VBB_-_9_Ways_to_consume_Kubernetes_on_OpenStack_in_10_mins.pdf

Transcript

1. cloudops.com @cloudops_ 9 Ways to consume Kubernetes on OpenStack in

   10 minutes

2. cloudops.com @cloudops_ Page About CloudOps 2 • Cloud infrastructure experts

   since 2005 • Managed private, public, and hybrid clouds • Deloitte’s Technology Fast 50TM • Ranked in PROFIT 500 2013, 2014, 2015, 2016 • AWS Partner • Citrix Specialist in Networking for data centre • Mirantis partner • Ranked in Branham300 list

3. cloudops.com @cloudops_ Page Who are we? 3 Stacy Véronneau •

   Director of OpenStack Solutions at CloudOps • Cloud Architect with Mirantis • Using public cloud resources for DEV, QA and Prod since 2007 • Started to use OpenStack at Folsom release

4. cloudops.com @cloudops_ Page Who are we? 4 Ayrat Khayretdinov •

   OpenStack & K8s Engineer and developer at CloudOps • Started to use OpenStack from Grizzly • Organizer of K8s and Openstack meetups in Canada

5. cloudops.com @cloudops_ MicroServices

6. cloudops.com @cloudops_ Page What are MicroServices 6 The concept of

   building applications as series of composable, modular services is nothing new, dating back as far as the first UNIX operating systems. However, more recent phenomena explain the renewed interest. 1. Adoption of Open Source technologies 2. Ascension of the pluggable architecture (API) 3. Rise of the Containers ecosystem

7. cloudops.com @cloudops_ Page Promises of MicroServices 7 MicroServices are trying

   to solve the age old saying that goes a bit like, “every successful application is an architectural nightmare”. 1. Growth ◦ Innovation drives growth and organizations should maximize opportunities to innovate. 2. Agility ◦ A platform composed of 100 services can be easily fixed or feature augmented faster. 3. Risk Reduction ◦ Microservices, if designed properly, provide significant isolation. As a result applications are built such that any and all dependencies between services are remote with the expectation that dependencies will fail.

8. cloudops.com @cloudops_ Let’s Get Started!

9. cloudops.com @cloudops_ #9-8 KubeAdm and MiniKube

10. cloudops.com @cloudops_ Page #9-8 KubeAdm and MiniKube 10 This is

    NOT consuming OpenStack but we have to start with the first place a developer is exposed to Kubernetes. Usually it’s their laptop but could also be a single instance with a Cloud Provider. Currently both solutions don’t offer a Cloud Provider support. KubeADM (Ubuntu 16.04 or CentOS 7) Bootstrap a K8s cluster in 2 commands. The installation uses a tool called kubeadm which is part of Kubernetes 1.4. This process works with local VMs, physical servers and/or cloud servers. It is simple enough that you can easily integrate its use into your own automation (Terraform, Chef, Puppet, etc). The kubeadm tool is currently in alpha MiniKube (Linux / OSX) Minikube starts a single node kubernetes cluster locally for purposes of development and testing. Minikube packages and configures a Linux VM, Docker and all Kubernetes components, optimized for local development. Minikube supports Kubernetes features such as DNS, NodePorts, ConfigMaps and Secrets, Dashboards. Minikube does not yet support Cloud Provider specific features such as LoadBalancers, PersistentVolumes, Ingress

11. cloudops.com @cloudops_ #7 The Hard Way

12. cloudops.com @cloudops_ Page #7 The Hard Way 12 This is

    for a fully custom and involved deployment. This can be done by spinning instances in OpenStack and start pulling the Git repo on you master deployment node. PROS CONS

13. cloudops.com @cloudops_ #6 Heat from K8s SIG

14. cloudops.com @cloudops_ Page #6 OpenStack Heat from K8s SIG 14

    Kubernetes OpenStack SIG (Special Interest Group) maintance kube-up.sh script (Kubernetes community effort to deploy K8s on different environments) via Openstack CloudProvider, this effort allows to deploy kubernetes cluster on Openstack by using combination of Heat templates and SaltStack. PROS • Capability to provision Openstack resources such as VMs, Networking, Sec. Groups via Heat • Supports Openstack cloud provider features • Services exposure via LbaaS v1 or V2 • Cinder integration CONS • Can serve as a basic env to run K8s on Openstack • Non production, Non HA • Runs on CentOS 7 only • No alternative to LbaaS way to expose services • No addons integration • Not composable • No Rkt support yet

15. cloudops.com @cloudops_ #5 Kargo By KubeSpray

16. cloudops.com @cloudops_ Page #5 Kargo by KubeSpray 16 Kargo is

    an Open Source project that allows you to deploy a Kubernetes cluster on Bare Metal, AWS, GCE and Openstack by using a combination of Terraform and Ansible playbooks. PROS • Capable to provisioning Openstack resources such • Can deploy a Multi-Master/HA kubernetes cluster • Runs K8s cluster components as containers • Support most popular Linux distributions • Choose the network plugin to be used within the cluster: ◦ Flannel: gre/vxlan (layer 2) networking ◦ Weave: lightweight container overlay network ◦ Calico: bgp (layer 3) networking • Running latest K8s 1.4 • TLS secured endpoints. • Provides DNS Addon integration CONS • Limited number of integrated Addons. • Not intuitive. • Krago is a great tool for advanced users or can be used for integration with automations, this due to kargo provides CLI only for deployment of K8s cluster. Therefore it is not very suitable for users or developers who is not comfortable with Ansible, Openstack env and Kargo config file which has huge number of options.

17. cloudops.com @cloudops_ #4 JuJu

18. cloudops.com @cloudops_ Page #4 JuJu by Canonical 18 Juju is

    an open source, application and service modelling tool from Ubuntu that helps to deploy, manage and scale applications on any cloud. One of the possibilities, provided by Juju is Kubernetes clusters deployment. PROS • Small footprint (2-node) K8s cluster deployment • Multi-node deployment, k8s env., which contains: ◦ 3-node K8s Cluster (1 master and 2 nodes) ◦ 3 node for etcd cluster ◦ 2 node for ElasticSearch ◦ 1 node for Kibana Dashboard • Optional: Dashboard, Ingress Controller and DNS • TLS between nodes for security • Scale Up/Down Nodes CONS • Lock-in • Unclear docs on Openstack Cloud provider config • No support for advanced networking like Calico • Not HA • No Upgrade strategy • No Rkt support yet

19. cloudops.com @cloudops_ #3 OpenShift

20. cloudops.com @cloudops_ Page #3 OpenShift by Redhat 20 PROS •

    Provides small footprint K8s deployment • Provides Multi-Master HA K8s deployment • Containerized (Atomic) or binary based (CentOS/RHEL) deployment. • Authentication: using LDAP or Keystone • Networking: Flannel and OpenShift-SDN • Load Balancing provided by LBaaS V1 (by default) • Storage: Volume provisioning support for Stateful apps via Ceph and Cinder • Provides configured Local registry deployment OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale applications in a cloud environment. CONS • It’s a bit more than just K8s cluster, It’s a PaaS! • Potential vendor lock-in on OS version, SDN and unique feature implementations • Creation of Openstack resources for K8s cluster via Heat is not automated process • Requires subscription for Enterprise version • Complex installation procedure using Ansible • No Production ready solution to expose services, rather than use External load balancer • No Bare Metal support

21. cloudops.com @cloudops_ #2 Magnum

22. cloudops.com @cloudops_ Page #2 Magnum 22 Magnum is an Openstack

    project that makes container orchestration engines (COEs) such as Swarm, Kubernetes, and Apache Mesos available as first class resources in OpenStack. PROS • Supports orchestration of all major COEs • Capability to provision Openstack resources such as VMs, Networking, Sec. Groups via Heat • Standard Openstack APIs • Bare metal support via Ironic • Attempts to integrate other Openstack service: ◦ Neutron - expose services externally ◦ Cinder - Storage provisioning for containers ◦ Kuryr - to solve network Tenant isolation via Openstack OVS ◦ Barbican - to generate TLS certificates CONS • No user friendly UI for Users to deploy and configure K8s cluster, only APIs. • Low maturity level, mainly due to focus on multiple technologies and slow release cycles • No features or add-ons configured • Slow on K8s release updates (currently 1.2) • Magnum integration points like Ironic, Barbican, Kuryr which are in early adoption • No Upgrade support and limited monitoring • Networking: Flannel only

23. cloudops.com @cloudops_ #1 Murano

24. cloudops.com @cloudops_ Page #1 Murano 24 Murano is an Openstack

    Service that introduces an application catalog for OpenStack, enabling apps developers and cloud admins to publish various cloud-ready applications in a browsable catalog. Murano apps catalog provides packages to deploy and configure Kubernetes cluster via user friendly UI interface in a drug & drop fashion. PROS • Support for internet disconnected provisioning of components • Automatically Exposes Services via HAProxy node • Automatic Openstack resource provisioning based on selected size of cluster via Heat. • Kubernetes Cluster via Community Apps catalog provides: ◦ HA etcd, single Master K8s Cluster on 1.4 release ◦ Advanced Networking with Calico, Flannel as option ◦ Optional: Dashboard and DNS ◦ Scale up/down Node/Pods capabilities CONS • No LbaaS integration for services • No Rkt support • Runs only on Debian • No built-in monitoring

25. cloudops.com @cloudops_ Thank you all for your time.