This document discusses using Docker containers with OpenStack. It describes installing the Nova Docker compute driver plugin to enable launching and managing Docker containers via the OpenStack Nova API. The plugin allows spawning Docker containers from images in Glance and supports basic container operations. However, some Nova features like live migration and advanced Docker capabilities are not yet supported. Using Docker with Nova provides an alternative to Heat for container orchestration with OpenStack.

1. May 15th, 2014Practical Docker for OpenStack

2. Better!
Faster!
Stronger!
Better!
Faster!
Stronger!

7. How are we using it?
I
Image
iteration
Integration

8. All the things.
Compute

9. Docker Docker
Key element of the Solum data plane

10. Applying Heat
Orchestration for Docker API

11. Heat Resource
DockerInc::Docker
::Container

12. Heat Workflow
Heat API
VM
Docker
NovaNova resource
Docker resource
Container1
Container2
Container3
HOT

13. Installing the plugin
git clone https://github.com/openstack/heat
ln -sf $PWD/heat/heat/contrib/docker/plugin;
/usr/lib/heat/docker"
echo “plugin_dirs=$PWD/heat/heat/contrib/docker/
plugin” >> /etc/heat/heat.conf

14. Heat: Cirros
heat_template_version: 2013-05-23
description: Single compute instance running cirros in a Docker
container.
resources:
my_instance:
type: OS::Nova::Server
properties:
key_name: ewindisch_key
image: ubuntu-precise
flavor: m1.large
user_data: #include https://get.docker.io
my_docker_container:
type: DockerInc::Docker::Container
docker_endpoint: { get_attr: [my_instance, first_address] }
image: cirros

15. Heat: Dockenstack
heat_template_version: 2013-05-23
description: Single compute instance running Tempest
resources:
my_instance:
type: OS::Nova::Server
properties:
key_name: ewindisch_key
image: ubuntu-precise
flavor: m1.large
user_data: #include https://get.docker.io
my_docker_container:
type: DockerInc::Docker::Container
properties:
docker_endpoint: { get_attr: [my_instance, first_address] }
image: dockenstack
privileged: true
cmd: /opt/dockenstack/bin/tempest

16. heat_template_version: 2013-05-23
description: Two containers, one host with shared volumes
resources:
my_instance:
type: OS::Nova::Server
properties:
key_name: ewindisch_key
image: ubuntu-precise
flavor: m1.large
user_data: #include https://get.docker.io
ftp_container:
type: DockerInc::Docker::Container
properties:
docker_endpoint: { get_attr: [my_instance, first_address] }
image: mikz/vsftpd
ports: [ “21:21” ]
volumes: [ “/ftp” ]
name: “FTP”
apache_container:
type: DockerInc::Docker::Container
properties:
docker_endpoint: { get_attr: [my_instance, first_address] }
image: fedora/apache
ports: [ “80:80” ]
volumes-from: “FTP”
cmd: “rm -rf /var/www; ln -s /ftp /var/www; /run-apache.sh”

17. Docker plugin for Nova
Compute Integration

18. Awesome People
Derek Higgins (RedHat)
Ian Main (RedHat)
Paul Czarkowski (Rackspace)
Daniel Kuffner
Julien Vey (Numergy)
Aaron Rosen (Nicera)
Pedro R Marques (Juniper)
Sam Alba (Docker)

19. What?
Enables control of
Docker via OpenStack:
• Nova API
• Horizon UI
Supports:
• launch
• terminate
• reboot
• serial console
• snapshot
• glance
• Neutron!
https://wiki.openstack.org/wiki/
HypervisorSupportMatrix

20. Networking
Nova
Network

21. Not supported.!
(yet)
Cinder Volumes
Suspend/resume
Pause/unpause
Live-migration
(patches welcome!)

22. Nova+Docker!
Architecture Overview

23. Image Management
docker-registry is a proxy
!
users can upload through docker-
registry or to glance directly
!
docker pulls images through the
docker-registry proxy

24. Glance isn’t really
needed (or desirable?)
But it’s def-core…

25. Nova doesn’t…
Link container networks
Pass environment variables
Specify working directories
Create docker-volumes
Share docker-volumes between containers
Arbitrary commands
Arbitrary command-arguments
We need container extensions!

26. $ nova boot --flavor 1
--image cedef40a-ed67-4d10-800e-17455edce175
--hint same_host=a0cf03a5-d921-4877-bb5c-86d26cf818e1
Affinity

27. Should you be using
Heat?

28. Closer to the Docker workflow
Hybrid-cloud compatible
Scheduled by backing cloud
Microservices-friendly
Integration with other services
Nova features (quota, auth, etc…)
Abstraction layer for other hypervisors
Integrated scheduling
Heat vs Nova!
Comparison

29. dockenstack
a solution for OpenStack development & testing

30. Testing

31. Host
VM
Linux
VM
Vagrant
(or other VM devstack environment)

32. ! nested

33. Where container == host; for all practical purposes
Host
VM
Linux
VM
Host
Container
Linux
VM
Vagrant
(or other VM devstack environment)
Dockenstack

38. Using Docker
with the OpenStack Compute plugin

39. Install the plugin
mkdir git-co; cd git-co"
git clone https://github.com/stackforge/nova-docker"
cd nova-driver"
python setup.py install

40. Configure Nova
Set in nova.conf:"
compute_driver=novadocker.virt.docker.DockerDriver"

41. Run a registry
docker run -d -p ${DOCKER_REGISTRY_PORT}:5000
-e SETTINGS_FLAVOR=openstack
-e OS_USERNAME=${OS_USERNAME}
-e OS_PASSWORD=${OS_PASSWORD}
-e OS_TENANT_NAME=${OS_TENANT_NAME}
-e OS_GLANCE_URL="${SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}"
-e OS_AUTH_URL=${OS_AUTH_URL}
registry ./docker-registry/run.sh

42. docker pull cirros"
docker tag cirros 10.0.0.1:5000/cirros"
docker push 10.0.0.1:5000/cirros”
Putting an image into your repository

43. ‘nova boot’

44. Q & A
http://youtu.be/GQiQMJe6G2g
vBrownBag on using Dockenstack
for testing the Nova driver: