Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Containers Ecosystem, the OpenStack Magnum Project, the Open Container Initiative, and You!


Published on

Presentation at the OpenStack Summit in Tokyo, Japan on October 27, 2015.

The technology industry has been abuzz about cloud workload containerization since the open source Docker project became a phenomenon in early 2014.

Meanwhile, an OpenStack Containers Team was formed and the Magnum project launched to provide users with a convenient Containers-as-a-Service solution for OpenStack environments.

As the potential of both technologies emerged, many wanted to see shared governance over the baseline container specification and runtime technology to ensure an open cloud ecosystem.

This past June, a new group was formed with a goal of creating open, industry standards around container formats and runtimes, called the Open Container Initiative (

So how will OpenStack Magnum influence - and be influenced by - the new OCI group? Why is the OCI under the stewardship of the Linux Foundation? What is the scope of the OCI effort? What project goals and/or principles will guide their work?

Attend this session to learn the following:

* A brief history of the open container ecosystem and the major benefits that containerization provides
* An overview of the Magnum CaaS plugin architecture and design goals
* Insider details on the the progress of the Linux Foundation Open Container Initiative (and the related Cloud Native Computing Foundation)
* What it all means for deploying container orchestration engines on your cloud with OpenStack Magnum

Megan Kostick - Software Engineer, Cloud and Open Source Technologies, IBM
Daniel Krook - Senior Software Engineer, Cloud and Open Source Technologies, IBM
Jeffrey Borek - WW Program Director, Open Technologies and Partnerships, Cloud Computing

Published in: Technology, Software
  • Wall Street business magnate Stephen Chu, winner of the Strathmore’s Who’s Who Registry honoring the most successful business tycoons in the world, says the "Demolisher" Betting System lived up exactly to its billing! ➤➤
    Are you sure you want to  Yes  No
    Your message goes here
  • I love you Ben you’ve literally saved my life! Lets just say I was in a lot of trouble financially until I found you.Now I’m in complete AWE every time I open my betting account it’s like the numbers aren’t real, that’s why I’m constantly withdrawing the cash lol.God bless you Ben! and thank you so much for allowing me access to this amazing service. ★★★
    Are you sure you want to  Yes  No
    Your message goes here
  • There is a REAL system that is helping thousands of people, just like you, earn REAL money right from the comfort of their own homes. The entire system is made up with PROVEN ways for regular people just like you to get started making money online... the RIGHT way... the REAL way. ♣♣♣
    Are you sure you want to  Yes  No
    Your message goes here
  • Like Watching Videos? Want to get paid to do it? ▲▲▲
    Are you sure you want to  Yes  No
    Your message goes here
  • A newer version of this presentation is available at
    Are you sure you want to  Yes  No
    Your message goes here

The Containers Ecosystem, the OpenStack Magnum Project, the Open Container Initiative, and You!

  1. 1. The Containers Ecosystem, the OpenStack Magnum Project, the Open Container Initiative, and You! What Open Containers and Cloud Native Computing mean to OpenStack Megan Kostick @KostickMegan Jeffrey Borek @JeffBorek Daniel Krook @DanielKrook
  2. 2. What you will learn today •  Introduction to container technology and its open source history •  How containerization fits into OpenStack, and in particular Magnum •  Introduction to the Linux Foundation collaborative projects on containers – Open Container Initiative – Cloud Native Computing Foundation •  How the OCI and CNCF container standardization may affect Magnum 2
  3. 3. Our background is in open source and open standards 3 Megan Kostick •  Customer advocate for open technologies adoption (OpenStack, Cloud Foundry, Docker) •  Software Engineer, Cloud and Open Source Technologies, IBM •  @KostickMegan Daniel Krook •  Customer advocate for open technologies adoption (OpenStack, Cloud Foundry, Docker) •  Senior Software Engineer, Cloud and Open Source Technologies, IBM •  @DanielKrook Jeffrey Borek •  IBM representative to the OCI & CNCF, Chair of Docker Governance Advisory Board •  WW Program Director, Open Technologies and Partnerships, Cloud Computing •  @JeffBorek
  4. 4. Container technology today enables greater density, faster startup, and easier deployment of applications 4 Containers provide isolation for processes sharing compute, networking, and storage resources on a single host system. They are similar to virtualized machine instances but share the host kernel and avoid hardware emulation. Applications can be packaged with all the additional dependencies that they need, above what is provided by the host. This makes them efficient to run, easy to move from host to host, and enable more granular control of applications. There are costs, however... Diagram source: Exploring Opportunities: Containers and OpenStack
  5. 5. Containers are not new. Many innovations from many organizations have brought them where we are today 5 Jails VServer Zones cgroups Namespaces LXC Docker FreeBSD Jails expand on Unix chroot to isolate processes 2000 2001 2004 2006 2008 2008 2013 Linux-VServer ports kernel isolation, but requires recompilation Solaris Zones bring the concept of snapshots Google introduces Process Containers, merged as cgroups Red Hat adds user namespaces, limiting root access in containers IBM creates LXC, providing user tools for cgroups and namespaces Docker provides simple user tools and images. Containers go mainstream
  6. 6. Several OpenStack projects leverage containers to gain these benefits 6 A Docker hypervisor driver for Nova Compute to treat containers and images as the same type of resource as virtual machines. Nova A plugin template for orchestrating Docker resources on top of OpenStack resources. Allows access to full Docker API. Heat Containerizes the OpenStack control services themselves as microservices to simplify the operational experience. Kolla Provides an application catalog of containerized applications that can be deployed to an OpenStack cloud. Murano OpenStack is above all an integration engine, bringing various technologies together through common APIs. Therefore, containers have naturally been plugged into several existing projects and will find their way into other areas as well. Provides an API to manage multi- tenant Containers-as-a-Service leveraging Heat, Nova, and Neutron. Magnum
  7. 7. The road to a Containers-as-a-Service project in OpenStack •  May 2014: Containers Team Formed –  Standardize the container environment –  Provide consistency when deploying containers in OpenStack –  Remove the risk of betting on a single container strategy •  June 2015: Container Networking Subteam Formed –  Incorporate a consistent networking strategy for containers •  August 2015: OpenStack Silicon Valley –  Event focused on containers in OpenStack •  October 2015: OpenStack Liberty Release –  First production ready release of Magnum 7 2014 2016
  8. 8. OpenStack Magnum provides APIs and tenant isolation for container orchestration engines •  Complete management for containers within OpenStack –  Orchestrates the underlying host machines with Heat –  Implements multi-tenancy of separate clusters through Keystone –  Provides multi-host networking with Neutron •  Supports several Container Orchestration Engines (COE) –  Docker Swarm –  Google Kubernetes –  Apache Mesos •  Allows direct access to native container APIs –  Docker CLI clients can access hosts and containers –  The Kubernetes client can also directly manage pods, services, etc. 8
  9. 9. Magnum builds on several other mature OpenStack projects 9 Magnum components Diagram source: Exploring Opportunities: Containers and OpenStack
  10. 10. Introducing the Linux Foundation Open Container Initiative (OCI) 10 A single, open container specification: •  Not bound to higher level constructs such as a particular client or orchestration stack •  Not tightly associated with any particular commercial vendor or project •  Portable across a wide variety of operating systems, hardware, CPU architectures, public clouds, etc. The OCI is a lightweight, open governance structure for the express purpose of creating open industry standards around container formats and runtime Announced June 22, 2015
  11. 11. The OCI aims to meld ecosystems towards an open standard 11 •  Users should be able to package their application once and have it work with any container runtime •  The standard should fulfill the requirements of the most rigorous security and production environments •  The standard should be vendor neutral and developed in the open
  12. 12. The OCI governs a container specification and an implementation 12 Open Container Format: OCF Docker container runtime implementation: runC (formerly libcontainer) CoreOS runtime implementation: appC (formerly Rocket) Spec and implementation updated in concert Innovation driven into the specOpen Container Initiative ecosystem Community innovation driven into the spec
  13. 13. Introducing the Cloud Native Computing Foundation (CNCF) 13 •  Container packaged: In order to improve the overall developer experience, foster code reuse and simplify operations •  Dynamically managed: Actively scheduled and managed by a central orchestrating process to radically improve machine efficiency •  Micro-services oriented: Loosely coupled with dependencies explicitly described through service endpoints for overall agility, maintainability of applications The CNCF plans to create and drive the adoption of a new set of common container technologies, driven and informed by technical merit and end user value, inspired by Internet-scale computing Announced July 21, 2015
  14. 14. CNCF: Supporting companies and initial high level architecture 14 Just as the OCI targets container image portability, the CNCF targets cloud application portability…
  15. 15. OCI/CNCF standardization and the implementation of Magnum: What Magnum already brings to the table 15 •  Docker Swarm and Kubernetes already manage containers based on runC. •  Docker Swarm will work to align its approach with the interoperability goals of the CNCF as Kubernetes has. Standard container environment •  Users can wait to see the results of the foundations’ work. •  Docker Swarm and Kubernetes are heavily invested in both the OCI and CNCF, and already in use in Magnum. No container strategy lock-in •  Magnum supports COEs, the container strategies themselves. •  Supporting COEs allows for continual sync with the latest standards. Adaptable infrastructure
  16. 16. OCI/CNCF standardization and the implementation of Magnum: What Magnum is doing now 16 •  Leveraging Docker’s libnetwork, will provide users with the same experience in and out of OpenStack. •  Container networking strategies continue to evolve, and will be an area of foundation focus going forward. Consistent networking •  The OpenStack Silicon Valley 2015 conference centered on containers, preparing for what the industry has in store. •  Kuryr and other container project design goals will be discussed at sessions at the Summit. Focus on container evolution
  17. 17. 17 OCI/CNCF standardization and the implementation of Magnum: What Magnum will need to focus on as standards evolve •  The OCI and CNCF are continuing to finalize the charter and member agreements. •  Being agnostic to container technologies, Magnum can incorporate these decisions with ease. Adapt to foundation standards •  Past experience and expertise allows Magnum to give insight to both foundations from a production level CaaS perspective. Contribute to foundation efforts
  18. 18. Summary •  Container technology has evolved over the last 15 years with contributions from many organizations. It will continue to do so through the Open Container Initiative and the Cloud Native Computing Foundation. •  Containerization is used throughout OpenStack, but the end user facing features provided by Magnum’s Containers-as-a-Service will be the most impacted by standards given the exposure of native APIs and Cloud Orchestration Engines. •  The OpenStack Foundation provides governance over Infrastructure-as-a-Service (compute, network, and storage) APIs. The Open Container Initiative and the Cloud Native Computing Foundation will provide governance of container formats and meld orchestration engine technologies. 18 Keep an eye on developments in both of these areas as you formulate your organization's containerization strategy. Please get involved to ensure standards reflect usage scenarios.
  19. 19. Online resources and related talks at the Summit 19 Tuesday 4:40 – 5:20 Connecting the Dots with Neutron: Unifying Network Virtualization Between Containers and VMs Mohammad Banikazemi, Phil Estes Wednesday 2:00 – 2:00 Optimizing and Extending Overlay Networking for Containers Mohammad Banikazemi, Ton Ngo, Baohua Yang 4:40 – 5:20 OpenStack Magnum – Containers-as-a-Service Adrian Otto, PTL of the Magnum project Thursday 9:50 – 10:30 Exploring Magnum and Senlin Integration for Autoscaling Containers Hongbin Lu, Ton Ngo, Julio Ruano, Qiming Teng 4:30 – 5:10 Beginners’ Guide to Container Technology and How it Actually Works James Bottomley The OpenStack Magnum wiki Exploring Opportunities: Containers and OpenStack whitepaper The Docker and Container Ecosystem TheNewStack publication Open Containers Initiative web site Cloud Native Computing Foundation web site The history of containers Red Hat EL blog post Moments in container history Pivotal infographic