OpenInfra Days Poland 2019 slides

1. Learning to fly with Airship
- SUSE’s voyage of discovery to make the
control plane Cloud Native
June 2019
Simon Briggs
EMEA Technical Strategist
Simon.briggs@suse.com

2. 2
Agenda
• Introduction to Containerized OpenStack
• Airship Open Source Project
• Technology Preview
• Demos
• Questions

3. What is it?
• OpenStack services (e.g., Nova, Keystone, Neutron) packaged to run in containers as
opposed to running as processes on bare metal
• Kubernetes installed onto bare metal, with OpenStack deployed within containers using
Helm Charts
• Airship open source project foundation for lifecycle management
Why are we introducing it?
• Containers are more lightweight than VMs and easier to start up and terminate
• OpenStack environment faster to start up and scale
• Easier to separate individual OpenStack projects
• Easier to scale individual components up and down
• Upgrades of individual components become easier
• Leverage Kubernetes’ built-in HA
• Designing a self-healing environment becomes simpler
• Securing individual services and components becomes easier, due to container isolation
Containerized OpenStack Tech Preview

4. Cloud 9 Containerized OpenStack
4
Tech Preview
• Separately delivered – In parallel with Cloud 9 delivery
• Mandatory milestone for Cloud 10 roadmap
• Unification of Lifecycle Management
• Based on upstream Airship project
• SUSE Manager Integration Investigation – SUSE Manager Team
• Target for Delivery – June 2019
• Details linked from the Cloud 9 Beta page
https://www.suse.com/betaprogram/cloud-beta/
We need your Feedback!

5. What Is Airship?
5
• Full Lifecycle Management of Data Center Infrastructure using Containerized
OpenStack
• Uses OpenStack-Helm to Deploy OpenStack on a Kubernetes Infrastructure

6. Deployer
SUSE
Linux
Cloud Lifecycle Management Airship
Containerized Deployment
6
YAML
Configuration
• Leverages Community Tools to Deploy OpenStack in a
Kubernetes Infrastructure.
• SUSE Simplified Overrides Accelerates Deployment
• Selected Set of Airship Services
SUSE
Simplified
Overrides
Ship
yard
Airship Components UCP
Deck
hand
Peg
leg
Armada
CaaSP
Admin
CCP
Repo
CaaSP – Kubernetes Cluster
Node 1
Control
Node 2
Control
Node 3
Control
Node 4
Compute
Node 5
Compute
Node 6
Compute
K
e
y
s
t
o
n
e
S
w
i
f
t
H
o
r
i
z
o
n
G
l
a
n
c
e
N
o
v
a
N
e
u
t
r
o
n
C
i
n
d
e
r
H
e
a
t
B
a
r
b
i
c
a
n
R
a
b
b
i
t
M
Q
M
a
r
i
a
D
B
I
r
o
n
i
c
kvm
Deployer delivers components
Airship runs as containers in
the cluster
kvm kvmkvm
L
i
b
v
i
r
t

7. Lifecycle Upgrade Paths / Unification Plan
2018 2019 2020
Cloud 8
Crowbar
Cloud 8
CLM
Cloud 8 Cloud 9 Cloud 10
Cloud 9
Crowbar
Cloud 9
CLM
Cloud 9
CCP Tech
PR
Cloud 10
CCP
⚫ SUSE OpenStack Cloud 10 Containerized Control Plane requires Lifecycle Manager
conversion
⚫ Provide Migration Path in Cloud 9 for both flavors
⚫ Allows single customer conversion to CCP in Cloud 10
⚫ Lifecycle Manager is more aligned with Upstream
HOS 8
CLM
Cloud 8
Crowbar

8. 8
SUSE Linux
Deployer
Image Registry
SUSE MicroOS
Airship UCP | Openstack CP
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Tiller
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Heat
MariaDB
RabbitMQ
SUSE MicroOS
Compute Hosts
Docker Kubelet
CaaSP
Novacompute
Ingress
Libvirt
OVS
SES Hosts
CCP Deployment on Existing CaaSP and SES

9. 9
SUSE Linux
Deployer
Image Registry SUSE MicroOS
Host
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s (final name?)
SES AIO
CCP Deployment – What if I Don’t Already
Have K8S?
CaaSP
Heat
templates
CaaSP V3
SES V5.5

10. 10
SUSE Linux
Deployer
Image Registry
SOC Site
Manifests
Helm
SOCOK8s (final name?)
Declarative and Repetitive Cloud Infrastructure
Helm
charts
Overrides
Container
Images
Profiles
Security
Policy
Network
Storage Host

11. 11
11
Demo 1

12. 12
One Workflow for Lifecycle Management
Use Case 1: Scale out Control Plane
SUSE Linux
Deployer
Image Registry
SUSE MicroOS
Control Worker 1
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
SUSE MicroOS
Compute Host
Docker Kubelet
CaaSP
Novacompute
Ingress
Libvirt
NeutronOVS
SES Hosts
SUSE MicroOS
Worker 2
Docker Kubelet
CaaSP
SUSE MicroOS
Worker 3
Docker Kubelet
CaaSP
Heat
MariaDB
RabbitMQ
“Before”
Single Node Demo Control Plane

13. 13
One Workflow for Lifecycle Management
Use Case 1: Scale out Control Plane
SUSE Linux
Deployer
Image Registry
SUSE MicroOS
Control Worker 1
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
SUSE MicroOS
Compute Host
Docker Kubelet
CaaSP
Novacompute
Ingress
Libvirt
NeutronOVS
SES Hosts
SUSE MicroOS
Control Worker 2
Docker Kubelet
CaaSP
SUSE MicroOS
Control Worker 3
Docker Kubelet
CaaSP
Heat
MariaDB
RabbitMQ
“After”
Three Node HA Control Plane
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ

14. 14
Demo 2

15. 15
One Workflow for Lifecycle Management
Use Case 2: Expand Compute Capacity
SUSE Linux
Deployer
Registry
SUSE MicroOS
Control Worker 1
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
SUSE MicroOS
Compute Host
Docker Kubelet
CaaSP
Novacompute
Ingress
Libvirt
NeutronOVS
SUSE MicroOS
Control Worker 2
Docker Kubelet
CaaSP
SUSE MicroOS
Control Worker 3
Docker Kubelet
CaaSP
Heat
MariaDB
RabbitMQ
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ
SUSE MicroOS
Worker Node
Docker Kubelet
CaaSP
“Before”
Spare Worker node

16. 16
One Workflow for Lifecycle Management
Use Case 2: Expand Compute Capacity
SUSE Linux
Deployer
Registry
SUSE MicroOS
Control Worker 1
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
SUSE MicroOS
Compute Host
Docker Kubelet
CaaSP
Novacompute
Ingress
Libvirt
NeutronOVS
SUSE MicroOS
Control Worker 2
Docker Kubelet
CaaSP
SUSE MicroOS
Control Worker 3
Docker Kubelet
CaaSP
Heat
MariaDB
RabbitMQ
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ
“After”
Additional Compute Host
SUSE MicroOS
Compute Host
Docker Kubelet
Novacompute
Libvirt
NeutronOVS
CaaSP

17. 17
Demo 3

18. 18
One Workflow for Lifecycle Management
Use Case 3: Upgrade Service from Pike to Queens
SUSE Linux
Deployer
Registry
SUSE MicroOS
Control Worker 1
Docker Kubelet
CaaSP
SOC Site
Manifests
Helm
SOCOK8s
Armada
Shipyard
Deckhnad
Pegleg
Keystone
Horizon
Glance
Neutron
Nova
Cinder
Ingress
Heat
MariaDB
RabbitMQ

19. 19
Demo 4

20. Resilience and Self-Healing
What happens when a node is lost?
20
• Leverages Kubernetes HA
• Airship Can Redeploy
Components on New Node
CaaSP – Kubernetes Cluster
Node 1
Control
Node 2
Control
Node 3
Control
Node 4
Compute
Node 5
Compute
Node 6
Compute
K
e
y
s
t
o
n
e
S
w
i
f
t
H
o
r
i
z
o
n
G
l
a
n
c
e
N
o
v
a
N
e
u
t
r
o
n
C
i
n
d
e
r
H
e
a
t
B
a
r
b
i
c
a
n
R
a
b
b
i
t
M
Q
M
a
r
i
a
D
B
I
r
o
n
i
c
kvm kvm
L
i
b
v
e
r
t
kvm

21. Cloud 9 Containerized OpenStack
Details Linked from the Cloud 9 Beta Page
https://www.suse.com/betaprogram/cloud-beta/
Coming to you soon.. June 2019
We need your Feedback!!!
21

23. 23
23
Unpublished Work of SUSE LLC. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC.
Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their
assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated,
abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making
purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The
development, release, and timing of features or functionality described for SUSE products remains at the sole discretion
of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this
presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-
party trademarks are the property of their respective owners.