This document provides 9 ways to consume Kubernetes on OpenStack in 15 minutes. It summarizes each option including KubeADM and MiniKube for local development, deploying Kubernetes "The Hard Way" by manually configuring components, using Heat templates from the Kubernetes OpenStack SIG, Kargo which uses Terraform and Ansible, Juju from Canonical, OpenShift from Red Hat, Magnum which provisions container orchestration engines as OpenStack resources, Murano which provides a user-friendly UI app catalog for deploying Kubernetes, and recommends #1 Murano as the best option.
2. cloudops.com @cloudops_Page
About CloudOps
2
Cloud infrastructure experts since 2005
Managed private, public, and hybrid clouds
Deloitte’s Technology Fast 50TM
Ranked in PROFIT 500 2013, 2014, 2015, 2016
AWS Partner
Citrix Specialist in Networking for data centre
Mirantis partner
Ranked in Branham300 list
3. cloudops.com @cloudops_Page
Who are we?
3
Stacy Véronneau
Director of OpenStack Solutions at
CloudOps
Cloud Architect with Mirantis
Using public cloud resources for
DEV, QA and Prod since 2007
Started to use OpenStack at Folsom
release
4. cloudops.com @cloudops_Page
Who are we?
4
Ayrat Khayretdinov
OpenStack & K8s Engineer and
developer at CloudOps
Started to use OpenStack from
Grizzly
Organizer of K8s and Openstack
meetups in Canada
6. cloudops.com @cloudops_Page
What are MicroServices
6
The concept of building applications as series of composable,
modular services is nothing new, dating back as far as the first
UNIX operating systems. However, more recent phenomena
explain the renewed interest.
1. Adoption of Open Source technologies
2. Ascension of the pluggable architecture (API)
3. Rise of the Containers ecosystem
7. cloudops.com @cloudops_Page
Promises of MicroServices
7
MicroServices are trying to solve the age old saying that goes a bit like,
“every successful application is an architectural nightmare”.
1. Growth
Innovation drives growth and organizations should maximize
opportunities to innovate.
2. Agility
A platform composed of 100 services can be easily fixed or feature
augmented faster.
3. Risk Reduction
Microservices, if designed properly, provide significant
isolation. As a result applications are built such that any
and all dependencies between services are remote with the
expectation that dependencies will fail.
9. cloudops.com @cloudops_Page
What is OpenStack
9
OpenStack is a free and open-source software platform for cloud computing, mostly deployed as an
infrastructure-as-a-service (IaaS). The software platform consists of interrelated components that
control diverse, multi-vendor hardware pools of processing, storage, and networking resources
throughout a data center.
10. cloudops.com @cloudops_Page
Why Kubernetes On OpenStack
10
OpenStack can offer a single pane of glass for containerized,
virtualized or bare metal(ized) resources. Running K8s on OpenStack
makes operations easier (centralized) but also exposes a single set a
API to target all resources (1 API to Rule Them All!).
OpenStack Newton, the technology's 14th release, shows just how
far we've come: where we used to focus on basic things, such as
supporting specific hypervisors or enabling basic SDN capabilities,
now that's a given, and we're talking about how OpenStack has
reached its goal of supporting cloud-native applications in all of their
forms -- virtual machines, containers, and bare metal.
13. cloudops.com @cloudops_Page
#9-8 KubeAdm and MiniKube
13
This is NOT consuming OpenStack but we have to start with the first place a developer is exposed to Kubernetes.
Usually it’s their laptop but could also be a single instance with a Cloud Provider. Currently both solutions don’t offer
a Cloud Provider support.
KubeADM (Ubuntu 16.04 or CentOS 7)
Bootstrap a K8s cluster in 2 commands.
The installation uses a tool called kubeadm which is part
of Kubernetes 1.4.
This process works with local VMs, physical servers
and/or cloud servers. It is simple enough that you can
easily integrate its use into your own automation
(Terraform, Chef, Puppet, etc).
The kubeadm tool is currently in alpha
MiniKube (Linux / OSX)
Minikube starts a single node kubernetes cluster locally
for purposes of development and testing. Minikube
packages and configures a Linux VM, Docker and all
Kubernetes components, optimized for local
development. Minikube supports Kubernetes features
such as DNS, NodePorts, ConfigMaps and Secrets,
Dashboards
Minikube does not yet support Cloud Provider specific
features such as LoadBalancers, PersistentVolumes,
Ingress
15. cloudops.com @cloudops_Page
#7 The Hard Way
15
This is for a fully custom and involved deployment. This can be done by spinning instances in OpenStack and start
pulling the Git repo on you master deployment node.
PROS
Your control what you get from versions to
services.
CONS
17. cloudops.com @cloudops_Page
#6 OpenStack Heat from K8s SIG
17
Kubernetes OpenStack SIG (Special Interest Group) maintance kube-up.sh script (Kubernetes community effort to
deploy K8s on different environments) via Openstack CloudProvider, this effort allows to deploy kubernetes cluster
on Openstack by using combination of Heat templates and SaltStack.
PROS
Capability to provision Openstack resources such as
VMs, Networking, Sec. Groups via Heat
Supports Openstack cloud provider features
Services exposure via LbaaS v1 or V2
Cinder integration
CONS
Can serve as a basic env to run K8s on Openstack
Non production, Non HA
Runs on CentOS 7 only
No alternative to LbaaS way to expose services
No addons integration
No HA support
Not composable
No Rkt support yet
19. cloudops.com @cloudops_Page
#5 Kargo by KubeSpray
19
Kargo is an Open Source project that allows you to deploy a Kubernetes cluster on Bare Metal, AWS, GCE and
Openstack by using a combination of Terraform and Ansible playbooks.
PROS
Capable to provisioning Openstack resources such
Can deploy a Multi-Master/HA kubernetes cluster
Runs K8s cluster components as containers
Support most popular Linux distributions
Choose the network plugin to be used within the cluster:
Flannel: gre/vxlan (layer 2) networking
Weave: lightweight container overlay network
Calico: bgp (layer 3) networking
Running latest K8s 1.4
TLS secured endpoints.
Provides DNS Addon integration
CONS
Limited number of integrated Addons.
Not intuitive.
Krago is a great tool for advanced users or can
be used for integration with automations,
this due to kargo provides CLI only for
deployment of K8s cluster. Therefore it is
not very suitable for users or developers
who is not comfortable with Ansible,
Openstack env and Kargo config file which
has huge number of options.
21. cloudops.com @cloudops_Page
#4 JuJu by Canonical
21
Juju is an open source, application and service modelling tool from Ubuntu that helps to deploy, manage and scale
applications on any cloud. One of the possibilities, provided by Juju is Kubernetes clusters deployment.
PROS
Small footprint (2-node) K8s cluster deployment
Multi-node deployment, k8s env., which contains:
3-node K8s Cluster (1 master and 2 nodes)
3 node for etcd cluster
2 node for ElasticSearch
1 node for Kibana Dashboard
Optional: Dashboard, Ingress Controller and DNS
TLS between nodes for security
Scale Up/Down Nodes
CONS
Lock-in
No clear instructions on using Openstack Cloud
Provider and using Cinder or LbaaS.
No support for advanced networking such as Calico
No possibility to provision Openstack Nodes for K8s
Cluster.
Not HA
No Upgrade strategy
No Rkt support yet
23. cloudops.com @cloudops_Page
#3 OpenShift by Redhat
23
OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale
applications in a cloud environment.
PROS
Provides small footprint K8s deployment
Provides Multi-Master HA K8s deployment
Containerized (Atomic) or binary based (CentOS/RHEL)
deployment.
Supports both OpenStack’s LBaaS offering and
standalone HA proxy.
Provides configured Local registry deployment
Authentication using LDAP or Keystone
CONS
It’s a bit more than just K8s cluster, It’s a PaaS!
No capability to provision Openstack resources such
as VMs, Networking, Sec. Groups
Vendor Locking
Requires subscription for Enterprise version
Complex installation procedure using Ansible not
developer friendly
No Rkt support yet
25. cloudops.com @cloudops_Page
#2 Magnum
25
Magnum is an Openstack project that makes container orchestration engines (COEs) such as Swarm, Kubernetes,
and Apache Mesos available as first class resources in OpenStack.
PROS
Capability to provision Openstack resources such as
VMs, Networking, Sec. Groups via Heat
Standard Openstack APIs
Focuses to run Containers both in VMs and Bare Metal
via Ironic (WIP)
Supports orchestration of all major COEs
Attempts to integrate with Keystone, Neutron, Cinder,
Barbican, Kuryr
CONS
No user friendly UI for Users to deploy and configure
K8s cluster, only APIs.
Low maturity level, mainly due to focus on multiple
technologies and slow release cycles
No features or add-ons configured, still running on K8s
1.2 release
Magnum integration points like Ironic, Barbican, Kuryr
which are in early adoption
No Upgrade support and limited monitoring
Networking: Flannel only
27. cloudops.com @cloudops_Page
#1 Murano
27
Murano is an Openstack Service that introduces an application catalog for OpenStack, enabling apps developers and
cloud admins to publish various cloud-ready applications in a browsable catalog. Murano apps catalog provides
packages to deploy and configure Kubernetes cluster via user friendly UI interface in a drug & drop fashion.
PROS
Support for internet disconnected provisioning of K8s componentes
Automatically Exposes Services via HAProxy node
Provisions Openstack resources and comes with 2 flavors:
Light-weight Kubernetes Cluster (Community Version):
Non-HA K8s Cluster on 1.3 release
Scale up/down Node capabilities
Flannel networking, without add-ons and monitoring.
Production grade Kubernetes Cluster (Mirantis Hardened):
CONS
Ingress and LbaaS integration is not completed.
HAproxy node required for
No Rkt support yet
Runs only on Debian
For Production Grade requires subscription for
MOS Openstack
Openshift PaaS from RH changed the platform to K8s
Redhat Very Active in K8s Community a done lot of contribution towards security, scheduling
This was our 9 ways to consume K8s on Openstack. We invite those of you not familiar with some of the tools presented to try them out. Feel free to contact us if you have any questions we thank you and enjoy the rest of the summit.