CoreOS, a good operating system for your OpenStack controllers
During this article, I am going to explain why I believe that CoreOS is an excellent operation system for your OpenStack controllers.
Since I already introduced CoreOS in the previous article, I will assume that you are already familiar with the basics.
Before we start I would like to warn everyone that currently CoreOS is in Alpha and consequently it’s not production ready. Then, I would not recommend you to put it in production.
CoreOS only cares about applications and simply ships a based and robust Operating system. What I really like about CoreOS is that it ensures a strong consistency between all the servers. Thanks to the read-only file system, packages installed are statics and you only get their updates with the upgrade engine. The real goodness is that no one will log on the server and install crap in it. From an operational perspective, this is crucial.
The main goal is to isolate every single OpenStack APIs process into a container and then expose it through the CoreOS node. For this purpose, Docker is an excellent candidate. In the end, you’ll get one docker container per OpenStack service.
Why is it so good?
Simply because with Docker everything can be versionised. Versions are always good, because they provide a single checkpoint of your infrastructure. Checkpoints that you can replay if needed. As a developer, you might also want to ensure the cross capability of your application on severals deployments. Then, you can test your code against several versions of OpenStack APIs. Moreover, this can be done within your organisation since Docker offers the possibility to use a private registry.
Assuming you already have a Database server running.
See below a simple example for the identity service Keystone.
FROM ubuntu:latest MAINTAINER Sebastien Han <[email protected]> # Repo and packages RUN echo deb http://archive.ubuntu.com/ubuntu precise universe | tee -a /etc/apt/sources.list RUN echo deb http://archive.ubuntu.com/ubuntu precise-updates universe | tee -a /etc/apt/sources.list RUN apt-get update RUN apt-get install -y --force-yes ubuntu-cloud-keyring RUN echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main | tee -a /etc/apt/sources.list.d/grizzly.list RUN apt-get update # Keystone packages RUN apt-get install -y --force-yes python-mysqldb vim-tiny keystone python-keystone
Build the image
$ sudo docker build -t leseb/openstack-keystone .
Log into the image:
$ sudo docker run -i -t -h="keystone" leseb/openstack-keystone /bin/bash
[DEFAULT] admin_token = password debug = True verbose = True [sql] connection = mysql://keystone:[email protected]/keystone
Initialise the database:
[email protected]:/# keystone-manage db_sync
Log out from the image and commit it:
$ sudo docker ps -a | tail -n +2
Eventually run it:
$ sudo docker run -d -p 35357:35357 -p 5000:5000 -h="keystone" leseb/openstack-keystone keystone-all
For any other Openstack service:
- Simply modify the last line of the file with the Openstack service that you want.
- Log into the image (/bin/bash stuff)
- Configure the API
- Commit the new image
- Run the final container