Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Atomic Bonds: openSUSE Kubic & SUSE CaaSP

Atomic Bonds: openSUSE Kubic & SUSE CaaSP

openSUSE & SUSE exploring the container world

The Kubic Project is an exciting new part of the openSUSE family. This talk will provide a brief introduction of the Project and how it focuses on container technologies such as the Docker & Podman runtimes, Kubernetes, Transactional (Atomic) Operating System updates, and much more.

The session will then go into detail how Kubic provides the base for SUSE's Container as a Service Platform (CaaSP), explaining how Kubic serves a similar role to that product as Tumbleweed does to SUSE Linux Enterprise, and explaining the relationship between CaaSP versions, SLE versions, and Tumbleweed.

Finally, this presentation will be an opportunity for those interested in Kubic to learn ways they can get involved with the project and contribute, regardless if their interest is containers, orchestration, testing, or atomic system updates.

Richard Brown

May 25, 2018
Tweet

More Decks by Richard Brown

Other Decks in Programming

Transcript

  1. Richard Brown
    Linux Distribution Engineer
    [email protected]
    Atomic Bonds
    openSUSE Kubic & SUSE CaaS Platform exploring
    the container world
    Alex Herzig
    Project Manager
    [email protected]

    View Slide

  2. View Slide

  3. View Slide

  4. View Slide

  5. View Slide

  6. View Slide

  7. View Slide

  8. 100101010101000101010101111000
    0101010101110101010001010101010
    01010101110101010101001010101010
    01010000101010101010101110101010
    00100101010101010101010001010101
    00101010101011110101010101010101
    11101010101010101010101010101010

    View Slide

  9. View Slide

  10. View Slide

  11. View Slide

  12. View Slide

  13. View Slide

  14. View Slide

  15. SUSEs CaaS Platform

    View Slide

  16. 18
    Stack Overview
    View of the whole SUSE CaaS
    Platform stack with a use case
    of running Cloud Native
    Applications.
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  17. 19
    Physical Infrastructure
    SUSE CaaS Platform can
    directly run on x86_64 bare
    metal architecture…

    Physical servers

    Desktop computers

    Small Format Factor PCs run
    and develop a cluster on your
    desk
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  18. 20
    Virtual Infrastructure
    … but also on virtual
    environments:

    VMWare, Hyper-V, KVM, XEN,

    Private Clouds: SUSE
    OpenStack Cloud

    Public Clouds: AWS, Azure,
    Google Cloud
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  19. 21
    Operating System
    SUSE CaaSP Platform brings its
    own special purpose container
    host operating system SUSE
    MicroOS based on SLES 12 SP3,
    it covers:

    Installation

    Configuration

    Transactional Updates

    Installing 3rd party tools for
    e.g. monitoring

    Debugging
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  20. 22
    Container Execution
    A layer that handles the whole
    landscape of containers.

    Container run-times from the
    Docker project or cri-o as
    tech preview

    Container registries: SUSE
    Registry (registry.suse.com),
    ISC registries, onsite
    registries and proxy
    registries
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  21. 23
    Kubernetes
    Kubernetes, the most popular
    Container-Cluster-/Orchestratio
    n solution, is integrated in the
    stack:

    K8s comes already installed
    and configured for your
    cluster

    There are quarterly updates
    of Kubernetes
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  22. 24
    Container Scheduling
    The scheduler is making sure
    that:

    Services are (almost) always
    running

    Provides fault tolerance and
    high availability

    Makes sure that the desired
    state of a service is (almost)
    always fulfilled, automatically.
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  23. 25
    Container Orchestration
    The Container Orchestration
    gives you:

    More control over the
    containers running on your
    infrastructure

    Containers can be labeled,
    grouped and can be given
    their own subnet.
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  24. 26
    Layer6
    Container Orchestration
    Cluster Management
    Velum is the SUSE own dashboard
    that manages your SUSE CaaS
    Platform cluster, using Salt. You
    will be able to:

    Bootstrap a Kubernetes cluster
    with a simple click

    Manage your K8s cluster:

    Adding nodes

    Removing nodes

    Monitor faulty nodes

    Setup an update policy that suits
    your needs
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  25. 27
    Application Ecosystem
    This is an optional layer that
    makes it more easily to run
    applications by:

    PaaS: SUSE Cloud
    Application Platform

    Serverless / Function-as-a-
    Service Frameworks

    Observability / Analysis
    (prometheus)

    Service Management
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  26. 28
    Cloud Native Applications
    Running workloads as Cloud Native
    Applications that are:

    Operational: Expose control of
    application/system life cycle

    Observable: Provide meaningful
    signals for observing state, health, and
    performance.

    Elastic: Grow and shrink to fit in
    available resources and to meet
    fluctuating demand.

    Resilient: Fast automatic recovery
    from failures.

    Agile: Fast deployment, iteration, and
    reconfiguration.
    Layer1
    Physical Infrastructure
    Layer2
    Virtual Infrastructure
    Layer3
    Operating System
    Layer4
    Container Engine
    Layer5
    Container Scheduling
    Layer6
    Container Orchestration
    Layer8
    Application Ecosystem
    Layer9
    Cloud Native Applications
    Layer7
    Cluster Management
    Velum

    View Slide

  27. Into the future with Kubic

    View Slide

  28. Kubic Project

    Founded in May 2017

    Sub-Project of the openSUSE Project

    Focused on Container Technologies incl:
    – MicroOS, Tumbleweed-based Cluster Host OS
    – Velum, Kubernetes Cluster Bootstrapper & MicroOS Cluster
    Dashboard

    Upstream of SUSE Container as a Service Platform

    View Slide

  29. View Slide

  30. Similar but different

    Independent from SUSE CaaS Platform

    Based on openSUSE Tumbleweed

    Targeting the latest upstream container tech
    – Kubeadm cluster bootstrapper
    – Podman/CRI-O alternative container runtime
    – Transactional Operating System Updates
    – Highly customisable installation routine

    View Slide

  31. Similar but different

    Independent from SUSE CaaS Platform

    Based on openSUSE Tumbleweed

    Targeting the latest upstream container tech
    – Whatever our community want to explore
    For more come to Paul Gonins talk
    Main Hall 1245 Sunday

    View Slide

  32. “I NEVER want to touch a running system”
    - Every SysAdmin, ever

    View Slide

  33. What is a Transactional Update?
    An Update that:

    Is Atomic
    – Either fully applied, or not at all
    – Update does not influence the running system

    Can be rolled back
    – A failed or incompatible update can be quickly discarded to
    restore the previous system conditions

    View Slide

  34. Transactional Updates

    Originally designed for MicroOS

    Core feature in Kubic & SUSE CaaS Platform

    Contributed to Leap 15 and Tumbleweed
    – Install with “Transactional Server” System Role
    For more come to Ignaz Forsters talk
    This Room 1500 Tomorrow

    View Slide

  35. Developing Together

    View Slide

  36. Tumbleweed – The *SUSE “Factory”

    openSUSE Tumbleweed provides an always working, fast
    moving codebase for software development

    Tumbleweed provides the base system for all SUSE Linux
    Enterprise Major Releases (eg. SLE 12, 15)

    All Service Pack changes must be submitted to Tumbleweed
    also (“Factory First”)

    View Slide

  37. SLE Development - “Factory First”
    SUSE Linux Enterprise Development follows the “Factory First Policy”

    (Almost) All SLE Code goes to openSUSE Tumbleweed FIRST or in parallel

    Easier Integration of new features for SUSE R&D

    Opportunity for Partners to indirectly contribute to SLE

    More Testing of SLE Code/Patches

    Faster/More Features for SLE Customers

    Less Regressions for SLE Customers

    View Slide

  38. Tumbleweed
    Service
    Packs

    View Slide

  39. SUSE CaaS Platform and openSUSE Kubic

    Kubic is a variant of Tumbleweed, only using code accepted in
    Tumbleweed

    SUSE CaaS Platform is a variant of SUSE Linux Enterprise,
    using either code from SLE or additional code originating from
    Kubic/Tumbleweed

    View Slide

  40. Tumbleweed
    Service
    Packs
    Identical Codebase

    View Slide

  41. TL;DR

    All openSUSE Development starts in Tumbleweed

    All SUSE Development starts in Tumbleweed

    SUSE Linux Enterprise is based on Tumbleweed

    Kubic is a Tumbleweed variant

    CaaSP is a SUSE Linux Enterprise variant, using additional
    software from Kubic

    View Slide

  42. Contribute to Kubic

    View Slide

  43. Testing

    Download Kubic media from
    https://software.opensuse.org/distributions/tumbleweed

    Install on bare metal or VMs

    Report bugs to
    https://bugzilla.opensuse.org

    Product: openSUSE Tumbleweed

    Component: Kubic

    View Slide

  44. VM / Cloud Images

    Work In Progress – kubic-images package in
    https://build.opensuse.org/project/show/devel:CaaSP:images

    Biggest challenge is integration with openQA & Tumbleweed
    Release Process

    Mailinglist – [email protected]

    IRC - #kubic or #opensuse-factory on Freenode

    View Slide

  45. Packaging

    Main Devel Project
    https://build.opensuse.org/project/show/devel:CaaSP:Head:ControllerNode

    Help Wanted Packaging/Maintaining latest versions of kubernetes
    and related tooling

    Mailinglist – [email protected]

    IRC - #kubic on Freenode

    View Slide

  46. Velum & Salt States

    GitHub Repos
    https://github.com/kubic-project/velum
    https://github.com/kubic-project/salt

    Help Wanted updating velum & kubic salt states for latest
    software available in Tumbleweed-Kubic

    IRC - #kubic on Freenode

    View Slide

  47. kubic.opensuse.org

    We’d like to help spread the word of any cool stuff you’re doing
    with, or for, openSUSE Kubic

    Contribute blog articles to
    https://github.com/kubic-project/kubic-o-o

    IRC - #kubic on Freenode

    View Slide

  48. Anything else?

    Whatever you’d like!

    We’re open

    Mailinglist – [email protected]

    IRC - #kubic on Freenode

    View Slide

  49. Join Us at www.opensuse.org

    View Slide

  50. License
    This slide deck is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license.
    It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and any
    derivative work is distributed under the same license.
    Details can be found at https://creativecommons.org/licenses/by-sa/4.0/
    General Disclaimer
    This document is not to be construed as a promise by any participating organisation to develop, deliver, or
    market a product. It is not a commitment to deliver any material, code, or functionality, and should not be
    relied upon in making purchasing decisions. openSUSE makes no representations or warranties with respect
    to the contents of this document, and specifically disclaims any express or implied warranties of
    merchantability or fitness for any particular purpose. The development, release, and timing of features or
    functionality described for openSUSE products remains at the sole discretion of openSUSE. Further,
    openSUSE reserves the right to revise this document and to make changes to its content, at any time,
    without obligation to notify any person or entity of such revisions or changes. All openSUSE marks
    referenced in this presentation are trademarks or registered trademarks of SUSE LLC, in the United States
    and other countries. All third-party trademarks are the property of their respective owners.
    Credits
    Template
    Richard Brown
    [email protected]
    Design & Inspiration
    openSUSE Design Team
    http://opensuse.github.io/branding-
    guidelines/

    View Slide