Containers in OpenStack E-Book

BIRMINGHAM - MUMBAI

Containers in OpenStack

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: December 2017

Production reference: 1191217

ISBN  978-1-78839-438-3

www.packtpub.com

Credits

Authors

Pradeep Kumar Singh

Madhuri Kumari

Copy Editor

Safis Editing

Reviewers

Felipe Monteiro

Venkatesh Loganathan

Vinoth Kumar Selvaraj

Project Coordinator

Shweta H Birwatkar

Commissioning Editor

Gebin George

Proofreader

Safis Editing

Acquisition Editor

Namrata Patil

Indexer

Francy Puthiry

Content Development Editor

Amrita Noronha

Graphics

Tania Dutta

Technical Editor

Akash Patel

Production Coordinator

Shantanu Zagade

About the Authors

Pradeep Kumar Singh is an OpenStack developer. He has expertise in the domains of containers, storage, and web application development. Pradeep is a core reviewer for OpenStack Zun. Pradeep also loves machine learning and the infrastructure part of it. In his free time, he plays with his Raspberry Pi 3 clusters, and also loves to write code in different programming languages.

Madhuri Kumari is an OpenStack developer. She has expertise in the domains of cloud computing, containers, and virtualization. She has been working on OpenStack since December 2014 and is a core reviewer for two OpenStack projects, Magnum and Zun. Besides this, she has also worked on the Ironic, Swift, Murano, and Valence. She is an active speaker at OpenStack summits, LinuxCon, and local meetups. She was also nominated for the RedHat Women in Open Source Award, 2017.

About the Reviewers

Felipe Monteiro currently works for AT&T as a software developer, predominantly focusing on developing AT&T’s under-cloud platform (UCP) for orchestrating OpenStack on Kubernetes deployment. He is currently the lead developer for Deckhand and Armada, two of the core microservices that comprise UCP. He also works on OpenStack, particularly on Murano, OpenStack’s application catalog, and Patrole, a Tempest plugin responsible for validating the correct implementation of RBAC and API compliance with RBAC. He was the Murano PTL during the Pike release cycle and is currently a core reviewer for both Murano and Patrole.

Venkatesh Loganathan is a senior DevOps engineer at CD Cloudenablers Pvt. Ltd., a product-based cloud technology start-up in Chennai, India. He has spent an equal amount of time focusing on release engineering in the agile methodology, automating daily activities through configuration management tools, and maintaining the site at high availability.

Vinoth Kumar Selvaraj is a passionate computer science engineer from Tamil Nadu, India. He works as a DevOps engineer at Cloudenablers Inc.

As an active moderator on Ask OpenStack, he consistently answers and provides solutions for questions posted on the Ask OpenStack forum. Based on karma points, he was ranked 20 out of 20,000 members in the Ask OpenStack forum. He has also written many OpenStack-related articles for http://superuser.openstack.org/ and hosts a dedicated website for his works on OpenStack at http://www.hellovinoth.com/.

You can visit his LinkedIn page at https://www.linkedin.com/in/vinothkumarselvaraj/ and tweet him @vinoth6664.

Vinoth has also authored a book entitled OpenStack Bootcamp for Packt.

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com. Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details. At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www.packtpub.com/mapt

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at https://www.amazon.com/dp/1788394380.

If you'd like to join our team of regular reviewers, you can email us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products

Table of Contents

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

Working with Containers

The historical context of virtualization

Introduction to containers

Container components

Types of containers

Machine containers

Application containers

Types of container runtime tools

Docker

Rocket

LXD

OpenVZ

Windows Server containers

Hyper-V containers

Clear container

Installation of Docker

Docker hands-on

Working with Docker images

Listing images

Getting new images

Searching Docker images

Deleting images

Working with Docker containers

Creating containers

Listing containers

Checking container's logs

Starting containers

Deleting containers

Summary

Working with Container Orchestration Engines

Introduction to COE

Docker Swarm

Docker Swarm components

Node

Manager node

Worker node

Tasks

Services

Discovery service

Scheduler

Swarm mode

Apache Mesos

Apache Mesos and its components

Master

Slaves

Frameworks

Offer

Tasks

Zookeeper

Kubernetes

Kubernetes architecture

External request

Master node

kube-apiserver

etcd

kube-controller-manager

kube-scheduler

Worker nodes

kubelet

kube-proxy

Container runtime

supervisord

fluentd

Concepts in Kubernetes

Pod

Replica sets and replication controllers

Deployments

Secrets

Labels and selectors

Services

Volumes

Kubernetes installation

Kubernetes hands-on

Summary

OpenStack Architecture

Introduction to OpenStack

OpenStack architecture

Introduction to KeyStone, the OpenStack identity service

Introduction to Nova, the OpenStack compute service

Introduction to Neutron, the OpenStack network service

Introduction to Cinder, the OpenStack block storage service

Introduction to Glance, the OpenStack image service

Introduction to Swift, the OpenStack object store

DevStack installation

Creating a KeyStone user

Assign role to the user

Creating a VM using Nova

Attach volume to VM

Uploading an image to Swift

Summary

Containerization in OpenStack

The need for containers in OpenStack

Efforts within the OpenStack community to support containers

Nova

Heat

Magnum

Zun

Kuryr

Kolla

Murano

Fuxi

OpenStack-Helm

Summary

Magnum – COE Management in OpenStack

Magnum introduction

Concepts

Cluster template

Cluster

Cluster driver

Heat Stack Template

Template definition

Certificate

Service

Stats

Quotas

Key features

External load balancer for Kubernetes

Transport Layer Security

Scaling

Storage

Ephemeral storage

Persistent storage

Notifications

Container monitoring

Components

Magnum API

Magnum conductor

Walk-through

Magnum DevStack installation

Managing COEs

Summary

Zun – Container Management in OpenStack

Introduction to Zun

Concepts

Containers

Images

Services

Hosts

Capsules

Container drivers

Image drivers

Network drivers

Key features

Cinder integration

Container composition

Kuryr networking

Container sandbox

CPU sets

Components

zun-api

Zun scheduler

zun-compute

Zun WebSocket proxy

Walk-through

Zun DevStack installation

Managing containers

Summary

Kuryr – Container Plugin for OpenStack Networking

Introducing Kuryr

Kuryr architecture

Mapping the Docker libnetwork to the neutron API

Providing the generic VIF-Binding infrastructure

Providing containerized images of neutron plugins

Nesting VMs and Magnum use cases

Installation of Kuryr

Walk-through

Summary

Murano – Containerized Application Deployment on OpenStack

Introduction to Murano

Murano concepts

Environment

Package

Session

The environment template

Deployments

Bundle

Categories

Key features

Production-ready applications

Application catalog UI

Distributing workloads

Application development

Murano repository

Cinder volumes

Barbican support

HOT packages

Murano components

The Murano API

The Murano engine

The Murano agent

The Murano dashboard

Walk-through

Murano DevStack installation

Deploying a containerized application

Summary

Kolla – Containerized Deployment of OpenStack

Kolla introduction

Key features

Highly available deployment

Ceph support

Image building

Docker hub support

Local registry support

Multiple build sources

Dockerfile customization

Architecture

Deploying containerized OpenStack services

Setting up a local registry

Automatic host bootstrap

Building images

Deploying images

Summary

Best Practices for Containers and OpenStack

The advantages of different OpenStack projects

Best practices for securing and deploying containers

Summary

Preface

Containers are one of the most talked about technologies of recent times. They have become increasingly popular as they are changing the way we develop, deploy, and run software applications. OpenStack gets tremendous traction as it is used by many organizations across the globe and as containers gain popularity and become more complex, it's necessary for OpenStack to provide various infrastructure resources for containers such as compute, network, and storage.

Containerization in OpenStack aims at answering the question, how can OpenStack keep pace with the increasing challenges of container technology? You will start with getting familiar with container and OpenStack basics so that you understand how the container ecosystem and OpenStack work together. To help you get better at compute, networking, managing application services and deployment tools, the book has dedicated chapters for different OpenStack projects: Magnum, Zun, Kuryr, Murano, and Kolla.

Toward the end, you will be introduced to some best practices to secure your containers and COE on OpenStack with an overview of using each OpenStack project for different use cases.

What this book covers

Chapter 1, Working with Containers, starts with discussing the history of virtualization and then talks about the evolution of containers. After this, it focuses on explaining containers, their types, and the different container runtime tools. It then dives into Docker and its installation, and also shows how to use Docker to perform operations on containers.

Chapter 2, Working with Container Orchestration Engines, starts with an introduction to Container Orchestration Engines and then it introduces different COEs available today. It explains the installation of Kubernetes and how to use it to manage containers in an example application.

Chapter 3, OpenStack Architecture, starts with an introduction to OpenStack and its architecture. Then it briefly explains OpenStack's core components and their architecture.

Chapter 4, Containerization in OpenStack, explains the need for containerization in OpenStack, and also talks about different OpenStack container-related projects.

Chapter 5, Magnum – COE Management in OpenStack, explains the Magnum project of OpenStack in detail. It talks about the concepts, components, and architecture of Magnum. Then, it demonstrates Magnum installation with DevStack and it's hands-on.

Chapter 6, Zun – Container Management in OpenStack, explains the Zun project of OpenStack in detail. It talks about the concepts, components, architecture of Zun. Then, it demonstrates Zun installation with DevStack and it's hands-on.

Chapter 7, Kuryr – Container Plugin for OpenStack Networking, explains the Kuryr project of OpenStack in detail. It talks about the concepts, components, and architecture of Kuryr. Then, it demonstrates Kuryr installation with DevStack and it's hands-on.

Chapter 8, Murano – Containerized Application Deployment on OpenStack, explains the Murano project of OpenStack in detail. It talks about the concepts, components, and architecture of Murano. Then, it demonstrates Murano installation with DevStack and it's hands-on.

Chapter 9, Kolla – Containerized Deployment of OpenStack, explains the Kolla project of OpenStack in detail. It talks about the sub-projects, key features and architecture of Kolla. Then, it explains the deployment process for OpenStack ecosystem using the Kolla project.

Chapter 10, Best Practices for Containers and OpenStack, summarizes different container-related OpenStack projects and their advantages. Then, it also explains the security issues with containers and the best practices to resolve them.

What you need for this book

This book assumes a basic level of understanding of cloud computing, the Linux operating system and containers. The book will guide you through the installation of any tools that are required.

You can use any tool for the test environment, such as Vagrant, Oracle's VirtualBox, or a VMware workstation.

In this book, the following software list is required:

Operating system: Ubuntu 16.04

OpenStack: Pike release or newer

VirtualBox 4.5 or newer

Vagrant 1.7 or newer

To run the OpenStack installation in a development environment, the following minimum hardware resources are required:

A host machine with CPU hardware virtualization support

8 core CPU

12 GB RAM

60 GB free disk space

Internet connectivity is required to download the necessary packages for OpenStack and other tools.

Who this book is for

The book is targeted toward cloud engineers, system administrators, or anyone from the production team who works on the OpenStack cloud. This book acts as an end-to-end guide for anyone who wants to start using the concept of containerization in OpenStack.

Conventions

In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The zun-compute service is the main component of the Zun system."

Any command-line input or output is written as follows:

$ sudo mkdir -p /opt/stack

New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "You can see in the following screenshot that we are given two options to choose for our container host: Kubernetes Pod and Docker Standalone Host."

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.

You can download the code files by following these steps:

Log in or register to our website using your e-mail address and password.

Hover the mouse pointer on the

SUPPORT

tab at the top.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box.

Select the book for which you're looking to download the code files.

Choose from the drop-down menu where you purchased this book from.

Click on

Code Download

.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR / 7-Zip for Windows

Zipeg / iZip / UnRarX for Mac

7-Zip

/ PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Containers-in-OpenStack. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Errata