Video recording: https://www.youtube.com/watch?v=tGlIgUeoGz8
It’s no news that containers represent a portable unit of deployment, and OpenStack has proven an ideal environment for running container workloads. However, where it usually becomes more complex is that many times an application is often built out of multiple containers. What’s more, setting up a cluster of container images can be fairly cumbersome because you need to make one container aware of another and expose intimate details that are required for them to communicate which is not trivial especially if they’re not on the same host.
These scenarios have instigated the demand for some kind of orchestrator. The list of container orchestrators is growing fairly fast. This session will compare the different orchestation projects out there - from Heat to Kubernetes to TOSCA - and help you choose the right tool for the job.
Session link from teh summit: https://openstacksummitmay2015vancouver.sched.org/event/abd484e0dedcb9774edda1548ad47518#.VV5eh5NViko
3. Agenda
• Orchestration 101..
• Different approaches for orchestration
• Method of comparison
• Comparison
• Synergies
• Summary - which tool to choose?
5. Orchestration 101
• Common Characteristics
– Use DSL to define blueprint
– Execute a process based on
input from the blueprint
– Pass context information
between the deployed entities
• Different assumptions lead to
different approaches
– Application Architecture
– Infrastructure
– Scope of automation
6. Goals of this Exercise
Explore the
different
approaches to
orchestration
Infrastructure
Centric
Pure Play
Container
Centric
7. Method of Comparison
• Same Application Requirements
• Full Production Deployment
• Broken into three main groups
– Container Centric – Kubernetes,
Docker
– Pure Play –Cloudify/TOSCA,
Terraform,
–Infrastructure Centric - Heat
• Out of scope*
– PaaS, Configuration
Management (e.g Chef, Puppet,
Ansible,..)
– Covering all orchestrations
solutions
– Deep Dive into each
orchestration technology
9. Orchestration Process - Setup
VM
VM VM
VM
VM
VM
Load Balancer
VM
VM
VM
VM
VM
VM
VM
VM
VM
Create network and
compute resources:
VMs, security group,
network, subnet,
routers, LB pool
1
10. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Install Mongo and
Node Binaries
2
11. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Start mongod
processes
Start mongod
processes
Start mongod
processes
3
12. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Start mongo-cfg
proecesses
Start mongo-cfg
proecesses
Start mongo-cfg
processes
4
13. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Start mongos
processes,
pointing to config
servers
Start mongos
processes,
pointing to config
servers
Start mongos
processes, pointing
to mongo-cfg
servers
5
14. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Pick one mongos and
initialize replica set
Pick one mongos and
initialize replica set
Pick one VM per shard
and initialize replica set
6
15. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Pick one mongos and add
shards, one at a time
7
16. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Pick one mongos and
initialize data in mongodb
8
17. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Start nodejs
processes
Start nodejs
processes
Start nodejs
processes
9
18. Orchestration Process - Setup
VM
mongod
VM
NodeJS
mongos
VM
NodeJS
mongos
VM
Mongo-cfg
VM
Mongo-cfg
VM
Mongo-cfg
Load Balancer
VM
NodeJS
mongos
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod VM
mongod
VM
mongod
VM
mongod
Add nodejs VMs
to LB pool
10
19. Orchestrating in Production
• Monitoring and log collection
• Manual/Auto healing
• Manual/Auto scaling
• Maintenance:
– Backup and restore
– Continuous deployment
– Infrastructure upgrades and patches
22. Quick Overview of Docker Swarm
A Docker-native clustering system
• Use a pool of hosts through a single swarm
master endpoint
• Placement constraints, affinity/anti-affinity
docker run
-name rs1
-e affinity:container!=rs*
...
24. Solution Overview - Deploy - Create
Replica Sets
for i in 1..{number_of_replica_sets}
for j in 1..{number_of_nodes_for_replica_set}
docker run
-name rs{i}_srv{j}
-e affinity:container!=rs*
-e affinity:container!=cfg*
-e constraint:daemon==mongodb
-d example/mongodb
--replSet rs{i}
Then, SSH into one host per replica set to
configure it.
25. Solution Overview - Deploy - Start
Node.js application containers
Make sure you inject all mongos endpoints for
the application.
for i in 1..{number_of_nodejs_servers}
docker run
-P -name nodejs{i}_v1
-e constraint:daemon==nodejs
-e affinity:container!=nodejs*
-e MONGO_HOSTS=<LIST_OF_MONGOS_IPs>
-d example/nodejs_v1
nodejs server.js
26. Solution Overview - Deploy -
Reconfigure HAProxy
Extract Node.js container IPs using docker
inspect and then:
for i in 1..{number_of_nodejs_servers}
docker exec haproxy1
reconfigure.sh
--add=<IP_of_nodejs{i}:port>
27. Solution Overview - Mongodb scale
out
Identical to the process of deploying the initial
mongodb shards, mongodb will take care of
migrating data to the new shard
28. Docker Swarm - Pros and Cons
Pros
● Easy modeling
● Placement/Affinity
Cons
● Basic infrastructure
handling
● Manual handling
multiple instances
● “Manual” workflow
● Requires other tools
for production
aspects - monitoring,
healing, scaling
30. Quick Overview to Kubernetes
Container cluster manager
• Pods: tightly coupled group of containers
• Replication controller: ensures that a
specified number of pod "replicas" are
running at any one time.
• Networking: Each pod gets its own IP address
• Service: Load balanced endpoint for a set of
pods
35. Solution Overview - Deploy - Create
Data nodes
for i in 1..{number_of_replica_sets}
kubectl create -f
mongod-rs{i}-controller.yaml
# Now configure each replicate set
# by picking pod to be the initial “master”
# of each replica set and extract all
# containers IPs using “kubectl get -l ...”
# dynamically update replica set
# members (this will kick of this process)
kubectl create -f mongod-rs{i}-service.yaml
36. Solution Overview - Node.js Heal
Failing pods are identified by kubernetes and
are automatically rescheduled
37. Solution Overview - Node.js
continuous deployment
# initially configured with 0 replicas
kubectl create -f nodejs-v{new_version}-controller.yaml
for i in 1..{number_of_nodejs_replicas}
kubectl resize rc nodejs_v{new_version}
--current-replicas={i - 1}
--replicas={i}
# smoke test and rollback everything if testing failed
kubectl resize rc nodejs_v{previous_version}
--current-replicas={number_of_nodejs_replicas - i + 1}
--replicas={number_of_nodejs_replicas - i}
38. Kubernetes - Pros and Cons
Pros
● (almost) zero configuration autoheal
● Out of the box load balancer
● Simple scaling
Cons
● No placement (yet)
● Not simple to manage stateful services
40. Introduction to Terraform
• By Hashicorp
• Simple (in a good way) command
line tool
– Resources
– Providers and provisioners
– Modules
– Variables and outputs
42. Sample Configuration
#
# Create a Network
#
resource "openstack_networking_network_v2" "tf_network" {
region = ""
name = "tf_network"
admin_state_up = "true"
}
#
# Create a subnet in our new network
# Notice here we use a TF variable for the name of our network above.
#
resource "openstack_networking_subnet_v2" "tf_net_sub1" {
region = ""
network_id = "${openstack_networking_network_v2.tf_network.id}"
cidr = "192.168.1.0/24"
ip_version = 4
}
44. Solution Overview
• Single top level configuration file
• Creates: Network, subnet, router, floating IP,
security groups, VMs, LBaaS pool
• TF module to model a mongodb shard
– No easy way to specify "I want X occurrences of this
module"
– Just copy and paste...
45. Master Assignment & Registration of Shards
• Issue - no "cluster wide" way of invoking
provisioners
– Needed for configuring shard masters and adding
shards to the cluster
• Option 1: use Consul
– e.g. first instance acquires a lock and waits for other
to join
• Option 2: Static allocation in the
configuration
• Option 3: local-exec with locks
46. Terraform - Pros and Cons
Pros
● Infrastructure &
Framework neutrality
● Solid support for
OpenStack
● Simple and elegant
● Present plan before
applying
● Support for incremental
updates
Cons
● Configurations are not
portable across cloud
providers
● Hard to model non-
infrastructure
components
● Everything is done in the
context of a single
resource instance
48. What is TOSCA?
TOSCA defines the
interoperable
description of
applications; including
their components,
relationships,
dependencies,
requirements, and
capabilities….
49. Cloudify – Open Source
Implementation of TOSCA
Provision
ConfigureMonitor
Manage
Infrastructure
Can be used as a
command line tool or
as a managed service
Plugins
CM
Monitoring &
Alarming
50. Cloudify – Open Source
Implementation of TOSCA
Provision
ConfigureMonitor
Manage
Monitoring &
Alarming
Infrastructure
Can be used as a
command line tool or
as a managed service
Plugins
CM
51. Hosted
On
Software
ComponentContainer
(Docker Runtime
Capability)
Containee
(Docker Runtime
Requirement)
Requirements
Capabilities
# NOT YET IN TOSCA SPEC. TO BE INVENTED…
repositories:
docker_hub:
url: xxx
credentials: yyy
node_templates:
docker_webserver:
type: tosca.nodes.Container
requirements:
- host:
# omitted for brevity
artifacts:
- my_image: < URI of Docker Image in Repo. >
type: tosca.artifacts.impl.Docker.Image:
repository: docker_repo
Container
Container
Docker
Rocket
…
artifact_types:
tosca.artifacts.impl.Docker.Image:
derived_from: tosca.artifacts.Root
description: Docker Image TAR
mime_type: TBD
file_ext: [ tar ]
Docker Hub
(Repo.)
• URI of DockerImage
• Relative to Repo.
Artifacts
• Docker
Image
• .TAR)
Containers Portability in TOSCA
Source: Vmware Proposal
52. Solution Overview
Mongod-shard
Mongo replica-
set
Output:
Mogoconfig hosts
Shards endpoint
Subsitutable
*Scalable *Scalable
Input:
#config instances
#Shards
#Replica set per shard
Input:
#nodeJS instances
mongodb deployment id or
MongoConfig
Mogo Shards
Output:
App EndPoint = Load-Balancer
IP/path
Mongo
cfg
*Scalable
Initialization
Initialization
Load Balancer
NodeJS
MongoS
*Scalable
*Scalable
58. Create Load Balancer
haproxy:
type: tosca.nodes.Proxy
properties:
frontend_port: 80
statistics_port: 9000
backend_app_port: { get_property: [ nodecellar, port ] }
requirements:
- host:
node: haproxy_frontend_host
- member:
node: nodecellar_container
Get the web containers
through relationship and
update the load balancer
accordingly
59. Handling Post Deployment through
Workflow & Policies
● Cloudify Workflows
● Built in workflows
o Install
o Uninstall
o Heal
o Scale
● Discovery through graph navigation
● Remote/Local execution
Script execution in python with context to
the deployment graph
cfy executions start -w install ...
60. Summary TOSCA/Cloudify
Pros
● Infrastructure &
Framework neutrality
● Complete Life Cycle
Management
● Handles Infrastructure &
Software
● Production Orchestration*
o Monitoring
o Workflow
o Policies
o Logging
*Implementation specific
Cons
● The spec is still evolving
● Cloudify isn’t 100%
complaint yet
● Limited set of tooling
61. Series 3: Infrastructure Centric
• Overview of Heat
• Orchestrating NodeJS/MongoDB with Heat
• Summary – Benefits/ Limitations
62. What is Heat?
Heat provides a
mechanism for
orchestrating
OpenStack resources
through the use of
modular templates.
70. Summary
Pros
● Native To OpenStack
● Built-in mapping of all
the OpenStack
infrastructure resource
types
Cons
● Limited to OpenStack
● Software configuration is
limited
● Lack of built-in workflow
● Production orchestration
is limited
o Requires integration
with other tools/
projects