This document summarizes an OpenStack March 2018 Ops Meetup. It discusses operations war stories with OpenStack upgrades and documentation issues. It also covers contributing to OpenStack as a non-developer through documentation, specification reviews, translations, and bug/code reviews. The document then discusses OpenStack updates from the PTG summary, user committee, and foundation. It outlines focus areas for OpenStack infrastructure, container infrastructure, and edge infrastructure. Finally, it discusses using Kata Containers with OpenStack, containers on OpenStack using tools like Kolla-Ansible and Magnum, and common Neutron pain points around documentation and security groups.

1. OpenStack March 2018
Ops Meetup
OpenStack Korea Community Study Manager 장태희

2. List
• Operations War Stories
• OpenStack Contribution for Non-Developers
• OpenStack Updates
• OpenStack on Containers, Containers on OpenStack
• Neutron pain points

8. Operations War Stories
• Upgrade hell – Liberty, Icehouse,… but no plan to upgrade
• Documentation woes
• Docs as markdown in git vs “easier” wiki pages
• Storage Issues
• performance issue when user use IO/IOPS a lot.
• How many Hypervisor/VM you are running on 1 region?
• Migration Issues
• kvm64 support? Yes!

9. OpenStack Contribution for Non-Dev
• Documentation
• Spec Reviews
• Translations
• File Bugs
• Code Reviews

10. ●OpenStack OpsGuide Wiki
○https://wiki.openstack.org/wiki/OpsGuide
●Project Installation and Configuration Guides
○Usually found in each projects repo under doc/source/
○https://github.com/openstack/cinder/tree/master/doc/source/configuration
○http://www.sphinx-doc.org/en/master/rest.html
Writing Documentation

11. API Reference
REST API documentation
Admin Guide
OpenStack administration guide
CLI Reference
Description of command line tools
Configuration Guide
Reference for configuration options
Contributor Guide
Useful information on how to contribute
Install
Information on project installation
Reference
Project reference material such as class documentation
User Guide
End user content
Writing Documentation

12. ●Need git client installed
○Linux - [apt|yum] install git
○Mac - brew install git
○Windows - https://git-scm.com/downloads
●Need git review installed
○sudo pip install git-review
●Clone git repo locally
○git clone https://github.com/openstack/cinder (or GUI equivalent)
●Edit files with a text editor
○Bonus points for building docs locally - tox -e docs
○Add changed files and commit:
■git add .
■git commit
■git review
Working with Git Source

13. OpenStack Updates
• PTG Summary
• User Committee Updates
• Foundation Updates
• Kata Containers
• Self-healing SIG

14. Focus Areas
OpenStack infrast
ructure
cloud software
CI/CD
infrastructure
Edge
infrastructure
Container
infrastructure

15. Kata Containers
The security of VMs with the speed of containers
コンテナの速度による仮想マシンのセキュリティ

16. Shared kernel. Security via cgroups

17. Kata Containers

22. OpenStack on Containers
• Deployment Tools
• Kolla-Ansible, openstack-helm, Your own tool
• Don't Do Things with Containerized OpenStack
• See no real benefit in containerized OS deployment
• What process (projects) are containerized?
• cinder-volume with ceph rbd driver
• Simplified upgrades / rollbacks

23. Containers on OpenStack
• deploying your containers on OpenStack
• k8s
• Magnum is most used
• Pain points for using containers when you deploy and
operate containers
• Magnum in Mitaka broke when CoreOS version was changed -
because of Heat templates maybe?
• Containers in VMs on openstack is inefficient compared to
containers on bare metal server
• VM -> bare metal container networking
• Bloomberg is going to use Calico (https://www.projectcalico.org)
specifically for VM <-> containers-in-k8s

24. Neutron pain points
• Is there any good document to understand and catch-up
current Neutron well?
• Official Docs?: https://docs.openstack.org/neutron/latest/
• APi reference team makes api-ref newer
https://developer.openstack.org/api-ref/network/v2/
• I'd like to use my home router as a dhcp.
• OpenStack security groups are not rich enough to model all
policy enforcement goals for traffic.