Docker allows developers and sysadmins to build, ship, and run distributed applications. OpenStack supports Docker through the nova Docker driver and Heat Docker plugin. The nova driver implements the OpenStack API to launch and manage Docker containers, while the Heat plugin allows defining Docker containers in orchestration templates. Considerations for Docker in OpenStack include containers being better suited for some use cases than VMs, and lack of full integration between Docker and some OpenStack services like Cinder and Neutron.
Comparing Sidecar-less Service Mesh from Cilium and Istio
Docker in OpenStack
1. Docker in OpenStack
Joint Athens OpenStack User Group
and Docker Athens Meetup,
24th September 2014
Thanassis Parathyras
aparathyras@stackmasters.eu, @parathyras
3. OpenStack’s mission
“to produce the
ubiquitous Open Source Cloud Computing platform
that will meet the needs of public and private clouds
regardless of size, by being simple to implement and
massively scalable”
4. Docker, what is it?
“an open platform
for developers and sysadmins
to build, ship, and run
distributed applications”
6. Docker support in OpenStack
OpenStack Compute (nova)
• Docker driver (since Havana)
• Driver not in main source code tree
– Faster dev cycles, future plan for merging
• Implements OpenStack API
OpenStack Orchestration (heat)
• Docker plugin
• Deploy and manage containers
• Native Docker API
8. Case 1: Docker with Heat
Assume an OpenStack with Heat operational environment
1. Install the Docker plugin in Heat
cd contrib/heat-docker
sudo python ./setup.py install
Check Heat property plugin_dirs includes /usr/lib/heat
2. Restart Heat
Only the process "heat-engine" needs to be restarted to load the
new installed plugin
Use this plugin enable Docker containers as resources in
Heat templates
9. Case 2: Docker with Nova
Assume an OpenStack operational environment
1. Install Docker on your compute hosts
2. Fix permissions
usermod -G docker nova
service openstack-nova-compute restart
3. Install driver
pip install -e
git+https://github.com/stackforge/nova-docker#
egg=novadocker
10. Case 2: Enabling Docker
1. Configure nova
[DEFAULT]
compute_driver =
novadocker.virt.docker.DockerDriver
2. Create file /etc/nova/rootwrap.d/docker.filters
# nova-rootwrap command filters for setting up
network in the docker driver
# This file should be owned by (and only-writeable
by) the root user
[Filters]
# nova/virt/docker/driver.py: 'ln', '-sf',
'/var/run/netns/.*'
ln: CommandFilter, /bin/ln, root
11. Case 2: Using Docker
• Configure glance
[DEFAULT]
container_formats = ami,ari,aki,bare,ovf,docker
Follow the same workflow as other virt drivers:
• Create/Add/Use Docker images with Glance
• Create/Manage instances with Nova
12. Considerations and open issues
• Containers don't aim to be a replacement for VMs
– they are better for specific use cases
– VMs and containers may co-exist in a cloud environment
• Docker driver for nova
– Lack of integration with Cinder and Neutron
– Imports constraints with OpenStack API
• Orchestrating containers
– A different approach than treating them as another hypervisor type
– Better fitted to Docker workflow
• Further integration
– Docker authentication through OpenStack Identity (keystone)
14. Thank you for being patient!
Athens OpenStack User Group #OSATH
http://www.meetup.com/Athens-OpenStack-User-Group
Thanassis Parathyras
aparathyras@stackmasters.eu, @parathyras