually be done quickly? Focus on Control plane, leave the nodes alone. ● Workers are “pinned” and agents need administrative control Cherry pick services to move into Kubernetes ● Focus on web services ● Separate support services (data & message bus) Externalize data using service registry Physical Infrastructure Kubernetes Underlay OpenStack Mgmt OpenStack Nodes SupportServices Make sure OpenStack Projects can handle immutable container requirements
In summary, OpenStack operability is not solved via the underlay platform alone. Technical Leadership motivation required for OpenStack adopting Kubernetes architecture requirements. Serious messaging confusion in effort has to be resolved. However, this collaboration is required for OpenStack Because Kubernetes will have a larger footprint in Operations

Recommended

Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)rhirschfeld
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)rhirschfeld
 
Adopting Kubernetes with Puppet
Adopting Kubernetes with PuppetAdopting Kubernetes with Puppet
Adopting Kubernetes with PuppetPuppet
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!rhirschfeld
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragconrhirschfeld
 
Tebmàtica número 14
Tebmàtica número 14Tebmàtica número 14
Tebmàtica número 14Pepa Muñoz
 
Understanding OpenStack Deployments - PuppetConf 2014
Understanding OpenStack Deployments - PuppetConf 2014Understanding OpenStack Deployments - PuppetConf 2014
Understanding OpenStack Deployments - PuppetConf 2014Puppet
 
Highlights of OpenStack Mitaka and the OpenStack Summit
Highlights of OpenStack Mitaka and the OpenStack SummitHighlights of OpenStack Mitaka and the OpenStack Summit
Highlights of OpenStack Mitaka and the OpenStack SummitCloud Standards Customer Council
 

Recommended

Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)rhirschfeld
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)rhirschfeld
 
Adopting Kubernetes with Puppet
Adopting Kubernetes with PuppetAdopting Kubernetes with Puppet
Adopting Kubernetes with PuppetPuppet
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!rhirschfeld
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragconrhirschfeld
 
Tebmàtica número 14
Tebmàtica número 14Tebmàtica número 14
Tebmàtica número 14Pepa Muñoz
 
Understanding OpenStack Deployments - PuppetConf 2014
Understanding OpenStack Deployments - PuppetConf 2014Understanding OpenStack Deployments - PuppetConf 2014
Understanding OpenStack Deployments - PuppetConf 2014Puppet
 
Highlights of OpenStack Mitaka and the OpenStack Summit
Highlights of OpenStack Mitaka and the OpenStack SummitHighlights of OpenStack Mitaka and the OpenStack Summit
Highlights of OpenStack Mitaka and the OpenStack SummitCloud Standards Customer Council
 
Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackAnimesh Singh
 
Colleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStackColleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStackPuppet
 
From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture Claude Riousset
 
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...Daniel Krook
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017rhirschfeld
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introductionVictor Zhang
 
OpenStack Automation Overview
OpenStack Automation OverviewOpenStack Automation Overview
OpenStack Automation OverviewDmitri Zimine
 
Automated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStackAutomated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStackAnimesh Singh
 
Fuel, Puppet and OpenStack
Fuel, Puppet and OpenStackFuel, Puppet and OpenStack
Fuel, Puppet and OpenStackaedocw
 
OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)Jimi Chen
 
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetupCloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetupKrishna-Kumar
 
Resume Shavez Hasan (1)
Resume Shavez Hasan (1)Resume Shavez Hasan (1)
Resume Shavez Hasan (1)Shavez Mirza
 
DailyTranslate Brochure
DailyTranslate BrochureDailyTranslate Brochure
DailyTranslate BrochureBilavschi Justin
 
PerfUG 3 - perfs système
PerfUG 3 - perfs systèmePerfUG 3 - perfs système
PerfUG 3 - perfs systèmeLudovic Piot
 
Openstack benelux 2015
Openstack benelux 2015Openstack benelux 2015
Openstack benelux 2015Microsoft
 
Dev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leasewebDev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leasewebMicrosoft
 
Corredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola CreoleCorredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola Creoleguesta96e92
 
What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovationrhirschfeld
 
Kubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch KubernetesKubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch Kubernetesrhirschfeld
 
#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWrhirschfeld
 

More Related Content

Viewers also liked

Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackAnimesh Singh
 
Colleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStackColleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStackPuppet
 
From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture Claude Riousset
 
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...Daniel Krook
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017rhirschfeld
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introductionVictor Zhang
 
OpenStack Automation Overview
OpenStack Automation OverviewOpenStack Automation Overview
OpenStack Automation OverviewDmitri Zimine
 
Automated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStackAutomated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStackAnimesh Singh
 
Fuel, Puppet and OpenStack
Fuel, Puppet and OpenStackFuel, Puppet and OpenStack
Fuel, Puppet and OpenStackaedocw
 
OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)Jimi Chen
 
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetupCloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetupKrishna-Kumar
 
Resume Shavez Hasan (1)
Resume Shavez Hasan (1)Resume Shavez Hasan (1)
Resume Shavez Hasan (1)Shavez Mirza
 
PerfUG 3 - perfs système
PerfUG 3 - perfs systèmePerfUG 3 - perfs système
PerfUG 3 - perfs systèmeLudovic Piot
 
Openstack benelux 2015
Openstack benelux 2015Openstack benelux 2015
Openstack benelux 2015Microsoft
 
Dev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leasewebDev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leasewebMicrosoft
 
Corredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola CreoleCorredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola Creoleguesta96e92
 

Viewers also liked (17)

Cloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStackCloud Foundry BOSH CPI for OpenStack
Cloud Foundry BOSH CPI for OpenStack
 
Colleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStackColleen Murphy: Puppet and OpenStack
Colleen Murphy: Puppet and OpenStack
 
From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture From OpenStack.... towards an Open cloud architecture
From OpenStack.... towards an Open cloud architecture
 
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
Open Container Technologies and OpenStack - Sorting Through Kubernetes, the O...
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017
 
OpenStack Murano introduction
OpenStack Murano introductionOpenStack Murano introduction
OpenStack Murano introduction
 
OpenStack Automation Overview
OpenStack Automation OverviewOpenStack Automation Overview
OpenStack Automation Overview
 
Automated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStackAutomated Lifecycle Management - CloudFoundry on OpenStack
Automated Lifecycle Management - CloudFoundry on OpenStack
 
Fuel, Puppet and OpenStack
Fuel, Puppet and OpenStackFuel, Puppet and OpenStack
Fuel, Puppet and OpenStack
 
OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)OpenStack Orchestration (Heat)
OpenStack Orchestration (Heat)
 
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetupCloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
Cloud foundry integration-with-openstack-and-docker-bangalorecf-meetup
 
Resume Shavez Hasan (1)
Resume Shavez Hasan (1)Resume Shavez Hasan (1)
Resume Shavez Hasan (1)
 
DailyTranslate Brochure
DailyTranslate BrochureDailyTranslate Brochure
DailyTranslate Brochure
 
PerfUG 3 - perfs système
PerfUG 3 - perfs systèmePerfUG 3 - perfs système
PerfUG 3 - perfs système
 
Openstack benelux 2015
Openstack benelux 2015Openstack benelux 2015
Openstack benelux 2015
 
Dev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leasewebDev opsmeetup sept2013-leaseweb
Dev opsmeetup sept2013-leaseweb
 
Corredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola CreoleCorredor Norte De La Isla Hispaniola Creole
Corredor Norte De La Isla Hispaniola Creole
 

More from rhirschfeld

What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovationrhirschfeld
 
Kubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch KubernetesKubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch Kubernetesrhirschfeld
 
#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWrhirschfeld
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]rhirschfeld
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentationrhirschfeld
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)rhirschfeld
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Presorhirschfeld
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructurerhirschfeld
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Sourcerhirschfeld
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructurerhirschfeld
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructurerhirschfeld
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructurerhirschfeld
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!rhirschfeld
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gaprhirschfeld
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentationrhirschfeld
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way downrhirschfeld
 
Kubernetes in 15 minutes
Kubernetes in 15 minutesKubernetes in 15 minutes
Kubernetes in 15 minutesrhirschfeld
 
Functional Ops - the cake is a lie
Functional Ops - the cake is a lieFunctional Ops - the cake is a lie
Functional Ops - the cake is a lierhirschfeld
 

More from rhirschfeld (20)

What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?
 
RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovation
 
Kubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch KubernetesKubecon 2017 Zero Touch Kubernetes
Kubecon 2017 Zero Touch Kubernetes
 
#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEW
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentation
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Preso
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructure
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Source
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructure
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructure
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructure
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gap
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentation
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way down
 
Kubernetes in 15 minutes
Kubernetes in 15 minutesKubernetes in 15 minutes
Kubernetes in 15 minutes
 
Functional Ops - the cake is a lie
Functional Ops - the cake is a lieFunctional Ops - the cake is a lie
Functional Ops - the cake is a lie
 

Recently uploaded

Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 

Recently uploaded (20)

Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 

Joint OpenStack Kubernetes Environment (preview)

  • 1. Will it blend? A Joint OpenStack Kubernetes Environment A pragmatic operational assessment of if and when Kubernetes can become an underlay for OpenStack.
  • 2. TL;DR: Not today. In the future, yes.
  • 3. Rob Hirschfeld (aka Zehicle online) In Community: OpenStack Board Member (4 years) Co-Chair of Kubernetes Cluster Ops SIG Founder of Digital Rebar & Crowbar Projects Professional: CEO of RackN - hybrid automation software Executive at Dell - scale data center ops Cloud Data Center Ops going back to 1999
  • 4. What is Kubernetes? Container Orchestration / Container Scheduler API driven to provide restart, placement, network routing and life-cycle For Applications designed for Kubernetes Key Design Elements: Immutable Infrastructure (stateless ops) 12 Factor Configuration Service Oriented
  • 5. Platform: Three Tier Application Client 0 Ready 1 Prereq 2 Control 3 Nodes etcd (cluster) etcd (cluster) etcd (cluster) API (cluster) API (cluster) API (cluster) Kubelet KubeCtl Container Manager 5 Apps Network CNI Host Network Host Storage Host Init Pod Pod Pod Pod 4 Add-Ons Certificate Authority Scheduler (leader) Heapster Infrastructure APIs Routers, Storage, LBs... Proxy ... Controller (leader) DNS Watcher ...
  • 6. Together 4ever: API server + Kubelet Client 0 Ready 1 Prereq 2 Control 3 Nodes etcd (cluster) etcd (cluster) etcd (cluster) API (cluster) API (cluster) API (cluster) Kubelet KubeCtl Container Manager 5 Apps Network CNI Host Network Host Storage Host Init Pod Pod Pod Pod 4 Add-Ons Certificate Authority Scheduler (leader) Heapster Infrastructure APIs Routers, Storage, LBs... Proxy ... Controller (leader) DNS Watcher ...
  • 7. Who Cares? Operators! Operational Success is Essential to Project Success Operators are not developers! Simple, Transparent and Stable are key concerns Becoming a super-user of the platform should not be required to run it Scale & Upgradability has both internal and external drivers Generally, Kubernetes has good operational fundamentals
  • 8. First: We’re Confusing Technical and Marketing Marketing around Kubernetes under OpenStack is a “hot mess” ● People heard “Kubernetes is stable, OpenStack is not” ● Further confuses “OpenStack one platform message” Who is promoting doing this? Mirantis / CoreOS / Intel / Google Confusion with the Plain Old Container Install (“POCI”) message ● Canonical (Ubuntu Cloud Install), ● Rackspace (OpenStack Ansible) ● Cisco (Kolla)
  • 9. We’re Talking Underlay, not Overlay We’re talking about installing Kubernetes first (aka underlay) and using it to manage the OpenStack control plane. This approach is not a win if we ● Disable Kubernetes management ● Still need outside management tooling For now, we’ll ignore that our user may actually want to use Kubernetes as the overlay. IMHO, a bad assumption. Physical Infrastructure Kubernetes Underlay OpenStack Kubernetes Overlay Here! Simplest conception of the K8s OpenStack Sandwich
  • 10. Second: Why I’m scared This discussion keep kicking the operations & install problems down the field Kubernetes is much newer than OpenStack, so even less understood Yet more complexity and some very basic questions: ● Now we have a both a Kubernetes and OpenStack upgrade problem ● We still need tooling to manage OpenStack in Kubernetes ● We still need someone to package the containers ● Relies on Docker to keep systems running ● Storage and Networking are still being worked out
  • 11. But, it’s going to happen anyway...
  • 12. Key Principle: Containerization vs Kubernetes Containers can be treated as a) lightweight vms or 2) packaged daemon sets. ● Canonical builds their containers like persistent vms and configures with Juju ● Kolla & OSA treats containers as packaging and configures with Ansible Kubernetes accepts neither approach – they expect containers to be immutable and 12 factor configured ● Kubernetes manages the full container life-cycle ● Containers need to be able to handle being added, removed ● Services need to be able to handle IP address changes (or use DNS names)
  • 13. Specific Technical Barriers Host / Pinned vs Managed Containers ● It is possible to disable Kubernetes management and pin containers ● This eliminates the desired benefit of using Kubernetes How to handle Layered SDN integrations? Who wins? How to handle expectations of container persistence? Assumptions of Exclusive Ownership / Administrative Control
  • 14. General Challenges to Overcome Complexity ● Overall Complexity of More Components ● Need to Control Kubernetes & Kubernetes Stability ● Need for Multiple Tiers of Load Balancer ● IP Mobility in Service Registration & Message Bus ● Mixed Networking Models ● Utility Upgrades and maintenance of the Underlay ● Mixing Kubernetes workloads Networking Utility
  • 15. There are REAL Potential Benefits Part of Kubernetes Ecosystem (which is likely bigger than OpenStack’s) Leverage Docker packaging efforts and reduce Python & O/S dependencies Upgrades would benefit from Kubernetes built-in processes Use of the Kubernetes job scheduler for maintenance “Free” fault tolerance of key components Easier install if Kubernetes already running on-site More constrained options for configuration and operation
  • 16. How could this actually be done quickly? Focus on Control plane, leave the nodes alone. ● Workers are “pinned” and agents need administrative control Cherry pick services to move into Kubernetes ● Focus on web services ● Separate support services (data & message bus) Externalize data using service registry Physical Infrastructure Kubernetes Underlay OpenStack Mgmt OpenStack Nodes SupportServices Make sure OpenStack Projects can handle immutable container requirements
  • 17. In summary, OpenStack operability is not solved via the underlay platform alone. Technical Leadership motivation required for OpenStack adopting Kubernetes architecture requirements. Serious messaging confusion in effort has to be resolved. However, this collaboration is required for OpenStack Because Kubernetes will have a larger footprint in Operations