OpenStack and Kubernetes can work well together for telco applications by leveraging their complementary strengths in orchestrating and securing cloud infrastructure. Projects like Airship and Kata Containers are evolving OpenStack support for containers to address challenges in telco clouds. Airship provides a declarative way to introduce OpenStack on Kubernetes for lifecycle management at scale. Kata Containers adds virtualization capabilities to containers to achieve the security of VMs with the speed of containers. Together, these technologies can help telecom providers optimize resource utilization and quickly scale virtual network functions in response to fluctuating mobile data traffic demands.

1. OpenStack and Kubernetes
A match made for Telco Heaven
Trinath Somanchi
SRM University, Chennai, INDIA
21st February 2019

2. What we discuss today?
● Motivation and Objectives
● Containers – A revolution in Cloud
● OpenStack support for Containers – Projects
● OpenStack + Kubernetes – Making the match
● Grooming telco cloud with Open Infra – Airship
● Moving with Speed of Containers and Security of VMs – Kata Containers

3. Motivation
● Mobile data varies greatly during the day
○ VNFs can scale out during the traffic peaks to serve more customers
○ VNFs can be scaled down when traffic amounts are lower

4. Motivation
● Mobile data traffic has increased massively during the past few years
○ According to Cisco, data traffic is still estimated to increase eightfold between 2015 and 2020.
● Telecommunication service providers have shifted towards virtualized network functions (VNF) as
a response to the increased traffic.
○ VNFs are running in virtual machines (VM).
○ Multiple VNFs can be run on the same hardware

5. Containers – A revolution in Cloud
Containers provide a standard way to package your application's
code, configurations, and dependencies into a single object.
Containers share an operating system installed on the server and
run as resource-isolated processes, ensuring quick, reliable, and
consistent deployments, regardless of environment.
Containers are created using two kernel
features:
Linux namespaces - Provide isolated
filesystem, pid number space, network etc.
Cgroups - Provide hardware resource
control for process groups - It is possible to
limit for example CPU and memory usage
of containers

6. Containers – Benefits
Run Any where
• Containers
package your
code with the
configuration files
and
dependencies it
needs to
consistently run in
any environment.
Improve resource
utilization
• Containers
provide process
isolation that lets
you granularly set
CPU and memory
utilization for
better use of
compute
resources.
Scale quickly
• Each container
runs as a
separate process
that shares the
resources of the
underlying
operating system.
This enables
containers to start
and stop quickly.

7. Containers – How they Work

8. Containers – What more we get ?
Microservices
• Containers provide
process isolation
that makes it easy
to break apart and
run applications as
independent
components called
microservices.
Batch
Processing
• Package batch
processing and ETL
jobs into containers
to start jobs quickly
and scale them
dynamically in
response to
demand.
Machine
learning
• Use containers to
quickly scale
machine learning
models for training
and inference and
run them close to
your data sources
on any platform.
Hybrid
applications
• Containers let you
standardize how
code is deployed,
making it easy to
build workflows for
applications that run
between on-
premises and cloud
environments.
Application
migration to the
cloud
• Containers make it
easy to package
entire applications
and move them to
the cloud without
needing to make
any code changes.
Platform as a
service
• Use containers to
build platforms that
remove the need for
developers to
manage
infrastructure and
standardize how
your applications
are deployed and
managed.

9. Containers in Telco Clouds
● Fran Heeran, network virtualization head of Vodafone acknowledged that containers enabled 40% improvement in resource
utilization as compared to virtual machines. ref
● Comcast, an USA’s global telecommunications conglomerate achieved time saving by their developers and administrators by
cleanly separating applications from the underlying infrastructure allowed application to execute changes to infrastructure
without need of altering applications. Containers allowed Comcast to track as code all changes, deployments, and versions of the
system, making the way to automating deployment processes. ref
● Andre Fuetsch, president & CTO of AT & T labs said that containers are really important to them and going to implement into
operations. He said containers are not just used for core network or implement for software development but it will be extending
to edge of the network to customer premises. Andre did not disclose the implementation details but said that with containers
strategy AT & T will be achieving agility, reliability and redundancy in network operations. ref
● A prominent use case for application of containers in telecom is, Metaswitch’s Clearwater IMS (IP Multimedia Services)core
implementation. They demonstrated deployment of VNFs in a VoLTE deployment running on Docker. ref
● Metaswitch participated with Telenor research for proof of concept (PoC) based on evaluating containers for mobile core
network. ref

10. OpenStack Support for Containers

11. OpenStack Support for Containers

12. OpenStack with Kubernetes – Making the Match

13. Containers in Telco Cloud with Open Infra
● Project: AIRSHIP
● Airship, a New Open Infrastructure Project for OpenStack, is Delivering a Unified, Declarative and
Cloud-Native Way for Operators to Manage Containerized Software Delivery of Cloud
Infrastructure Services
● Built on the foundation laid by the OpenStack-Helm project launched in 2017.
● The initial focus of this project is the implementation of a declarative platform to introduce
OpenStack on Kubernetes (OOK), and the lifecycle management of the resulting cloud, with the
scale, speed, resiliency, flexibility and operational predictability demanded of Network Clouds.

14. Airship – Architecture Overview

15. Airship – Sub Projects
Treasure Map - is the documentation project that outlines a
reference architecture for automated cloud provisioning and
management, leveraging the Airship interoperable open-source
tools.
Shipyard - is the directed acyclic graph controller for Kubernetes
and OpenStack control plane life cycle management, and a
component of the Undercloud Platform (UCP).
Drydock - is a python REST orchestrator to translate a YAML
host topology to a provisioned set of hosts and provide a set of
post-provisioning instructions.
Divingbell - is a lightweight solution for 1) Bare metal
configuration management for a few very targeted use cases and
2) Bare metal package manager orchestration
Deckhand - is a storage service for YAML-based configuration
documents, which are managed through version control and
automatically validated. Deckhand provides users with a variety
of different document types that describe complex configurations
using the features listed below.
Armada - is a tool for managing multiple Helm
charts with dependencies by centralizing all
configurations in a single Armada YAML and
providing life-cycle hooks for all Helm releases.
Note: Armada is an enhancement to the helm
client. Still using the helm tiller service, we deploy
multiple charts with data-driven yamls.
Berth - is a deliberately minimalist VM runner for
Kubernetes.
Promenade - is a tool for bootstrapping a resilient
Docker, and Kubernetes cluster and managing its
life-cycle via Helm charts.
Pegleg - Pegleg is a document aggregator that
provides early linting and validations via
Deckhand for documents that can be consumed
by Airship.

16. Using AIRSHIP – What it means ‘Declarative’
O
S
H
OSH
LOGGING
MONITORING
ALARMING
AIRSHIPCNICALICO–DNS-
NTPSDSCEPH
SWITCH FABRIC
Host
OS
NUMA
NIC NIC NIC
NUMA
CORE CORE CORE CORE CORE CORE
VF(s)VF(s)VF(s)
Kubernetes
File System /
Partitions
File System /
Partitions
Docker Kubelet
k8s api etcd
K8s proxy
k8s scheduler
k8s controller
ceph mon ceph rgwceph rbd
ceph mgr cephfs ceph osd
core dns ntpd
calico node calico etcd
IAM
shipyard
deckhand drydock armada
promenade divingbell
fluentd kibana elasticsrch collector
prometheus grafana exporter alert mgr.
ingress mariadb keystone nova
horizon cinder memcached etcd
glance rabbitmq neutron libvirt
swift Nova compute openvswitch
Hardware
lnfo
Baremetal
Network
Network
Link
Host
ProfilePromenad
e
Chart’s
Kubernete
s
Chart
SDS
(Ceph)
Chart
CNI(Calico
)
Chart
Coredns
Chartntpd
Chart
IAM
(Keystone)
ChartShipyard
ChartDeckhand
ChartDrydock
Chart
Armada
ChartPromenad
e
Chart
DivingBell
Chart
Fluentd
ChartKibana
ChartElasticSear
ch
Chart
Fluentd
Collector
Chart
Prometheu
s
ChartGrafana
ChartKube
Exporter
Chart
Node
Exporter
Chart
AlertMgr
Chart
Ingress
Chartmariadb
Chartkeystone
Chartnova
Charthorizon
Chartcinder
Chartmemcache
d
Chart
etcd
Chartswift
Chartglance
Chartneutron
Chartrabbitmq
ChartNova
compute
ChartOpenvswit
ch
Chart

17. Airship – How to get started ?
● WHERE TO GO
Visit https://airshipit.org
● TRY IT OUT
https://github.com/openstack/airship-in-a-bottle

18. Kata Containers – What it is ?
● A container runtime, like runC
● Built w/ virtualization tech, like VM
● Initiated by hyper.sh and Intel®
● Hosted by OpenStack Foundation
● Contributed by Huawei, Google, MSFT, etc.
Kata Containers are Virtualized Containers

19. Traditional Containers Traditional Containers in a VM

20. Kata Containers – What it is ?

21. Container Ecosystem and Seamless integration

22. Kata - With K8S

23. Play & Contribute
● Sources: https://github.com/kata-containers/runtime
● Get started: https://github.com/kata-containers/documentation/blob/master/Developer-
Guide.md
● Slack: katacontainers.slack.com
● IRC: #kata-dev@freenode
● Mailing list: kata-dev@lists.katacontainers.io

24. A Match for Telco Heaven
● OpenStack and Kubernetes – Complement each other with their benefits to orchestrate and
secure Cloud infrastructure.
● Open Infrastructure initiative from OpenStack Foundation focuses on strengthening the
Orchestration and Security for Telco Clouds.
● Airship and Kata Containers are evolving to solve Telco Cloud challenges.

25. References
● Kata Containers: The way to run virtualized containers
● Airship: making lifecycle management for open infrastructure repeatable and predictable.
● Vendorizing your Containers with Kolla
● Build Your Serverless Container Cloud with OpenStack and Kubernetes
● Running Stateful Applications in Containers with K8S Persistent Volumes and StatefulSets
● https://hypercontainer.io/
● Kata Containers – An Introduction

26. Doubts !!
Questions !!

27. That’s all folks !