SLIDE 1
Build Your Serverless Container Cloud with OpenStack and Kubernetes
Kevin Zhao
Senior Software Engineer on Arm. OpenStack Zun Core Reviewer kevin.zhao@arm.com
22.05.2018
Build Your Serverless Container Cloud with OpenStack and Kubernetes - - PowerPoint PPT Presentation
Build Your Serverless Container Cloud with OpenStack and Kubernetes - - PowerPoint PPT Presentation
22.05.2018 Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software Engineer on Arm. OpenStack Zun Core Reviewer kevin.zhao@arm.com Agenda What is Serverless Container Cloud Demo Zun and Container
SLIDE 2
SLIDE 3
What is Serverless Container Cloud
SLIDE 4
Traditional Container Cloud
- Provision the cluster
first, pay much effort in cluster management
- Cluster level multi-
tenant isolation
- Low resource utilization
Cloud Infrastructure
SLIDE 5
Serverless Means “Clusterless”
Run container without managing servers or clusters. Ability
- Run container right way with one
command
- Container level multiple tenant
support
- Hypervisor level security isolation
Azure Container Instance
SLIDE 6
Build a cluster Just one command
SLIDE 7
Serverless container technology is cool But I need to work with Kubernetes
SLIDE 8
Kubernetes control plane
Pod Pod Pod Kubelet Pod Pod Pod Pod Kubelet Pod
Deployment/Task Application architecture Infrastructure architecture
VM VM Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod
SLIDE 9
Node1 Node2
OpenStack as a Virtual Kubelet Node
- For user, Kubernetes on top
- OpenStack as a Virtual Kubelet node
- Deploy workloads on this virtual node
use kubectl and the backend realization is Zun.
- For user, nothing different. User only
needs to focus on the containers.
SLIDE 10
For building serverless container cloud, what do you need initially
Standalone OpenStack and Kubernetes Network connected
OpenStack provisioned Kubernetes
SLIDE 11
Zun and Container Capsule
Zun Introduction Wine container from Ancient China
SLIDE 12
- Container Service of OpenStack
- Provide the ability of provisioning and managing
containers without caring underlying infrastructure. Characteristics
- Container as the first class resource
- Individual IP Address/vCPU/Memory
Goal of Zun
- Make users focus on their application
- Pay just what they need(Clusterless)
Zun – Container Service
SLIDE 13
Zun – Container Service
SLIDE 14
Container inside OpenStack
Kuryr Neutron (Network) Cinder (Storage) Glance (Image) Keystone
(Authentication)
Zun
provisioning and managing containers
SLIDE 15
Try Zun
SLIDE 16
How to implement Pod in Zun
SLIDE 17
Zun and Container Capsule
Container Capsule
SLIDE 18
Container Capsule
- One Sandbox container
- Multiple containers
- Multiple volumes
Component
- Basic unit in Zun
- Co-Scheduled/Co-located
- Share the network namespace
- Share the resource limits
Characteristic
SLIDE 19
NEUTRON KURYR
Unified OpenStack API
Cinder Unified Block Device Glance Unified Image Repository
BM VM
Unified Network
Keystone
Unified Authentication
SLIDE 20
Capsule Template
Support type:
- Yaml
- Json
Kubernetes friendly
SLIDE 21
Capsule API
POST /v1/capsules
- zun capsule-create –f demo.yaml
GET /v1/capsules
- Zun capsule-list
GET /v1/capsules/{uuid}
- Zun capsule-describe <uuid>/<name>
DELETE /v1/capsules/{uuid}
- Zun capsule-delete <uuid>/<name>
SLIDE 22
SLIDE 23
Build Serverless Container Cloud
Kubernetes on top, Zun backend
SLIDE 24
Virtual-Kubelet
- Kubelet implementation,
masquerades container service as Kubelet node.
- Kubernetes on top, programmed
back.
- Intermediary to map Kubernetes
requests and resource to container service
SLIDE 25
Virtual-Kubelet Goal
SLIDE 26
Virtual-kubelet structure
Provider Resource Manager Vkubelet Main Process Info Cache
CreatePodK8s client
Record Pod info from K8s
Backend Driver
Gophercloud
SLIDE 27
CreatePod UpdatePod DeletePod GetPod GetPods GetConfigMap GetSecrets
Sync Pod and Node:
- 1. Watch pod requests from K8s.
Update resource manager.
- 2. Periodic task to update Node
and Pod status from provider to K8s.
Virtual-kubelet Structure
Resource Manager Vkubelet Main Process
Register Node Sync Pod/Node
CreatePodRegister Node:
- 1. Capacity(), get virtual node info.
Fill into k8s node object.
- 2. Call:
k8sClient.CoreV1().Nodes().Create (node) K8s client
SLIDE 28
Virtual-kubelet Structure
Provider Resource Manager Vkubelet Main Process Pod Operation Node Operation
CreatePodReconcile
Pod: CreatePod UpdatePod DeletePod GetPod GetPods GetPodStatus Node: Capacity NodeCondition Gophercloud Reconcile:
- 1. Create:
GetPods from RM, GetPods from Provider, CreatePod if no DeletionTimeStamp
- 2. Delete:
GetPods from provider, Check into RM, if not exist, DeletePod from Provider
SLIDE 29
Virtual-kubelet Zun support
Communication:
- 1. Gophercloud for Zun
Capsule API support in Gophercloud
- 2. Virtual Kubelet Zun client
Connect Zun by Gophercloud Resource Providing:
- 1. Capsule will be the backend realization of Pod
- 2. Provider essential functions for pod and node management
SLIDE 30
Pod Create Process
Kubectl Create pod
VK pod watcher Find pod request Resource Manager Add Pod to resource manager VK Reconcile
Get pod from Zun Compare with resource manager
Provider
CreatePod Remap attribute from pod to capsule
Provider gophercloud capsule create Zun Capsule create
SLIDE 31
Fut uture ure
- Enhanced the virtual kubelet support for
configmap and secret
- Enhanced Capsule implementation and operation
- Aligned with Kubernetes related attribute
- Cinder multiple attach for container
SLIDE 32
Show me the demo
Talk is cheap
SLIDE 33
SLIDE 34
You are welcome to join us
Wiki: https://wiki.openstack.org/wiki/Zun IRC: #openstack-zun Integration of Openstack Zun with Kata containers
May 23th, 2:40pm-3:20pm, Room 109
Zun Project Update
May 24th, 3:30pm-3:50pm, Room 212
SLIDE 35
@OpenStack
THA THANKS NKS.
Questions?
- penstack
- penstack
OpenStackFoundation