@rstarmer @mschulz Turn up the HEAT With OpenStack and Kubernetes
@rstarmer @mschulz
Turn up the HEATWith OpenStack and Kubernetes
Whoarewe?
Michael Schulz:
@mschulz
• Helion Technical Marketing Architect
• OpenStack operations contributor since 2012
• Supporting Cloud enablement for Enterprise
• Containers, Apps, Cloud
Robert Starmer:
@rstarmer
• CTO for Kumulus Technologies
• OpenStack operations contributor since 2012
• Supporting Cloud enablement for Enterprise
• OpenStack, Kubernetes, BareMetal to App CD
kumul.ushpe.com
@rstarmer @mschulz
Agenda
• Containers and Operations
• Operating Container based Applications
• Infrastructure for Container Operating Environments
• OpenStack for Kubernetes
@rstarmer @mschulz
Containers and Operations
@rstarmer @mschulz
Why not just stick with VMs?
Bare Metal (Nova & Ironic)x86, ARM, other processorMemoryLocal “block” storage subsystem
Hypervisor (Nova)Hypervisor - Hardware access management and segregationESX, KVM, Hyper-V, Xen, LPAR
Container (Nova)OS level segregation of processesDocker/LXC, Solaris containers
Hardware
APP APP APP
Host OSbin/lib bin/lib bin/lib
Hardware
APP
OSHypervisor
APP
OS
APP
OS
Host OS
bin/lib bin/libVirtual machine
GuestOS
bin/lib
Hardware
APPbin/lib
Container Engine
APPbin/lib
APPbin/lib
Host OS
Container
@rstarmer
@rstarmer @mschulz
Developers get Containers
• Dev/Ops is a stepping stone for many developers• Enabled application development models that were not previously
possible• Ops is something to limit and reduce• There is a growing #serverless community - focusing on just the
application again
@rstarmer
@rstarmer @mschulz
It is not just a Container though…
@rstarmer @mschulz
Still need to “operate” containers
• Can’t avoid some underlying operations• Manage infrastructure failures gracefully• Provide some scale services (e.g. Load balancing)• Managing interactions and security between multi-container
services and solutions• Manage and configure storage mappings
@rstarmer
@rstarmer @mschulz
The field of Container Management
• LXC and LXD or libvirt-lxc• Docker and Docker(plus Swarm)• Docker/RKT/(?LXC?) and Kubernetes• Docker, LXC, etc. and Mesos/DCOS• Docker Cloud, Rancher, DCOS, CoreOS Fleet….
@rstarmer
@rstarmer @mschulz
Management Functions
• Lifecycle Management• Rolling Upgrades• Scheduling• Network Service• Storage Mapping• Seems like an IaaS might be of service
@rstarmer
@rstarmer @mschulz
OpenStack and Container Operating Env.
@rstarmer @mschulz
Managing ContainersContainer Management on OpenStack
• Leverage VMs to support Container engines
• Container Operating Environment deployed via HEAT
• Leverage Network services:
• LBaaS
• Kuryr
@rstarmer
@rstarmer @mschulz
HEAT• Template based automation• Access to all OpenStack resources and services:
• Compute– OS::Nova::• Storage– OS::Cinder::,OS::Swift::• Network– OS::Neutron::,OS::Neutron::LBaaS::• EvenHEAT– OS::Heat::
• Templates used across most OpenStack driven Kubernetes deployments:
• Magnum• Murano
@rstarmer
@rstarmer @mschulz
HEAT and CAPS
• CAPS: Chef, Ansible, Puppet, SaltStack• Implements“statebased”automation
• Simplifiesserviceconfigurationvs.shellscripts
• Powerfulautomationtoolsfordeployment
• Manyapplicationsarealreadysupported
• HEAT implements the infrastructure services• Still need to implement the application services• Use SaltStack to provide “application” automation
@rstarmer
@rstarmer @mschulz
Kubernetes on OpenStack
@rstarmer @mschulz
Kubernetes and Openstack
• OpenStack provides the IaaS model via HEAT• HEAT triggers SaltStack deployment of Kubernetes• Kubernetes supports Container Operations
• OpenStack can support additional underlying services:• Network(IntegratewithKuryr,addLBaaS)• Storage(addCinderblock,orCeph)
@rstarmer
@rstarmer @mschulz
Kubernetes
@rstarmer
Greek for “Helmsman”; also the root ofthe word “Governor”
• Orchestrator for containers• Supports multi-cloud environments• Inspired and informed by
Google’s experiences and internalsystems
• Open source, written inGo
Manage applications, notmachines
@rstarmer @mschulz
Kubernetes manages your applications
@rstarmer
• Scheduling of where containers should run• Lifecycle and health to keep containers running• Discovery of containers and their location• Monitoring of containers• Control who can do things to containers• Aggregates sets of containers into jobs• Making jobs bigger or smaller by scaling up/down
@rstarmer @mschulz
Primary concepts
@rstarmer
@rstarmer @mschulz
Kubernetes Architecture
@rstarmer
etcd API Server
Scheduler
Controller Manager
Kubelet
Service Proxy
kubectl, ajax, etc
@rstarmer @mschulz
Demo Time
@rstarmer @mschulz
Getting the bits
@rstarmer
export KUBERNETES_PROVIDER=openstack-heat; curl -sS https://get.k8s.io | bash
https://github.com/kubernetes/kubernetes/releases
@rstarmer @mschulz
Start the deployment
@rstarmer
stack@helion-cp1-c1-m1-mgmt:~/kubernetes/cluster$ !KKUBERNETES_PROVIDER=openstack-heat ./kube-up.sh... Starting cluster using provider: openstack-heat... calling verify-prereqsswift client installedglance client installednova client installedheat client installedopenstack client installed... calling kube-upkube-up for provider openstack-heat[INFO] Execute commands to create Kubernetes cluster[INFO] Upload kubernetes-server-linux-amd64.tar.gzkubernetes-server.tar.gz[INFO] Upload kubernetes-salt.tar.gzkubernetes-salt.tar.gz[INFO] Image CentOS7 already exists[INFO] Key pair already existsStack not found: KubernetesStack[INFO] Retrieve new image ID[INFO] Image Id f80d2e2d-4149-4075-9903-2b4c00db6b1a[INFO] Create stack KubernetesStack+--------------------------------------+-----------------+--------------------+---------------------+--------------+| id | stack_name | stack_status | creation_time | updated_time |+--------------------------------------+-----------------+--------------------+---------------------+--------------+| 21ba7cbf-8144-4450-a775-1e11bf3ae798 | KubernetesStack | CREATE_IN_PROGRESS | 2016-09-15T22:29:04 | None |+--------------------------------------+-----------------+--------------------+---------------------+--------------+... calling validate-clusterCluster status CREATE_IN_PROGRESSCluster status CREATE_IN_PROGRESSCluster status CREATE_COMPLETEcluster "openstack-KubernetesStack" set.user "openstack-KubernetesStack" set.context "openstack-KubernetesStack" set.switched to context "openstack-KubernetesStack".Wrote config for openstack-KubernetesStack to /home/stack/.kube/configDone, listing cluster services:
Kubernetes master is running at https://192.168.2.181Elasticsearch is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/elasticsearch-loggingHeapster is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/heapsterKibana is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/kibana-loggingKubeDNS is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/kube-dnskubernetes-dashboard is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboardGrafana is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/monitoring-grafanaInfluxDB is running at https://192.168.2.181/api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
stack@helion-cp1-c1-m1-mgmt:~/kubernetes/cluster$
@rstarmer @mschulz
Example Replication Controller
@rstarmer
@rstarmer @mschulz
Questions?
@mschulz @rstarmer