Docker will be in OpenStack Icehouse

The preferred mechanism orchestrating Docker in OpenStack is via Heat, rather than treating Docker as a form of hypervisor in OpenStack Nova.

Our initial path towards enabling the use of Docker in OpenStack was to create a driver for Docker in OpenStack Compute (Nova), which enabled a Docker container to be used as if it were a virtual machine.

However, the OpenStack conference in Hong Kong, it became clear that there were disadvantages to this approach. For instance, the standard API extensions expect certain VM-specific functionality, not all of which makes sense in a Docker or container context. Furthermore, using Docker as a VM in Nova also makes it difficult to expose some of the more useful Docker functionality, such as linking containers. For these reasons, we have begun to apply Heat as a better alternative.

OpenStack Heat with Nova
OpenStack Heat with Nova (EDIT: OS::Heat::Docker should be DockerInc::Docker::Container)

OpenStack Orchestration (Heat) is a solution for providing orchestration of resources inside OpenStack clouds. It provides compatibility with AWS CloudFormation, allowing users to upload templates describing the system that they would like to deploy.

Using the Heat plugin, users may deploy and manage Docker Containers on top of traditional OpenStack deployments, making it compatible with existing OpenStack clouds. Our plugin for Heat has been accepted into OpenStack and will be in the Icehouse release.

See this example for using Heat to orchestrate Docker:

heat_template_version: 2013-05-23

description: Single compute instance running cirros in a Docker container.

resources:
  my_instance:
    type: OS::Nova::Server
    properties:
      key_name: ewindisch_key
      image: ubuntu-precise
      flavor: m1.large
      user_data: #include https://get.docker.io
  my_docker_container:
    type: DockerInc::Docker::Container
    docker_endpoint: { get_attr: [my_instance, first_address] }
    image: cirros

In the above example, multiple containers may be created and linked together by simply adding more sections like “my_docker_container”. They’re not constrained by the OpenStack APIs and may leverage the full power of the Docker Remote API.

As for the Nova driver, it will be moving out of the Nova tree and into Stackforge. Feedback has been incredibly positive on the driver, but the lack of integration with Cinder and Neutron have been cited as barriers. Having the code live in Stackforge will allow us to more quickly iterate to hone our CI and integrate those features before exploring the re-introduction of an in-tree driver for OpenStack Juno.

7 Responses to “Docker will be in OpenStack Icehouse”

  1. Zane Bitter

    It’s probably worth mentioning that the plugin is in /contrib, so it isn’t installed by default and may not appear in many packages. That said, I’m definitely looking forward to a time when we’ll be able to authenticate to Docker with Keystone so that some version of this plugin can graduate into the main tree.

    Reply
  2. Steven Dake

    In the diagram, the name of the resource should be DockerInc::Docker::Container. The OS::Heat::* namespace is reserved for Heat specific resources. The OS::*::* is reserved for OpenStack specific resources.

    Reply
  3. DOCKER WILL BE IN OPENSTACK ICEHOUSE | ふにゃー ほわっほわん

    […] 原文は、DOCKER WILL BE IN OPENSTACK ICEHOUSEです。 要約すると、 当初OpenStack Compute (Nova)にコンテナを仮想マシンとして提供するべくドライバーを作ってきたのですが、 それをやめてOpenStack Orchestration (Heat)のプラグインとしてすでにICEHOUSEに入れ込まれたとのこと。 Novaの方向性が仮想サーバーに特有の機能を前提にしていることで、 一部でDockerやその他のコンテナでは理にかなっていないものが明らかになってきており、 さらにはDockerのコンテナのリンクといった機能が使えなくなるといったデメリットもあるため、 heatから直接Dockerにアクセスする形態にしたようですね。 […]

    Reply
  4. Dell Open Source Ecosystem Digest #38 - Dell TechCenter - TechCenter - Dell Community

    […] Docker: Docker will be in OpenStack Icehouse The preferred mechanism orchestrating Docker in OpenStack is via Heat, rather than treating Docker as a form of hypervisor in OpenStack Nova. Our initial path towards enabling the use of Docker in OpenStack was to create a driver for Docker in OpenStack Compute (Nova), which enabled a Docker container to be used as if it were a virtual machine. Read more. […]

    Reply
  5. Dell Open Source Ecosystem Digest #38 (englischsprachig) - TechCenter - Blog - TechCenter - Dell Community

    […] Docker: Docker will be in OpenStack Icehouse The preferred mechanism orchestrating Docker in OpenStack is via Heat, rather than treating Docker as a form of hypervisor in OpenStack Nova. Our initial path towards enabling the use of Docker in OpenStack was to create a driver for Docker in OpenStack Compute (Nova), which enabled a Docker container to be used as if it were a virtual machine. Read more. […]

    Reply
  6. Blake Yeager

    In the diagram, where is Docker actually running? Is it running inside an instance already provisioned by Nova? If so does Heat handle the provisioning of that instance, or is the assumption that you already have a server (virtual or physical) with Docker installed somewhere that Heat can connect to?

    Reply
    • Trevor Robets Jr

      Hello Blake,

      Diagram doesn’t make it obvious, but the Heat code shows the VM first being provisioned with Docker installed. Then, the container gets deployed there.

      -Trevor

      Reply

Leave a Reply