OpenStack-Docker: How to manage your Linux Containers with Nova

This project is open-source and available at: https://github.com/dotcloud/openstack-docker.

What is OpenStack?

OpenStack is a collection of open source technologies that provides massively scalable cloud computing software. OpenStack can be used by corporations, service providers, VARS, SMBs, researchers, and global data centers looking to deploy large-scale cloud deployments for private or public clouds. [1]

What is Nova (OpenStack Compute)?

OpenStack Compute gives you a tool to orchestrate a cloud, including running instances, managing networks, and controlling access to the cloud through users and projects. The underlying open source project’s name is Nova, and it provides the software that can control an Infrastructure as a Service (IaaS) cloud computing platform.

It is similar in scope to Amazon EC2 and Rackspace Cloud Servers. OpenStack Compute does not include any virtualization software; rather it defines drivers that interact with underlying virtualization mechanisms that run on your host operating system, and exposes functionality over a web-based API. [2]

What is Docker?

Docker is an open-source engine which automates the deployment of applications as highly portable, self-sufficient containers which are independent of hardware, language, framework, packaging system and hosting provider. [3]

Why is Docker useful behind Nova?

The Linux Containers deployed with Docker have multiple advantages over the “normal” virtual machines usually deployed by Nova. Those advantages are speed, efficiency, and portability. A Linux Container is a group of processes isolated from the rest of the system. From the inside, a Linux Container “looks like” a virtual machine, with its own resources (network interface, routing tables…), except that it doesn’t need the heavy machinery required by virtual machines to expose or emulate I/O devices or hardware components. This means that containers are much faster to boot, have less memory and CPU overhead, while retaining the ability to “run anywhere” like a virtual machine. The only requirement is to run Linux, since containers share the kernel of their host.

This better efficiency means that instead of booting a VM in a few seconds, in can spawn multiple containers in milliseconds. Instead of worrying about the storage used by your VMs, you can store hundreds or thousands of containers on a typical host. Last but not least, you don’t have to worry anymore about compatibility between KVM, Xen, VMWare, VirtualBox, or installing “guest additions”: Docker containers work exactly the same way on (and are portable across) any x64 machine (virtualized or not). The only requirement is a fairly modern Linux Kernel (like 3.8).

OpenStack is already a very good environment to automate the deployment of distributed systems, like large-scale web deployments, database clusters, continuous deployment systems, private PaaS, service-oriented architectures… Containers make it even more cost effective and easier.

And since Nova is fully integrated with the other OpenStack components, you can manage Linux Containers without having to know anything about Docker or LXC. For instance, you can use the Horizon web interface to deploy a cluster of containers.

Demo time!

This demo has been made through a fresh install of DevStack[5].

Let’s create a container that displays the date every 10 seconds.

docker-nova-1

You can use the “Post-Creation” tab (basically the user-data of the instance) to provide a script to run when the instance starts. If you leave it empty, it will execute a bash shell (this also prevents the container from exiting immediately after being started). It is not mandatory, but at some point, you will probably want to spawn an SSH server.

docker-nova-2

The container is now running and is seen by Nova as a normal VM, the only difference is that it reached the “RUNNING” state in just a split second!

The running container has an IP assigned by Quantum[6] and configured into the container by the driver.

docker-nova-3

You can also access the Console to verify that the date has been correctly written every 10 seconds as expected by our script.

docker-nova-4

Using the CLI?

Let’s use Nova’s CLI to check that the container is running correctly:

docker-nova-5

You can also use Glance’s CLI to see the images available on Docker:

docker-nova-6

By default, this list will only contain Docker images from the basic library. But adding other images is very easy. Let’s say I want to use an Apache image. The following command will let me add any image available on Docker’s Index[7]:

docker-nova-7

This command communicates with Docker to search all images in the Docker index matching the string “apache”. Each match found will show up as a Glance image:

docker-nova-8

Those images can, in turn, be used by Nova to spawn new containers. Let’s do the same thing as before, but using the CLI for a change:

docker-nova-9

How does it work under the hood?

Even though Docker is typically used through its CLI, the Docker daemon also provides a REST API to use it programmatically. The Nova driver is written in Python and talks to Docker using a simple HTTP library.

The following chart explain how Nova is using Docker through the driver:

docker-nova-10

Need help?

You can find us there:

References

About Sam Alba

sam

As dotCloud’s first engineering hire, Sam was part of the tiny team that shipped our first private beta in 2010. Since then, he has been instrumental in scaling the platform to tens of millions of unique visitors for tens of thousands of developers across the world, leaving his mark on every major feature and component along the way. Today, as dotCloud’s first director of engineering, he manages our fast-growing engineering team, which is another way to say he sits in meetings so that other engineers don’t have to. When not sitting in a meeting, he maintains several popular open-source projects, including Hipache and Cirruxcache and other projects also ending in “-ache”. In a previous life, Sam supported Fortune 500s at Akamai, built the web infrastructure at several startups, and wrote software for self-driving cars in a research lab at INRIA.

Connect with Sam on Twitter! @sam_alba

7 Responses to “OpenStack-Docker: How to manage your Linux Containers with Nova”

  1. Daniel Garcia

    Are there any plans to modify the existing scheduler to account for the docker backend? http://docs.openstack.org/developer/nova/devref/filter_scheduler.html#costs-and-weights

    Reply
  2. OpenStack Community Weekly Newsletter (May 31 – June 7) » The OpenStack Blog

    [...] OpenStack-Docker: How to manage your Linux Containers with Nova [...]

    Reply
  3. Brad Dickinson | OpenStack Community Weekly Newsletter (May 31 – June 7)

    [...] OpenStack-Docker: How to manage your Linux Containers with Nova [...]

    Reply
  4. Lorin Hochstein

    What are the advantages of using OpenStack-Docker over using OpenStack with the libvirt backend and LXC as the hypervisor?

    Reply
    • Sam Alba

      The advantages are around Docker itself. It would be the same as asking “what’s the advantage of Docker in place of standalone LXC”. In my opinion, Docker has 2 main assets that LXC does not have: a centralized image system to quickly run commands on any kind of containers even if you don’t have them locally (https://index.docker.io). Then a filesystem layers mechanism (currently using aufs) which enables to run diffs, commit changesets, etc…

      Reply
  5. Links & reads for 2013 Week 23 | Martin's Weekly Curations

    [...] OpenStack-Docker: How to manage your Linux Containers with Nova [...]

    Reply

Leave a Reply