1. Project Atomic And Multi-Container
Application Packaging
Lalatendu Mohanty
Senior Software Engineer @ Red Hat

2. Topics
●
Atomic Host
●
Nulecule
●
Atomic App
●
Getting Involved

3. Atomic Host
●
It is not a new GNU/Linux distribution.
●
Framework to create an OS from RHEL,
CentOS and Fedora.
●
Optimized for Linux containers.

4. Why Atomic Host?
●
Our expectation from an OS is not same
anymore.
– Pets vs Cattle.
●
Updating and maintaining the system should be
easy.
●
It needs to be more secure than the traditional
OS

5. Atomic hosts comprises of
●
Rpm-ostree
●
Cockpit
●
Kubernets
●
/usr/bin/atomic
●
Docker

6. OSTree
“OSTree was born to help implement a continuous
delivery model for operating systems. One can be a lot
more confident in updating systems if one knows that a
reliable rollback system is always available.”
COLIN WALTERS
Senior Software Engineer, Inventor of OSTree
Red Hat

7. rpm-ostree
●
Git for operating systems.
●
Update methods of containers and applied
them to operating system.
●
No more half way upgraded systems
# yum update
bash: yum: command not found
# atomic host upgrade
Upgrade prepared for next boot
# atomic host rollback
Successfully reset deployment

8. Why rpm-ostree?
●
Atomic host would only run containers.
●
Atomic update makes more sense for an
immutable system.
●
Allows reuse of RPMs.
●
No need to re-invent wheel on packaging.
●
Option to rollback to previous state (old good
state).

9. How rpm-ostree works?
●
Fiilesystem is read-only except /var and /etc
●
All data (e.g. containers) are unchanged on
upgrade.
●
/etc gets updated through a 3-way merge.

10. /usr/bin/atomic
●
Coherent entry point : manage host and
containers with the atomic command.
●
Fill gaps in Linux container implementations.
– e.g. “atomic install foo” can install a container with
its k8s configuration and/or systemd unit file.
– “atomic run” grabs the LABEL “run” with its all
command line details.
– It can serve as metadata for containers for different
use cases

11. Cockpit
●
Server manager for administrating Linux servers
via web browser.
●
Designed to be multi-server
●
Support for managing containers, Kubernetes.
●
http://cockpit-project.org/

12. Want to try?
●
ISOs are available for CentOS and Fedora
Atomic Host.
●
Available in public clouds.
●
For Vagrant users
– vagrant init fedora/23-atomic-host
– vagrant init centos/atomic-host

13. Any Questions for Atomic Host?
Website: projectatomic.io
IRC: #atomic on Freenode

14. Containers are great,
but it is not just one container.

15. In real life applications are composed of multiple
containers (Micro-services?)

16. But how to define a multi-container application
configuration without distributing instructions and
files to the end-user ?

17. We have docker compose , kubernetes
configuration files, but is it enough?

18. The application also goes through different stage

19. Metadata changes for
each stage.

20. Nulecule
●
A specification
●
Container technology independent
●
Provide a simple, flexible way to describe a
multi-container application, including all
dependencies.

21. Understanding Nulecule
●
Graph
– Directed acyclic graph to define application
dependencies/components.

22. Understanding Nulecule
●
Parametrization
– Values/information for deployment
– Default values (Can be overridden by answers.conf)
– Each component has its own parameters
– Supports variable substitution, regular expression etc

23. Understanding Nulecule
●
Answers.conf
– Porvides answers to question defined by prarameters
– Override default values of parameters (e.g. for
different environment)

24. Understanding Nulecule
●
Providers
– e.g. Kubernetes, OpenShift, Docker Compose, Mesos,
Docker
– Metadata for orchestrators/providers

25. A complete Nulecule Spec

26. Atomic App
●
Nulecule app installer
●
At this moment only supports docker run time
●
It performs all actions required to run the
application by reading the Nulecule spec.
– Downloading all required docker images
– Communicating to providers etc

27. Using Atomic App
●
As a docker image
●
Use atomicapp base image to build nulecule-ized
applications
●
Running a nulecule-ized applications
– $ atomic run projectatomic/helloapache
●
Uses /usr/bin/atomic labels
– $ grep Run Dockerfile
RUN="docker run -it --rm ${OPT1} --privileged -v `pwd`:/atomicapp -v
/run:/run -v /:/host --net=host --name ${NAME} -e NAME=${NAME} -e
IMAGE=${IMAGE} ${IMAGE} -v ${OPT2} run ${OPT3} ${IMAGE}"

29. Nulecule-library

30. Get involved
●
https://github.com/projectatomic/nulecule
●
https://github.com/projectatomic/nulecule-libr
ary
●
https://github.com/projectatomic/atomicapp
●
#nulecule on Freenode
●
Mailing List: container-tools@redhat.com

31. Reference
●
http://www.slideshare.net/VavPavl/nulecule

32. Thank you :-)
Any questions please?
Contact me: @lalatenduM on Twitter
lalatenduM on Freenode