1. How to operate
containerized openstack
2019.10.01
OpenStack Korea User Group NaleeJang

2. Index
Openstack services
Packages vs Containers
How to configure openstack containers
How to use openstack containers
Summary
2

3. Openstack services
3

4. What is OpenStack?
4

5. OpenStack Architecture
5

6. OpenStack Deployment Services
6

7. Deployment Framework TripleO
7
TRIPLEO

8. TripleO Components
8
OpenStack On OpenStack

9. OpenStack Services
9
Undercloud (Director) Controller Compute
Red Hat Enterprise Linux 7.x Red Hat Enterprise Linux 7.x Red Hat Enterprise Linux 7.x
Docker daemon
MariaDB
RabbitMQ
Redis
Nova
Neutron
Glance
Swift
Heat Mistral
Ironic Zaqar
Docker daemon
Docker Registry
MariaDB RabbitMQ
Redis Haproxy
Nova Neutron
Glance Barbican
Aodh Ceilometer
Gnocchi Panko
Cinder Manila
Octavia Heat
Pacemaker
Horizon Keystone
Keystone
Docker daemon
Nova-compute
Neutron-ovs-agent
Ceilometer-agent
KVM Hypervisor
Logrotate-corond
VM1
VM2
VM3
VM4
Undercloud Overcloud
Deploy
Configure
Manage

10. Packages vs Containers
10

11. Packages vs Containers
11
Packages
Operating System
Sources
Process1
Process2
Process3
Containers
Operating System
Operating System
Process1
Operating System
Process2
vs
Packages types processes are running on host, but in the container environment, the
processes are running on container.

12. Packages vs Containers
12
Packages
Operating System
Nova
Sources
nova-sch
eduler
nova-con
ductor
nova-api
Containers
Operating System
Operating System
nova-api
Operating System
nova-sch
eduler
vs
In the packages environment, we can modify service’s configuration. But in the containers
environment, we need to rebuild container images for modifying.

13. OpenStack nova architecture
13
openstack-nova-api
openstack-nova-conductor
openstack-nova-consoleauth
openstack-nova-novncproxy
openstack-nova-scheduler
Package’s name
nova_metadata
nova_api
nova_conductor
nova_vnc_proxy
nova_consoleauth
nova_api_cron
nova_scheduler
nova_placement
Container’s name

14. OpenStack nova service packages
14
[root@con1 ~]# docker ps | grep nova
b306dea9036e 192.168.100.200:8787/rhosp13/openstack-nova-api:13.0-76.1554788877
"kolla_start" 3 months ago Up 46 hours (healthy) nova_metadata
1188bebab31a 192.168.100.200:8787/rhosp13/openstack-nova-api:13.0-76.1554788877
"kolla_start" 3 months ago Up 46 hours (healthy) nova_api
caac257c843b 192.168.100.200:8787/rhosp13/openstack-nova-placement-api:13.0-75.1554788885
"kolla_start" 3 months ago Up 46 hours (healthy) nova_placement
4524d6c0dc8f 192.168.100.200:8787/rhosp13/openstack-nova-scheduler:13.0-76.1554788862
"kolla_start" 3 months ago Up 46 hours (healthy) nova_scheduler
41c245f38044 192.168.100.200:8787/rhosp13/openstack-nova-novncproxy:13.0-77.1554788872
"kolla_start" 3 months ago Up 46 hours (healthy) nova_vnc_proxy
de778fb6a443 192.168.100.200:8787/rhosp13/openstack-nova-consoleauth:13.0-74.1554788860
"kolla_start" 3 months ago Up 46 hours (healthy) nova_consoleauth
468fd945d50f 192.168.100.200:8787/rhosp13/openstack-nova-api:13.0-76.1554788877
"kolla_start" 3 months ago Up 46 hours nova_api_cron
15baa1302a05 192.168.100.200:8787/rhosp13/openstack-nova-conductor:13.0-74.1554788876
"kolla_start" 3 months ago Up 46 hours (healthy) nova_conductor
[root@con1 ~]#
Nova’s services container list

15. How to configure
openstack containers
15

16. OpenStack Container Environment
16
Container
Operating System
Sharing
parted resource
After modify container
configuration, the container’s
state will be initialized if
container restart.
Share
Specific
space

17. OpenStack Container Environment
17
Controller
Docker
Nova
nova_api nova_metadata
nova_conductor nova_placement
nova_sheduler nova_vnc_proxy
...
Red Hat Enterprise Linux 7.6
Neutron
neutron_api neutron_ovs_agent
neutron_l3_agent neutron_dhcp
neutron_metadata_agent
Cinder
cinder_api cinder_schedulr
openstack_cinder_volume_docker0
Glacne
glance_api
Keystone
keystone
Horizon
horizon
Logs
Nova
/var/log/containers/nova
Neutron
/var/log/containers/neutron
Cinder
/var/log/containers/cinder
Glance
/var/log/containers/glance
Horizon
/var/log/containers/horizon
...
Configs
Nova
/var/lib/config-data/puppet
-generated/nova/etc/nova/
Neutron
/var/lib/config-data/puppet
-generated/neutron/etc/neut
ron/
Cinder
/var/lib/config-data/puppet
-generated/cinder/etc/cinde
r/
Glance
/var/lib/config-data/puppet
-generated/glance/etc/glanc
e/
Horizon
/var/lib/config-data/puppet
-generated/horizon/etc/open
stack-dashboard/
...
Mount
Mount
Mount
Mount
Mount
...
Mount
Mount
Mount
Mount
Mount
...
Container
Directory
rhel7.6
rhel7.6
rhel7.6
rhel7.6
rhel7.6
rhel7.6

18. How to configure OpenStack
18
[root@con1 puppet-generated]# cd /var/lib/config-data/puppet-generated/nova
[root@con1 nova]# ll
total 0
drwxr-xr-x. 6 root root 62 Sep 29 01:56 etc
drwxr-xr-x. 4 root root 30 Aug 7 09:34 var
[root@con1 nova]#
[root@con1 nova]# ll etc
total 0
drwxr-xr-x. 5 root root 54 Aug 7 09:34 httpd
drwxr-xr-x. 2 root root 25 Sep 29 01:56 my.cnf.d
drwxr-xr-x. 2 root root 23 Aug 7 08:53 nova
drwxr-xr-x. 3 root root 20 Aug 1 18:17 systemd
[root@con1 nova]# ll etc/nova
total 372
-rw-r-----. 1 root 42436 379872 Sep 29 01:56 nova.conf
[root@con1 nova]#
Containerized OpenStack can configure
through specific directory
(/var/lib/config-data/puppet-generated)

19. How to configure OpenStack
19
[root@con1 nova]# cat etc/nova/nova.conf | grep -v ^# | grep -v ^$
[DEFAULT]
rootwrap_config=/etc/nova/rootwrap.conf
allow_resize_to_same_host=False
vif_plugging_is_fatal=True
vif_plugging_timeout=300
ram_allocation_ratio=1.0
instance_name_template=instance-%08x
my_ip=172.17.1.11
host=con1.example.com
dhcp_domain=
firewall_driver=nova.virt.firewall.NoopFirewallDriver
ssl_only=True
cert=/etc/pki/tls/certs/novnc_proxy.crt
key=/etc/pki/tls/private/novnc_proxy.key
state_path=/var/lib/nova
report_interval=10
...
If modify conf files in shared specific
directory, the container will be run after
loading conf files of specific directory when
container start.

20. How to see OpenStack logs
20
[root@con1 nova]# cd /var/log/containers/
[root@con1 containers]# ll
total 0
drwxr-xr-x. 2 42402 42402 120 Sep 29 02:27 aodh
drwxr-xr-x. 2 42405 42405 85 Sep 29 02:35 ceilometer
drwxr-xr-x. 2 42407 42407 106 Sep 29 02:35 cinder
drwxr-xr-x. 2 42415 42415 21 Sep 29 02:19 glance
drwxr-xr-x. 2 42416 42416 74 Sep 29 02:35 gnocchi
drwxr-xr-x. 2 root root 25 Sep 29 02:16 haproxy
drwxr-xr-x. 2 42418 42418 73 Sep 29 02:27 heat
drwxr-xr-x. 2 apache apache 25 Sep 29 02:03 horizon
drwxr-xr-x. 14 root root 219 Sep 29 01:49 httpd
drwxr-xr-x. 2 42425 42425 57 Sep 29 11:01 keystone
drwxr-xr-x. 2 42434 42434 24 Sep 29 02:07 mysql
drwxr-xr-x. 2 42435 42435 147 Sep 29 02:29 neutron
drwxr-xr-x. 2 42436 42436 215 Sep 29 02:28 nova
...
We can see services directory in the
specific directory(/var/log/containers)

21. How to see OpenStack logs
21
[root@con1 containers]# cd nova
[root@con1 nova]# ll
total 3592
-rw-r--r--. 1 42436 42436 1895944 Sep 29 14:09 nova-api.log
-rw-r--r--. 1 42436 42436 847896 Sep 29 14:09 nova-api-metadata.log
-rw-r--r--. 1 42436 42436 8533 Sep 29 11:01 nova-conductor.log
-rw-r--r--. 1 42436 42436 7258 Sep 29 11:01 nova-consoleauth.log
-rw-r--r--. 1 42436 42436 84409 Sep 29 02:22 nova-manage.log
-rw-r--r--. 1 42436 42436 700 Sep 29 02:27 nova-novncproxy.log
-rw-r--r--. 1 42436 42436 271975 Sep 29 14:08 nova-placement-api.log
-rw-r--r--. 1 42436 42436 25284 Sep 29 14:08 nova-scheduler.log
[root@con1 nova]# tail -f nova-api.log
2019-09-29 14:08:59.717 772 INFO nova.api.openstack.requestlog
[req-8d531562-4f33-420c-ae27-dacbb2ad8ee1 f960b35758884d10bc21028180e7d65c
0f4ed0809e3942c99306d70c134d0489 - default default] 172.17.1.11 "OPTIONS /" status: 200 len:
397 microversion: - time: 0.000886
2019-09-29 14:09:01.729 772 INFO nova.api.openstack.requestlog
[req-8d531562-4f33-420c-ae27-dacbb2ad8ee1 f960b35758884d10bc21028180e7d65c
0f4ed0809e3942c99306d70c134d0489 - default default] 172.17.1.11 "OPTIONS /" status: 200 len:
397 microversion: - time: 0.000568
We can see logs in the service
directory of specific directory.

22. How to use openstack
containers
22

23. Basic Operation Commands
23
[root@con1 ~]# docker stop nova_api
[root@con1 ~]# docker start nova_api
[root@con1 ~]# docker restart nova_api
[root@con1 ~]# docker restart nova_api nova_placement nova_scheduler
nova_vnc_proxy nova_consoleauth nova_api_corn nova_conductor nova_metadata
Basic Command for controlling and operating services

24. Network
24
[root@con1 ~]# docker ps | grep neutron
CONTAINER ID IMAGE COMMAND
CREATED STATUS PORTS NAMES
4871f1b2259c 192.168.100.200:8787/rhosp13/openstack-neutron-dhcp-agent:13.0-77.1554788896 "ip netns
exec qdh..." 46 hours ago Up 46 hours
neutron-haproxy-qdhcp-b8c3caac-ea44-464a-a8ef-f6d698bd53b5
6cc5b74a1c10 192.168.100.200:8787/rhosp13/openstack-neutron-dhcp-agent:13.0-77.1554788896 "ip netns
exec qdh..." 46 hours ago Up 46 hours
neutron-dnsmasq-qdhcp-b8c3caac-ea44-464a-a8ef-f6d698bd53b5
59581f77930b 192.168.100.200:8787/rhosp13/openstack-neutron-dhcp-agent:13.0-77.1554788896 "ip netns
exec qdh..." 46 hours ago Up 46 hours
neutron-dnsmasq-qdhcp-0c78d4af-96cd-4073-9ed6-ce2b7920a91c
e116eab1a16a 192.168.100.200:8787/rhosp13/openstack-neutron-dhcp-agent:13.0-77.1554788896 "ip netns
exec qdh..." 46 hours ago Up 46 hours
neutron-haproxy-qdhcp-87721945-9f7c-46ca-9ae7-1f66ddc21ca4
ee1cea3e077f 192.168.100.200:8787/rhosp13/openstack-neutron-dhcp-agent:13.0-77.1554788896 "ip netns
exec qdh..." 46 hours ago Up 46 hours
neutron-dnsmasq-qdhcp-87721945-9f7c-46ca-9ae7-1f66ddc21ca4
...
74cb96f6c028 192.168.100.200:8787/rhosp13/openstack-neutron-l3-agent:13.0-75.1554788897 "ip netns
exec qro..." 46 hours ago Up 46 hours
neutron-haproxy-qrouter-0ae78562-b7de-484c-92bd-a25a7b8e4c63
Network is also created container.

25. Storage
25
[root@con1 ~]# docker ps | grep cinder-volume
CONTAINER ID IMAGE
COMMAND CREATED STATUS PORTS NAMES
192.168.100.10:8787/rhosp13/openstack-cinder-volume:pcmklatest
"/bin/bash /usr/lo..." 46 hours ago Up 46 hours
openstack-cinder-volume-docker-0
[root@con1 ~]# docker exec -ti openstack-cinder-volume-docker-0 df -h | grep vol
192.168.100.8:/cinder_vol02 13T 204G 13T 2%
/var/lib/cinder/mnt/4081440e749e9be9cab7a6fed1d1feda
192.168.100.8:/cinder_vol01 13T 153G 13T 2%
/var/lib/cinder/mnt/349ddc02366f05b7be11a4afb50828c5
[root@con1 ~]#
In the Cinder backend storage is NFS case, we can see the NFS mount point in the container.

26. Summary
26

27. Summary
27
OpenStack can use Bare metal, Virtual Machine, Container.
Nowadays, OpenStack environment is transfering from VM to Container.
We can modify OpenStack service configuration through shared specific directory between
container and host(/var/lib/config-data/puppet-generated).
We can see OpenStack service logs through specific directory(/var/log/containers).

28. Thank you
nalee999@gmail.com
28