Atomic Bonds: openSUSE Kubic & SUSE CaaSP

Atomic Bonds: openSUSE Kubic & SUSE CaaSP

openSUSE & SUSE exploring the container world

The Kubic Project is an exciting new part of the openSUSE family. This talk will provide a brief introduction of the Project and how it focuses on container technologies such as the Docker & Podman runtimes, Kubernetes, Transactional (Atomic) Operating System updates, and much more.

The session will then go into detail how Kubic provides the base for SUSE's Container as a Service Platform (CaaSP), explaining how Kubic serves a similar role to that product as Tumbleweed does to SUSE Linux Enterprise, and explaining the relationship between CaaSP versions, SLE versions, and Tumbleweed.

Finally, this presentation will be an opportunity for those interested in Kubic to learn ways they can get involved with the project and contribute, regardless if their interest is containers, orchestration, testing, or atomic system updates.

C4d991702dcb0afa2b2afd8464be7f66?s=128

Richard Brown

May 25, 2018
Tweet

Transcript

  1. Richard Brown Linux Distribution Engineer rbrown@opensuse.org Atomic Bonds openSUSE Kubic

    & SUSE CaaS Platform exploring the container world Alex Herzig Project Manager aherzig@suse.com
  2. None
  3. None
  4. None
  5. None
  6. None
  7. None
  8. 100101010101000101010101111000 0101010101110101010001010101010 01010101110101010101001010101010 01010000101010101010101110101010 00100101010101010101010001010101 00101010101011110101010101010101 11101010101010101010101010101010

  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. SUSEs CaaS Platform

  16. 18 Stack Overview View of the whole SUSE CaaS Platform

    stack with a use case of running Cloud Native Applications. Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  17. 19 Physical Infrastructure SUSE CaaS Platform can directly run on

    x86_64 bare metal architecture… • Physical servers • Desktop computers • Small Format Factor PCs run and develop a cluster on your desk Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  18. 20 Virtual Infrastructure … but also on virtual environments: •

    VMWare, Hyper-V, KVM, XEN, • Private Clouds: SUSE OpenStack Cloud • Public Clouds: AWS, Azure, Google Cloud Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  19. 21 Operating System SUSE CaaSP Platform brings its own special

    purpose container host operating system SUSE MicroOS based on SLES 12 SP3, it covers: • Installation • Configuration • Transactional Updates • Installing 3rd party tools for e.g. monitoring • Debugging Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  20. 22 Container Execution A layer that handles the whole landscape

    of containers. • Container run-times from the Docker project or cri-o as tech preview • Container registries: SUSE Registry (registry.suse.com), ISC registries, onsite registries and proxy registries Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  21. 23 Kubernetes Kubernetes, the most popular Container-Cluster-/Orchestratio n solution, is

    integrated in the stack: • K8s comes already installed and configured for your cluster • There are quarterly updates of Kubernetes Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  22. 24 Container Scheduling The scheduler is making sure that: •

    Services are (almost) always running • Provides fault tolerance and high availability • Makes sure that the desired state of a service is (almost) always fulfilled, automatically. Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  23. 25 Container Orchestration The Container Orchestration gives you: • More

    control over the containers running on your infrastructure • Containers can be labeled, grouped and can be given their own subnet. Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  24. 26 Layer6 Container Orchestration Cluster Management Velum is the SUSE

    own dashboard that manages your SUSE CaaS Platform cluster, using Salt. You will be able to: • Bootstrap a Kubernetes cluster with a simple click • Manage your K8s cluster: • Adding nodes • Removing nodes • Monitor faulty nodes • Setup an update policy that suits your needs Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  25. 27 Application Ecosystem This is an optional layer that makes

    it more easily to run applications by: • PaaS: SUSE Cloud Application Platform • Serverless / Function-as-a- Service Frameworks • Observability / Analysis (prometheus) • Service Management Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  26. 28 Cloud Native Applications Running workloads as Cloud Native Applications

    that are: • Operational: Expose control of application/system life cycle • Observable: Provide meaningful signals for observing state, health, and performance. • Elastic: Grow and shrink to fit in available resources and to meet fluctuating demand. • Resilient: Fast automatic recovery from failures. • Agile: Fast deployment, iteration, and reconfiguration. Layer1 Physical Infrastructure Layer2 Virtual Infrastructure Layer3 Operating System Layer4 Container Engine Layer5 Container Scheduling Layer6 Container Orchestration Layer8 Application Ecosystem Layer9 Cloud Native Applications Layer7 Cluster Management Velum
  27. Into the future with Kubic

  28. Kubic Project • Founded in May 2017 • Sub-Project of

    the openSUSE Project • Focused on Container Technologies incl: – MicroOS, Tumbleweed-based Cluster Host OS – Velum, Kubernetes Cluster Bootstrapper & MicroOS Cluster Dashboard • Upstream of SUSE Container as a Service Platform
  29. None
  30. Similar but different • Independent from SUSE CaaS Platform •

    Based on openSUSE Tumbleweed • Targeting the latest upstream container tech – Kubeadm cluster bootstrapper – Podman/CRI-O alternative container runtime – Transactional Operating System Updates – Highly customisable installation routine
  31. Similar but different • Independent from SUSE CaaS Platform •

    Based on openSUSE Tumbleweed • Targeting the latest upstream container tech – Whatever our community want to explore For more come to Paul Gonins talk Main Hall 1245 Sunday
  32. “I NEVER want to touch a running system” - Every

    SysAdmin, ever
  33. What is a Transactional Update? An Update that: • Is

    Atomic – Either fully applied, or not at all – Update does not influence the running system • Can be rolled back – A failed or incompatible update can be quickly discarded to restore the previous system conditions
  34. Transactional Updates • Originally designed for MicroOS • Core feature

    in Kubic & SUSE CaaS Platform • Contributed to Leap 15 and Tumbleweed – Install with “Transactional Server” System Role For more come to Ignaz Forsters talk This Room 1500 Tomorrow
  35. Developing Together

  36. Tumbleweed – The *SUSE “Factory” • openSUSE Tumbleweed provides an

    always working, fast moving codebase for software development • Tumbleweed provides the base system for all SUSE Linux Enterprise Major Releases (eg. SLE 12, 15) • All Service Pack changes must be submitted to Tumbleweed also (“Factory First”)
  37. SLE Development - “Factory First” SUSE Linux Enterprise Development follows

    the “Factory First Policy” • (Almost) All SLE Code goes to openSUSE Tumbleweed FIRST or in parallel • Easier Integration of new features for SUSE R&D • Opportunity for Partners to indirectly contribute to SLE • More Testing of SLE Code/Patches • Faster/More Features for SLE Customers • Less Regressions for SLE Customers
  38. Tumbleweed Service Packs

  39. SUSE CaaS Platform and openSUSE Kubic • Kubic is a

    variant of Tumbleweed, only using code accepted in Tumbleweed • SUSE CaaS Platform is a variant of SUSE Linux Enterprise, using either code from SLE or additional code originating from Kubic/Tumbleweed
  40. Tumbleweed Service Packs Identical Codebase

  41. TL;DR • All openSUSE Development starts in Tumbleweed • All

    SUSE Development starts in Tumbleweed • SUSE Linux Enterprise is based on Tumbleweed • Kubic is a Tumbleweed variant • CaaSP is a SUSE Linux Enterprise variant, using additional software from Kubic
  42. Contribute to Kubic

  43. Testing • Download Kubic media from https://software.opensuse.org/distributions/tumbleweed • Install on

    bare metal or VMs • Report bugs to https://bugzilla.opensuse.org • Product: openSUSE Tumbleweed • Component: Kubic
  44. VM / Cloud Images • Work In Progress – kubic-images

    package in https://build.opensuse.org/project/show/devel:CaaSP:images • Biggest challenge is integration with openQA & Tumbleweed Release Process • Mailinglist – opensuse-factory@opensuse.org • IRC - #kubic or #opensuse-factory on Freenode
  45. Packaging • Main Devel Project https://build.opensuse.org/project/show/devel:CaaSP:Head:ControllerNode • Help Wanted Packaging/Maintaining

    latest versions of kubernetes and related tooling • Mailinglist – opensuse-factory@opensuse.org • IRC - #kubic on Freenode
  46. Velum & Salt States • GitHub Repos https://github.com/kubic-project/velum https://github.com/kubic-project/salt •

    Help Wanted updating velum & kubic salt states for latest software available in Tumbleweed-Kubic • IRC - #kubic on Freenode
  47. kubic.opensuse.org • We’d like to help spread the word of

    any cool stuff you’re doing with, or for, openSUSE Kubic • Contribute blog articles to https://github.com/kubic-project/kubic-o-o • IRC - #kubic on Freenode
  48. Anything else? • Whatever you’d like! • We’re open •

    Mailinglist – opensuse-factory@opensuse.org • IRC - #kubic on Freenode
  49. Join Us at www.opensuse.org

  50. License This slide deck is licensed under the Creative Commons

    Attribution-ShareAlike 4.0 International license. It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and any derivative work is distributed under the same license. Details can be found at https://creativecommons.org/licenses/by-sa/4.0/ General Disclaimer This document is not to be construed as a promise by any participating organisation to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. openSUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for openSUSE products remains at the sole discretion of openSUSE. Further, openSUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All openSUSE marks referenced in this presentation are trademarks or registered trademarks of SUSE LLC, in the United States and other countries. All third-party trademarks are the property of their respective owners. Credits Template Richard Brown rbrown@opensuse.org Design & Inspiration openSUSE Design Team http://opensuse.github.io/branding- guidelines/